Édité le 29 janvier 2023
Télécharger | Reposter | Largeur fixe

start::
closeprocesses:
createrestorepoint:
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Watchdog Anti-Malware\AM_ShellExt64.dll [2021-11-02] (WatchDogDevelopment.com, LLC -> Advanced Malware Protection. Copyright 2018.)
ContextMenuHandlers1: [4.0 Watchdog Anti-Malware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Watchdog Anti-Malware\AM_ShellExt64.dll [2021-11-02] (WatchDogDevelopment.com, LLC -> Advanced Malware Protection. Copyright 2018.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-21] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Watchdog Anti-Malware\AM_ShellExt64.dll [2021-11-02] (WatchDogDevelopment.com, LLC -> Advanced Malware Protection. Copyright 2018.)
ContextMenuHandlers6: [4.0 Watchdog Anti-Malware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Watchdog Anti-Malware\AM_ShellExt64.dll [2021-11-02] (WatchDogDevelopment.com, LLC -> Advanced Malware Protection. Copyright 2018.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-21] (Malwarebytes Corporation -> Malwarebytes)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-ff631a0d5f65e6c0
HKU\S-1-5-21-482567781-1379617886-781849417-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=shnl&hsimp=yhs-001&type=c11050ff5b334335a146ff2784e¶m1=IE¶m2=1¶m3=campaignID%3D364%26UserID%3D2040766544¶m4=XPbueSzfBeG6K2MlxBpfELmmgzh8mOsLvk1mNxKnkuDQzAGYaclIXjiYGxEsx2yN4hFTH1CPkETBiBKHFz+GQ7roB2FO9sT3Af27wPe0b6kHz6b1zTb18ByXIgCY+ywtCg1WMQtKg5J4NF5uKsDW7AMbq3LiH+fwDLGS3dRnwwYzyCs//WMiOsDqmH7Znm+7WPxukbamiIFQO3xEUi8qxLvNpzEr4yxRVhE+8z4xgK3bZe0L+xfYWZMxpAyz6xl8kkj5ufXUx5lc/t5c8LNUeEAchJXDO1OAwYSYZyOi1wyfIvXlpOfdGJTxvoqeujiFUGDhoYymyPv5N/kGJUgS2c52iRXr3C6DZ6nc9xFbW4VBodaTADTiSizjPv7U0WnNPKp3/jpA5v3wTInyRMgg2J5nY2v6mGb2qJAya4EsxeSWE2GPwDX/I131ZnSkIq9tEGwywPcnH6QIADandBlJ5e0cpvIbJ/xPhiCP+kKTEjFO6r0BluEb3Nw3mTjYnJV8m46OHaKy95l+G8sJ4wWRmpSpYIY1kpwXW5dtBQAwvjAHo57pdr6ICV+6ZjHjJrYCiNZwMYVv7H0+6fXWnLofBrdAiRJ0dYwBIkdc14nfKNEWdzrpkUqWfUabt4dqPeNuCHlbrn0OpokICh93FxOf3+KNmN02iUd5nVu1tDc+Tzg=
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-482567781-1379617886-781849417-1001 -> DefaultScope {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=shnl&hsimp=yhs-001&type=c11050ff5b334335a146ff2784e¶m1=IE¶m2=4¶m3=campaignID%3D364%26UserID%3D2040766544¶m4=XPbueSzfBeG6K2MlxBpfEDPN+SxVpua8beXQzoS1GYKYX9iWjIAFEmvclWBbrhjndV++0pf457ScwisW9HijmEXcrRXiSudw/HTh865wCb97MwIt88e+AaYt6S8zi8rfiDic19D+UbYtbmCvya2FsyhZrrhd5/E8WOnGPsoXrfpqKb8eHgbphJlcBHVi/3qkcjkDwMnCxMz/fUrU59dSOfQGhoeI2wk1KTo/UkMU85gKC/P46GIJWReEqY4RvqosLoYcxqOfCNq9z4Q45JV4BIGVntVOJZq+ZZ532oal5SGFRLdit3oS3UpuBJcM4HIiwMQd5/cBD+lxIgSn4DJLd6iLlOFTq7vkOiSWLWB1Wcmk01zg5fTcNBn4HjlNXHaWrhFCeB8mKEL6Rru7oL+uYDk3mCxKCns3zitBTOsBUtVbRF2gsEfDYe9/IsCfww7+YUneFh/V/lc24x1/JOnycoHj1PNQHfHU71S1T6Je2E+86vdN4h1KaErCD49LiVstUgCL/jSoVUXHy9RXB+xRPSt95YCiVkU49I5zi1MKdZ3hwFlyoV8DEpcyCB+MFi/PC1kkLJ8gMEUMoWTD4quldf3bAAIivrE4ditbwMoJY4u5U/KBI7NmDuHFrt9cJCmUapNtSGLqKdhkwMPh3hWaPvkI0JWECkq8oLpEtk29TEM=&p={searchTerms}
SearchScopes: HKU\S-1-5-21-482567781-1379617886-781849417-1001 -> {e5badea7-e1c2-fbf1-87ac-061d1440d15b} URL =
SearchScopes: HKU\S-1-5-21-482567781-1379617886-781849417-1001 -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=shnl&hsimp=yhs-001&type=c11050ff5b334335a146ff2784e¶m1=IE¶m2=4¶m3=campaignID%3D364%26UserID%3D2040766544¶m4=XPbueSzfBeG6K2MlxBpfEDPN+SxVpua8beXQzoS1GYKYX9iWjIAFEmvclWBbrhjndV++0pf457ScwisW9HijmEXcrRXiSudw/HTh865wCb97MwIt88e+AaYt6S8zi8rfiDic19D+UbYtbmCvya2FsyhZrrhd5/E8WOnGPsoXrfpqKb8eHgbphJlcBHVi/3qkcjkDwMnCxMz/fUrU59dSOfQGhoeI2wk1KTo/UkMU85gKC/P46GIJWReEqY4RvqosLoYcxqOfCNq9z4Q45JV4BIGVntVOJZq+ZZ532oal5SGFRLdit3oS3UpuBJcM4HIiwMQd5/cBD+lxIgSn4DJLd6iLlOFTq7vkOiSWLWB1Wcmk01zg5fTcNBn4HjlNXHaWrhFCeB8mKEL6Rru7oL+uYDk3mCxKCns3zitBTOsBUtVbRF2gsEfDYe9/IsCfww7+YUneFh/V/lc24x1/JOnycoHj1PNQHfHU71S1T6Je2E+86vdN4h1KaErCD49LiVstUgCL/jSoVUXHy9RXB+xRPSt95YCiVkU49I5zi1MKdZ3hwFlyoV8DEpcyCB+MFi/PC1kkLJ8gMEUMoWTD4quldf3bAAIivrE4ditbwMoJY4u5U/KBI7NmDuHFrt9cJCmUapNtSGLqKdhkwMPh3hWaPvkI0JWECkq8oLpEtk29TEM=&p={searchTerms}
MSCONFIG\Services: ccleaner => 2
MSCONFIG\Services: CCleanerBrowserElevationService => 3
HKU\S-1-5-21-482567781-1379617886-781849417-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-482567781-1379617886-781849417-1001\...\StartupApproved\Run: => "CCleanerBrowserAutoLaunch_BF27BC3320770C28D048BA2A93E40A9D"
HKU\S-1-5-21-482567781-1379617886-781849417-1001\...\RunOnce: [Uninstall C:\Users\josiane\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\josiane\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64" (Pas de fichier)
HKU\S-1-5-21-482567781-1379617886-781849417-1001\...\RunOnce: [Uninstall C:\Users\josiane\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\josiane\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64" (Pas de fichier)
HKU\S-1-5-21-482567781-1379617886-781849417-1001\...\RunOnce: [Uninstall C:\Users\josiane\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\josiane\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64" (Pas de fichier)
HKU\S-1-5-21-482567781-1379617886-781849417-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\josiane\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (Pas de fichier)
HKU\S-1-5-21-482567781-1379617886-781849417-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\josiane\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Pas de fichier)
HKU\S-1-5-21-482567781-1379617886-781849417-1001\...\RunOnce: [Uninstall 22.227.1030.0001\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\josiane\AppData\Local\Microsoft\OneDrive\22.227.1030.0001\amd64" (Pas de fichier)
HKU\S-1-5-21-482567781-1379617886-781849417-1001\...\RunOnce: [Uninstall 22.227.1030.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\josiane\AppData\Local\Microsoft\OneDrive\22.227.1030.0001" (Pas de fichier)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> %SystemRoot%\inf\unregmp2.exe /ShowWMP
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
C:\Program Files\TrueKey
Task: {428EFC9C-837D-4FAA-9641-38B00D33E1B2} - System32\Tasks\AdwCleaner_onReboot => C:\Users\josiane\Desktop\adwcleaner_8.3.1.exe /r (Pas de fichier)
Task: {71E53243-3A2D-47EE-9DAB-6D71B2366657} - System32\Tasks\Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate => {9CDA66BE-3271-4723-8D35-DD834C58AD92} C:\Windows\System32\ErrorDetailsUpdate.dll [39936 2015-10-30] (Microsoft Windows -> Microsoft Corporation)
Task: {A4D1AFB0-3600-4532-B75C-45B8E901CBD6} - System32\Tasks\Microsoft\Windows\rempl\shell-maintenance => C:\Program Files\rempl\remsh.exe /RunMaintenanceTasksOnly (Pas de fichier)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Pas de fichier]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Pas de fichier]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7848632 2021-11-23] (Malwarebytes Inc -> Malwarebytes)
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
S1 amsdk; \??\C:\WINDOWS\system32\drivers\amsdk.sys [X]
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-07-03] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-01-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-11-23] (Malwarebytes Inc -> Malwarebytes)
2023-01-29 18:19 - 2021-11-23 17:27 - 000000000 ___DC C:\Users\josiane\AppData\LocalLow\Adblock Plus for IE
2023-01-29 13:56 - 2022-02-03 14:57 - 000243431 _____ C:\WINDOWS\ZAM.krnl.trace
2023-01-29 13:56 - 2021-11-23 17:38 - 000000000 ___DC C:\Users\josiane\AppData\Local\WAMSDK
2023-01-29 13:56 - 2021-11-23 17:35 - 000000000 ____D C:\Program Files (x86)\Watchdog Anti-Malware
2023-01-29 13:12 - 2021-11-23 17:35 - 000000000 ___DC C:\Users\josiane\AppData\Local\Watchdog Anti-Malware
2019-06-19 15:14 - 2019-06-19 15:14 - 000363093 ____C () C:\Users\josiane\AppData\Roaming\Bemeto
2019-09-26 15:14 - 2019-09-26 15:14 - 000278690 ____C () C:\Users\josiane\AppData\Roaming\Cafanefid
2019-12-09 16:16 - 2019-12-09 16:16 - 000336709 ____C () C:\Users\josiane\AppData\Roaming\Capudahonofo
2020-02-02 13:14 - 2020-02-02 13:14 - 000132390 ____C () C:\Users\josiane\AppData\Roaming\Cidenahip
2019-07-06 15:14 - 2019-07-06 15:14 - 000262131 ____C () C:\Users\josiane\AppData\Roaming\Gelab
2020-02-10 15:14 - 2020-02-10 15:14 - 000201812 ____C () C:\Users\josiane\AppData\Roaming\Golotihero
2020-05-09 15:14 - 2020-05-09 15:14 - 000300800 ____C () C:\Users\josiane\AppData\Roaming\Gopogufekego
2020-05-18 14:25 - 2020-05-18 14:25 - 000309912 ____C () C:\Users\josiane\AppData\Roaming\Hucekeno
2019-06-10 15:14 - 2019-06-10 15:14 - 000199936 ____C () C:\Users\josiane\AppData\Roaming\Kefusar
2019-09-03 09:14 - 2019-09-03 09:14 - 000364717 ____C () C:\Users\josiane\AppData\Roaming\Kosigefa
2020-03-17 14:14 - 2020-03-17 14:14 - 000342340 ____C () C:\Users\josiane\AppData\Roaming\Nesag
2020-02-26 17:25 - 2020-02-26 17:25 - 000125784 ____C () C:\Users\josiane\AppData\Roaming\Nodesukutof
2020-04-03 12:14 - 2020-04-03 12:14 - 000248845 ____C () C:\Users\josiane\AppData\Roaming\Nokagu
2019-10-05 18:14 - 2019-10-05 18:14 - 000301615 ____C () C:\Users\josiane\AppData\Roaming\Nubafamah
2019-10-05 18:15 - 2019-10-05 18:15 - 000327833 ____C () C:\Users\josiane\AppData\Roaming\Paduposemoc
2019-11-05 14:14 - 2019-11-05 14:14 - 000316299 ____C () C:\Users\josiane\AppData\Roaming\Rabagolag
2019-05-30 14:14 - 2019-05-30 14:14 - 000266535 ____C () C:\Users\josiane\AppData\Roaming\Sepomanefulu
2019-07-24 12:14 - 2019-07-24 12:14 - 000149641 ____C () C:\Users\josiane\AppData\Roaming\Sigab
2019-11-30 20:14 - 2019-11-30 20:14 - 000211750 ____C () C:\Users\josiane\AppData\Roaming\Sopehebibe
2020-01-04 15:14 - 2020-01-04 15:14 - 000161393 ____C () C:\Users\josiane\AppData\Roaming\Tanos
2020-05-02 17:14 - 2020-05-02 17:14 - 000294155 ____C () C:\Users\josiane\AppData\Roaming\Tolokositura
2016-05-14 20:34 - 2020-05-18 14:25 - 000000649 ____C () C:\Users\josiane\AppData\Roaming\WB.CFG
2018-01-09 16:15 - 2018-01-09 16:15 - 000000068 ____C () C:\Users\josiane\AppData\Local\7uka0nd3qg
2018-01-02 12:14 - 2018-01-10 22:14 - 000000068 ____C () C:\Users\josiane\AppData\Local\VXZbjrzHJL
C:\Program Files (x86)\Watchdog Anti-Malware
C:\Program Files\Malwarebytes
cmd: netsh advfirewall reset
cmd: sfc /scannow
emptytemp:
end::

x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.