Publicité
Publicité
Format du document : text/plain
Prévisualisation
# AdwCleaner v6.044 - Logfile created 27/03/2017 at 15:59:48
# Updated on 28/02/2017 by Malwarebytes
# Database : 2017-03-27.1 [Server]
# Operating System : Windows 10 Home (X64)
# Username : J.P Meusureux - JPMEUSUREUX-PC
# Running from : C:\Users\J.P Meusureux\Downloads\adwcleaner_6.044.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder deleted: C:\Program Files\ByteFence
[-] Folder deleted: C:\ProgramData\ByteFence
[#] Folder deleted on reboot: C:\ProgramData\Application Data\ByteFence
[-] Folder deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot
[-] Folder deleted: C:\Users\J.P Meusureux\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl
[-] Folder deleted: C:\Users\J.P Meusureux\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gobbnicjoijcfndfmmfjnfgldgcnjibl
***** [ Files ] *****
[-] File deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
[-] File deleted: C:\Users\J.P Meusureux\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gobbnicjoijcfndfmmfjnfgldgcnjibl_0.localstorage
[-] File deleted: C:\Users\J.P Meusureux\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gobbnicjoijcfndfmmfjnfgldgcnjibl_0.localstorage-journal
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled Tasks ] *****
[-] Task deleted: ByteFence
***** [ Registry ] *****
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WindowService
[#] Key deleted on reboot: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WindowService
[-] Key deleted: HKU\.DEFAULT\Software\xvb`lj
[-] Key deleted: HKU\S-1-5-21-4140145555-2342484209-1620211677-1000\Software\SwytShop
[-] Key deleted: HKU\S-1-5-21-4140145555-2342484209-1620211677-1000\Software\C84E
[-] Key deleted: HKU\S-1-5-21-4140145555-2342484209-1620211677-1000\Software\Genius
[#] Key deleted on reboot: HKU\S-1-5-18\Software\xvb`lj
[#] Key deleted on reboot: HKCU\Software\SwytShop
[#] Key deleted on reboot: HKCU\Software\C84E
[#] Key deleted on reboot: HKCU\Software\Genius
[-] Key deleted: HKLM\SOFTWARE\xvb`lj
[-] Key deleted: HKLM\SOFTWARE\msServer
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
[#] Key deleted on reboot: [x64] HKCU\Software\SwytShop
[#] Key deleted on reboot: [x64] HKCU\Software\C84E
[#] Key deleted on reboot: [x64] HKCU\Software\Genius
[-] Key deleted: [x64] HKLM\SOFTWARE\xvb`lj
[-] Data restored: HKU\S-1-5-21-4140145555-2342484209-1620211677-1000\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data restored: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data restored: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cmptch.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.cmptch.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cmptch.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.cmptch.com
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cmptch.com
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.cmptch.com
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cmptch.com
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.cmptch.com
[-] Value deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [AppTrailers]
[-] Value deleted: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [LocalWiFiService]
***** [ Web browsers ] *****
[-] Firefox preferences cleaned: "browser.search.selectedEngine" - "Yahoo! Powered"
[-] Firefox preferences cleaned: "browser.search.defaultenginename" - "Yahoo! Powered"
[-] Firefox preferences cleaned: "browser.startup.homepage" - "hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_frmr_17_12¶m1=1¶m2=f%3D1%26b%3DFirefox%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyCtDyC0D0CyBtAyCtByE0D0A0E0D0AyCtN0D0Tzu0StCzytCtCtN1L2XzutAtFtByBtFyEtFyCtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyEyCzy0BtDyCzyyBtGtByCtCtAtGzzzztC0BtGyCyEtDtBtG0AyDzz0CyCyD0DtC0E0F0CtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szz0F0C0ByC0Azy0BtGtD0AyEzztGyEtDyDzytGzy0FtA0DtG0BtCyDyEtCzyyDzytDtCyBzy2QtN0A0LzuyE%26cr%3D1754789830%26a%3Dwbf_frmr_17_12%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome"
[-] [C:\Users\J.P Meusureux\AppData\Local\Chromium\User Data\Default\Web data] [Search Provider] Deleted: yahoo! powered
[-] [C:\Users\J.P Meusureux\AppData\Local\Chromium\User Data\Default] [startup_urls] Deleted: hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_frmr_17_12¶m1=1¶m2=f%3D7%26b%3Dchmm%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyCtDyC0D0CyBtAyCtByE0D0A0E0D0AyCtN0D0Tzu0StCzytCtCtN1L2XzutAtFtByBtFyEtFyCtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyEyCzy0BtDyCzyyBtGtByCtCtAtGzzzztC0BtGyCyEtDtBtG0AyDzz0CyCyD0DtC0E0F0CtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szz0F0C0ByC0Azy0BtGtD0AyEzztGyEtDyDzytGzy0FtA0DtG0BtCyDyEtCzyyDzytDtCyBzy2QtN0A0LzuyE%26cr%3D1754789830%26a%3Dwbf_frmr_17_12%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
[-] [C:\Users\J.P Meusureux\AppData\Local\Chromium\User Data\Default] [homepage] Deleted: hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_frmr_17_12¶m1=1¶m2=f%3D1%26b%3Dchmm%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyCtDyC0D0CyBtAyCtByE0D0A0E0D0AyCtN0D0Tzu0StCzytCtCtN1L2XzutAtFtByBtFyEtFyCtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyEyCzy0BtDyCzyyBtGtByCtCtAtGzzzztC0BtGyCyEtDtBtG0AyDzz0CyCyD0DtC0E0F0CtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szz0F0C0ByC0Azy0BtGtD0AyEzztGyEtDyDzytGzy0FtA0DtG0BtCyDyEtCzyyDzytDtCyBzy2QtN0A0LzuyE%26cr%3D1754789830%26a%3Dwbf_frmr_17_12%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
[-] [C:\Users\J.P Meusureux\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: gobbnicjoijcfndfmmfjnfgldgcnjibl
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [7590 Bytes] - [27/03/2017 15:59:48]
C:\AdwCleaner\AdwCleaner[S0].txt - [7060 Bytes] - [27/03/2017 15:58:58]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [7736 Bytes] ##########
# Updated on 28/02/2017 by Malwarebytes
# Database : 2017-03-27.1 [Server]
# Operating System : Windows 10 Home (X64)
# Username : J.P Meusureux - JPMEUSUREUX-PC
# Running from : C:\Users\J.P Meusureux\Downloads\adwcleaner_6.044.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder deleted: C:\Program Files\ByteFence
[-] Folder deleted: C:\ProgramData\ByteFence
[#] Folder deleted on reboot: C:\ProgramData\Application Data\ByteFence
[-] Folder deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot
[-] Folder deleted: C:\Users\J.P Meusureux\AppData\Local\Google\Chrome\User Data\Default\Extensions\gobbnicjoijcfndfmmfjnfgldgcnjibl
[-] Folder deleted: C:\Users\J.P Meusureux\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gobbnicjoijcfndfmmfjnfgldgcnjibl
***** [ Files ] *****
[-] File deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
[-] File deleted: C:\Users\J.P Meusureux\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gobbnicjoijcfndfmmfjnfgldgcnjibl_0.localstorage
[-] File deleted: C:\Users\J.P Meusureux\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gobbnicjoijcfndfmmfjnfgldgcnjibl_0.localstorage-journal
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled Tasks ] *****
[-] Task deleted: ByteFence
***** [ Registry ] *****
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WindowService
[#] Key deleted on reboot: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WindowService
[-] Key deleted: HKU\.DEFAULT\Software\xvb`lj
[-] Key deleted: HKU\S-1-5-21-4140145555-2342484209-1620211677-1000\Software\SwytShop
[-] Key deleted: HKU\S-1-5-21-4140145555-2342484209-1620211677-1000\Software\C84E
[-] Key deleted: HKU\S-1-5-21-4140145555-2342484209-1620211677-1000\Software\Genius
[#] Key deleted on reboot: HKU\S-1-5-18\Software\xvb`lj
[#] Key deleted on reboot: HKCU\Software\SwytShop
[#] Key deleted on reboot: HKCU\Software\C84E
[#] Key deleted on reboot: HKCU\Software\Genius
[-] Key deleted: HKLM\SOFTWARE\xvb`lj
[-] Key deleted: HKLM\SOFTWARE\msServer
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
[#] Key deleted on reboot: [x64] HKCU\Software\SwytShop
[#] Key deleted on reboot: [x64] HKCU\Software\C84E
[#] Key deleted on reboot: [x64] HKCU\Software\Genius
[-] Key deleted: [x64] HKLM\SOFTWARE\xvb`lj
[-] Data restored: HKU\S-1-5-21-4140145555-2342484209-1620211677-1000\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data restored: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data restored: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cmptch.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.cmptch.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cmptch.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.cmptch.com
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cmptch.com
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.cmptch.com
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cmptch.com
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.cmptch.com
[-] Value deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [AppTrailers]
[-] Value deleted: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [LocalWiFiService]
***** [ Web browsers ] *****
[-] Firefox preferences cleaned: "browser.search.selectedEngine" - "Yahoo! Powered"
[-] Firefox preferences cleaned: "browser.search.defaultenginename" - "Yahoo! Powered"
[-] Firefox preferences cleaned: "browser.startup.homepage" - "hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_frmr_17_12¶m1=1¶m2=f%3D1%26b%3DFirefox%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyCtDyC0D0CyBtAyCtByE0D0A0E0D0AyCtN0D0Tzu0StCzytCtCtN1L2XzutAtFtByBtFyEtFyCtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyEyCzy0BtDyCzyyBtGtByCtCtAtGzzzztC0BtGyCyEtDtBtG0AyDzz0CyCyD0DtC0E0F0CtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szz0F0C0ByC0Azy0BtGtD0AyEzztGyEtDyDzytGzy0FtA0DtG0BtCyDyEtCzyyDzytDtCyBzy2QtN0A0LzuyE%26cr%3D1754789830%26a%3Dwbf_frmr_17_12%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome"
[-] [C:\Users\J.P Meusureux\AppData\Local\Chromium\User Data\Default\Web data] [Search Provider] Deleted: yahoo! powered
[-] [C:\Users\J.P Meusureux\AppData\Local\Chromium\User Data\Default] [startup_urls] Deleted: hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_frmr_17_12¶m1=1¶m2=f%3D7%26b%3Dchmm%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyCtDyC0D0CyBtAyCtByE0D0A0E0D0AyCtN0D0Tzu0StCzytCtCtN1L2XzutAtFtByBtFyEtFyCtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyEyCzy0BtDyCzyyBtGtByCtCtAtGzzzztC0BtGyCyEtDtBtG0AyDzz0CyCyD0DtC0E0F0CtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szz0F0C0ByC0Azy0BtGtD0AyEzztGyEtDyDzytGzy0FtA0DtG0BtCyDyEtCzyyDzytDtCyBzy2QtN0A0LzuyE%26cr%3D1754789830%26a%3Dwbf_frmr_17_12%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
[-] [C:\Users\J.P Meusureux\AppData\Local\Chromium\User Data\Default] [homepage] Deleted: hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_frmr_17_12¶m1=1¶m2=f%3D1%26b%3Dchmm%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyCtDyC0D0CyBtAyCtByE0D0A0E0D0AyCtN0D0Tzu0StCzytCtCtN1L2XzutAtFtByBtFyEtFyCtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyEyCzy0BtDyCzyyBtGtByCtCtAtGzzzztC0BtGyCyEtDtBtG0AyDzz0CyCyD0DtC0E0F0CtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szz0F0C0ByC0Azy0BtGtD0AyEzztGyEtDyDzytGzy0FtA0DtG0BtCyDyEtCzyyDzytDtCyBzy2QtN0A0LzuyE%26cr%3D1754789830%26a%3Dwbf_frmr_17_12%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
[-] [C:\Users\J.P Meusureux\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: gobbnicjoijcfndfmmfjnfgldgcnjibl
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [7590 Bytes] - [27/03/2017 15:59:48]
C:\AdwCleaner\AdwCleaner[S0].txt - [7060 Bytes] - [27/03/2017 15:58:58]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [7736 Bytes] ##########