cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

# AdwCleaner v6.042 - Logfile created 27/01/2017 at 16:10:28
# Updated on 06/01/2017 by Malwarebytes
# Database : 2017-01-27.1 [Server]
# Operating System : Windows 7 Ultimate Service Pack 1 (X64)
# Username : user - USER-PC
# Running from : C:\Users\user\Downloads\adwcleaner_6.042.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

[-] Service deleted: TheDesktopWeatherService
[-] Service deleted: backlh


***** [ Folders ] *****

[-] Folder deleted: C:\ProgramData\{a77207d0-741b-5b46-a772-207d07411f41}
[-] Folder deleted: C:\ProgramData\{d5a9ce46-5a42-4721-d5a9-9ce465a43919}
[-] Folder deleted: C:\users\user\AppData\Roaming\WeatherTool
[-] Folder deleted: C:\ProgramData\Logic Handler
[-] Folder deleted: C:\ProgramData\Quotenamron
[-] Folder deleted: C:\ProgramData\Quotenamrons
[#] Folder deleted on reboot: C:\ProgramData\Application Data\Logic Handler
[#] Folder deleted on reboot: C:\ProgramData\Application Data\Quotenamron
[#] Folder deleted on reboot: C:\ProgramData\Application Data\Quotenamrons
[-] Folder deleted: C:\Users\Public\Documents\Guid
[-] Folder deleted: C:\Program Files (x86)\WeatherTool
[-] Folder deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\WeatherTool
[-] Folder deleted: C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf
[-] Folder deleted: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaahlfahldnilidgnlikdckbfehhca
[-] Folder deleted: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pinhfkamckbogjgmbmdkdebbbpnmlaef


***** [ Files ] *****

[-] File deleted: C:\Windows\SysWOW64\findit.xml
[-] File deleted: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aaaaahlfahldnilidgnlikdckbfehhca_0.localstorage
[-] File deleted: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pinhfkamckbogjgmbmdkdebbbpnmlaef_0.localstorage
[-] File deleted: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pinhfkamckbogjgmbmdkdebbbpnmlaef_0.localstorage-journal
[-] File deleted: C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_pinhfkamckbogjgmbmdkdebbbpnmlaef_0.localstorage
[-] File deleted: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jidkebcigjgheaahopdnlfaohgnocfai_0.localstorage
[-] File deleted: C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_jidkebcigjgheaahopdnlfaohgnocfai_0.localstorage


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****



***** [ Scheduled Tasks ] *****



***** [ Registry ] *****

[-] Key deleted: HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Key deleted: HKU\S-1-5-21-279693478-1646209937-2463236520-1000\Software\PRODUCTSETUP
[-] Key deleted: HKU\S-1-5-21-279693478-1646209937-2463236520-1000\Software\WeatherTool
[-] Key deleted: HKU\S-1-5-21-279693478-1646209937-2463236520-1000\Software\csastats
[-] Key deleted: HKU\S-1-5-21-279693478-1646209937-2463236520-1000\Software\Tv-Plug-In
[-] Key deleted: HKU\S-1-5-21-279693478-1646209937-2463236520-1000\Software\AppDataLow\Software\Tv-Plug-In
[#] Key deleted on reboot: HKU\S-1-5-18\Software\AskPartnerNetwork
[#] Key deleted on reboot: HKCU\Software\PRODUCTSETUP
[#] Key deleted on reboot: HKCU\Software\WeatherTool
[#] Key deleted on reboot: HKCU\Software\csastats
[#] Key deleted on reboot: HKCU\Software\Tv-Plug-In
[#] Key deleted on reboot: HKCU\Software\AppDataLow\Software\Tv-Plug-In
[-] Key deleted: HKLM\SOFTWARE\dllpop100
[-] Key deleted: HKLM\SOFTWARE\Tv-Plug-In
[-] Key deleted: HKLM\SOFTWARE\mtQuotenamron
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Tv-Plug-In
[#] Key deleted on reboot: [x64] HKCU\Software\PRODUCTSETUP
[#] Key deleted on reboot: [x64] HKCU\Software\WeatherTool
[#] Key deleted on reboot: [x64] HKCU\Software\csastats
[#] Key deleted on reboot: [x64] HKCU\Software\Tv-Plug-In
[#] Key deleted on reboot: [x64] HKCU\Software\AppDataLow\Software\Tv-Plug-In
[-] Key deleted: [x64] HKLM\SOFTWARE\WeatherTool
[-] Key deleted: [x64] HKLM\SOFTWARE\DtsEncodeTools
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WeatherTool
[-] Data restored: HKU\S-1-5-21-279693478-1646209937-2463236520-1000\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Data restored: HKU\S-1-5-21-279693478-1646209937-2463236520-1000\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data restored: HKU\S-1-5-21-279693478-1646209937-2463236520-1000\Software\Microsoft\Internet Explorer\Main [Search Bar]
[-] Data restored: HKU\S-1-5-21-279693478-1646209937-2463236520-1000\Software\Microsoft\Internet Explorer\Main [SearchAssistant]
[-] Data restored: HKU\S-1-5-21-279693478-1646209937-2463236520-1000\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
[-] Data restored: HKU\S-1-5-21-279693478-1646209937-2463236520-1000\Software\Microsoft\Internet Explorer\SearchUrl [Default]
[-] Data restored: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\Main [SearchAssistant]
[-] Data restored: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
[-] Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
[-] Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [SearchAssistant]
[-] Data restored: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
[-] Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
[-] Key deleted: HKU\S-1-5-21-279693478-1646209937-2463236520-1000\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
[-] Value deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\ielnksrch
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
[-] Data restored: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs]
[-] Data restored: [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs]
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ar.hao123.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\hao123.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ar.hao123.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\hao123.com
[#] Key deleted on reboot: HKLM\SOFTWARE\Microsoft\Internet Explorer\SEARCHSCOPES\IELNKSRCH
[#] Key deleted on reboot: HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
[#] Key deleted on reboot: HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\IELNKSRCH
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SilentProcessExit\Quotenamron.exe
[-] Key deleted: HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaahlfahldnilidgnlikdckbfehhca
[-] Key deleted: [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaahlfahldnilidgnlikdckbfehhca
[-] Key deleted: HKLM\SOFTWARE\Google\Chrome\Extensions\jidkebcigjgheaahopdnlfaohgnocfai


***** [ Web browsers ] *****

[-] [C:\Users\user\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: aaaaahlfahldnilidgnlikdckbfehhca
[-] [C:\Users\user\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: jidkebcigjgheaahopdnlfaohgnocfai
[-] [C:\Users\user\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: pinhfkamckbogjgmbmdkdebbbpnmlaef
[-] [C:\Users\user\AppData\Local\Google\Chrome\User Data\Default] [homepage] Deleted: hxxps://ar.hao123.com/?tn=sdkw_inner_hp_09_hao123_ar&guid=b03b0acdff3c6b506237339bf1f76a99
[-] [C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1] [extension] Deleted: aaaaaiabcopkplhgaedhbloeejhhankf


*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [9036 Bytes] - [27/01/2017 16:10:28]
C:\AdwCleaner\AdwCleaner[S0].txt - [11278 Bytes] - [27/01/2017 16:09:06]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [9183 Bytes] ##########

Publicité


Signaler le contenu de ce document

Publicité