Publicité
Publicité
Format du document : text/plain
Prévisualisation
# -------------------------------
# Malwarebytes AdwCleaner 7.2.3.1
# -------------------------------
# Build: 09-03-2018
# Database: (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-20-2018
# Duration: 00:00:09
# OS: Windows 7 Professional
# Cleaned: 71
# Failed: 0
***** [ Services ] *****
Deleted Windefender
Deleted Nettrans
Deleted backlh
***** [ Folders ] *****
Deleted C:\ProgramData\Kolnixos
Deleted C:\ProgramData\Logic Cramble
Deleted C:\ProgramData\7E2DA2E0-6BE5-1
Deleted C:\ProgramData\7E2DA2E0-5E03-0
Deleted C:\Users\ZITOUNI\AppData\Roaming\DRPSu
Deleted C:\Users\ZITOUNI\AppData\Roaming\EpicNet Inc
Deleted C:\ProgramData\PrefsSecure
Deleted C:\Windows\Temp\Smartbar
Deleted C:\Users\ZITOUNI\AppData\Local\WhiteClick
***** [ Files ] *****
Deleted C:\Windows\System32\mcicda32.dll
Deleted C:\Windows\System32\config\systemprofile\appdata\local\installationconfiguration.xml
Deleted C:\Users\ZITOUNI\appdata\local\installationconfiguration.xml
Deleted C:\Users\ZITOUNI\AppData\Local\Main.dat
Deleted C:\Users\ZITOUNI\AppData\Local\Temp\WhiteClick.exe
Deleted C:\Windows\System32\findit.xml
Deleted C:\Windows\System32\drivers\WinmonProcessMonitor.sys
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
Deleted C:\Users\Public\Desktop\Google Chrome.lnk
Deleted C:\Users\ZITOUNI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Deleted C:\Users\ZITOUNI\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Deleted C:\Users\ZITOUNI\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Deleted C:\Users\ZITOUNI\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
Deleted C:\Users\ZITOUNI\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\ScheduledUpdate
Deleted C:\Windows\System32\Tasks\eVSrriCnrZQlODxsGDB2
Deleted C:\Windows\System32\Tasks\xdbGJPONaKkXIL
Deleted C:\Windows\System32\Tasks\gkNqfjNoNlLfJVmHB2
Deleted C:\Windows\System32\Tasks\yKMtMHoPoUUExsP2
***** [ Registry ] *****
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D7DA3B5-ABB5-4597-9C06-FA347FBC81B9}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ScheduledUpdate
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
Deleted HKLM\Software\MICROSOFT\TechnologyDesktopnew
Deleted HKLM\SOFTWARE\MICROSOFT\Speedycar
Deleted HKCU\Software\mtKolnixo
Deleted HKLM\Software\mtKolnixo
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\1655C0CA-7AE7-4012-8502-970C8675E5F8
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF1F1901-098E-4B7E-BDAB-BBAD7AEC2086}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF1F1901-098E-4B7E-BDAB-BBAD7AEC2086}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF1F1901-098E-4B7E-BDAB-BBAD7AEC2086}
Deleted HKLM\Software\Classes\CLSID\{DF1F1901-098E-4B7E-BDAB-BBAD7AEC2086}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5988FF38-599B-4727-9E6D-32F4D716E7E6}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\eVSrriCnrZQlODxsGDB2
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B8941868-4A8A-4792-AD6D-3F3B20AA0FC8}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B8941868-4A8A-4792-AD6D-3F3B20AA0FC8}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\xdbGJPONaKkXIL
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47E9B9C9-52FD-4727-9F60-4BB59BF07842}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\gkNqfjNoNlLfJVmHB2
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3EF2DC6C-EBD8-4877-B941-1153AC07A6E8}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\yKMtMHoPoUUExsP2
Deleted HKCU\Software\drpsu
Deleted HKLM\Software\drpsu
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\drp.su
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\CloudNet
Deleted HKCU\Software\FastDataX
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cloudnet
Deleted HKCU\Software\EpicNet Inc.
Deleted HKCU\Software\csastats
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\Application Hosting
Deleted HKLM\Software\Microsoft\Internet Explorer\SearchScopes|DefaultScope
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
Deleted HKLM\Software\Microsoft\Internet Explorer\SearchScopes\ielnksrch
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\tvplusnewtab.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\fr.tvplusnewtab.com
Deleted HKU\.DEFAULT\Environment|SNP
Deleted HKU\S-1-5-18\Environment|SNP
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\medianewpage.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\fr.medianewpage.com
***** [ Chromium (and derivatives) ] *****
Deleted Quick Searcher
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [7735 octets] - [20/09/2018 12:43:43]
AdwCleaner[S01].txt - [7796 octets] - [20/09/2018 12:45:29]
AdwCleaner[S02].txt - [7857 octets] - [20/09/2018 12:47:01]
AdwCleaner[S03].txt - [7918 octets] - [20/09/2018 12:51:49]
AdwCleaner[S04].txt - [7979 octets] - [20/09/2018 12:53:23]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C04].txt ##########
# Malwarebytes AdwCleaner 7.2.3.1
# -------------------------------
# Build: 09-03-2018
# Database: (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-20-2018
# Duration: 00:00:09
# OS: Windows 7 Professional
# Cleaned: 71
# Failed: 0
***** [ Services ] *****
Deleted Windefender
Deleted Nettrans
Deleted backlh
***** [ Folders ] *****
Deleted C:\ProgramData\Kolnixos
Deleted C:\ProgramData\Logic Cramble
Deleted C:\ProgramData\7E2DA2E0-6BE5-1
Deleted C:\ProgramData\7E2DA2E0-5E03-0
Deleted C:\Users\ZITOUNI\AppData\Roaming\DRPSu
Deleted C:\Users\ZITOUNI\AppData\Roaming\EpicNet Inc
Deleted C:\ProgramData\PrefsSecure
Deleted C:\Windows\Temp\Smartbar
Deleted C:\Users\ZITOUNI\AppData\Local\WhiteClick
***** [ Files ] *****
Deleted C:\Windows\System32\mcicda32.dll
Deleted C:\Windows\System32\config\systemprofile\appdata\local\installationconfiguration.xml
Deleted C:\Users\ZITOUNI\appdata\local\installationconfiguration.xml
Deleted C:\Users\ZITOUNI\AppData\Local\Main.dat
Deleted C:\Users\ZITOUNI\AppData\Local\Temp\WhiteClick.exe
Deleted C:\Windows\System32\findit.xml
Deleted C:\Windows\System32\drivers\WinmonProcessMonitor.sys
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
Deleted C:\Users\Public\Desktop\Google Chrome.lnk
Deleted C:\Users\ZITOUNI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Deleted C:\Users\ZITOUNI\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Deleted C:\Users\ZITOUNI\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Deleted C:\Users\ZITOUNI\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
Deleted C:\Users\ZITOUNI\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\ScheduledUpdate
Deleted C:\Windows\System32\Tasks\eVSrriCnrZQlODxsGDB2
Deleted C:\Windows\System32\Tasks\xdbGJPONaKkXIL
Deleted C:\Windows\System32\Tasks\gkNqfjNoNlLfJVmHB2
Deleted C:\Windows\System32\Tasks\yKMtMHoPoUUExsP2
***** [ Registry ] *****
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D7DA3B5-ABB5-4597-9C06-FA347FBC81B9}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ScheduledUpdate
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
Deleted HKLM\Software\MICROSOFT\TechnologyDesktopnew
Deleted HKLM\SOFTWARE\MICROSOFT\Speedycar
Deleted HKCU\Software\mtKolnixo
Deleted HKLM\Software\mtKolnixo
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\1655C0CA-7AE7-4012-8502-970C8675E5F8
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF1F1901-098E-4B7E-BDAB-BBAD7AEC2086}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF1F1901-098E-4B7E-BDAB-BBAD7AEC2086}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF1F1901-098E-4B7E-BDAB-BBAD7AEC2086}
Deleted HKLM\Software\Classes\CLSID\{DF1F1901-098E-4B7E-BDAB-BBAD7AEC2086}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5988FF38-599B-4727-9E6D-32F4D716E7E6}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\eVSrriCnrZQlODxsGDB2
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B8941868-4A8A-4792-AD6D-3F3B20AA0FC8}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B8941868-4A8A-4792-AD6D-3F3B20AA0FC8}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\xdbGJPONaKkXIL
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47E9B9C9-52FD-4727-9F60-4BB59BF07842}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\gkNqfjNoNlLfJVmHB2
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3EF2DC6C-EBD8-4877-B941-1153AC07A6E8}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\yKMtMHoPoUUExsP2
Deleted HKCU\Software\drpsu
Deleted HKLM\Software\drpsu
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\drp.su
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\CloudNet
Deleted HKCU\Software\FastDataX
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cloudnet
Deleted HKCU\Software\EpicNet Inc.
Deleted HKCU\Software\csastats
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\Application Hosting
Deleted HKLM\Software\Microsoft\Internet Explorer\SearchScopes|DefaultScope
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
Deleted HKLM\Software\Microsoft\Internet Explorer\SearchScopes\ielnksrch
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\tvplusnewtab.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\fr.tvplusnewtab.com
Deleted HKU\.DEFAULT\Environment|SNP
Deleted HKU\S-1-5-18\Environment|SNP
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\medianewpage.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\fr.medianewpage.com
***** [ Chromium (and derivatives) ] *****
Deleted Quick Searcher
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [7735 octets] - [20/09/2018 12:43:43]
AdwCleaner[S01].txt - [7796 octets] - [20/09/2018 12:45:29]
AdwCleaner[S02].txt - [7857 octets] - [20/09/2018 12:47:01]
AdwCleaner[S03].txt - [7918 octets] - [20/09/2018 12:51:49]
AdwCleaner[S04].txt - [7979 octets] - [20/09/2018 12:53:23]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C04].txt ##########