start::
CreateRestorePoint:
CloseProcesses:
Hosts:
RemoveProxy:
GroupPolicy\User: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Homepage: Mozilla\Firefox\Profiles\yayypd8u.default-release -> hxxp://linkzb.com
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-03-04]
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys
2020-03-17 03:14 - 2020-03-17 03:14 - 000000000 ____D C:\ProgramData\IObit
2020-03-17 03:14 - 2020-03-17 03:14 - 000000000 ____D C:\Program Files (x86)\IObit
2020-03-12 07:18 - 2020-03-12 07:18 - 000066588 _____ C:\ProgramData\agent.uninstall.1583990312.bdinstall.v2.bin
2020-03-12 07:12 - 2020-03-12 07:12 - 000408328 _____ C:\ProgramData\cl.uninstall.1583989726.bdinstall.v2.bin
2020-03-12 07:06 - 2020-03-12 07:06 - 000842312 _____ C:\ProgramData\cl.1583988768.bdinstall.v2.bin
2020-03-12 07:06 - 2020-03-12 07:06 - 000102228 _____ C:\ProgramData\cl.kit.1583988752.bdinstall.v2.bin
2020-03-12 06:38 - 2020-03-12 06:38 - 000106792 _____ C:\ProgramData\agent.1583987899.bdinstall.v2.bin
2020-03-12 06:38 - 2020-03-12 06:38 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2020-03-04 01:48 - 2020-03-04 01:48 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-03-04 01:48 - 2020-03-04 01:47 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll -> Pas de fichier
ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll -> Pas de fichier
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll -> Pas de fichier
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
MSCONFIG\Services: LMIRescue_3e37182f-5617-085b-3375-29efc374810d => 2
HKU\S-1-5-21-3022457610-1905606867-1841143784-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
FirewallRules: [{4D1B68F5-E357-4BEB-9B52-095D723DD8AF}] => (Allow) %systemroot%\system32\alg.exe Pas de fichier
FirewallRules: [{17EBAC2E-7FB6-4238-9CFC-E2DD0813015E}] => (Allow) %systemroot%\system32\alg.exe Pas de fichier
FirewallRules: [TCP Query User{6133BBA8-D10C-47B8-B0FD-E02B08446033}C:\program files (x86)\usb disk security\backupmaster.exe] => (Block) C:\program files (x86)\usb disk security\backupmaster.exe Pas de fichier
FirewallRules: [UDP Query User{70B001FF-4934-47E2-B845-48BA153E9CF0}C:\program files (x86)\usb disk security\backupmaster.exe] => (Block) C:\program files (x86)\usb disk security\backupmaster.exe Pas de fichier
EmptyTemp:
cmd: ipconfig /flushdns
cmd: sfc /scannow
end::