# AdwCleaner 7.0.2.1 - Logfile created on Thu Aug 31 11:38:21 2017
# Updated on 2017/29/08 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

Deleted: TMService


***** [ Folders ] *****

Deleted: C:\Program Files (x86)\WindowsTM
Deleted: C:\Users\All Users\Documents\XMUpdate
Deleted: C:\Users\Public\Documents\XMUpdate
Deleted: C:\Users\toshiba\AppData\Roaming\isMiner
Deleted: C:\Users\toshiba\AppData\Local\Mail.Ru


***** [ Files ] *****

Deleted: C:\Users\toshiba\Favorites\Mail.Ru.url
Deleted: C:\Windows\SysNative\drivers\lanmamaster.sys
Deleted: C:\Windows\SysNative\lanmamasterHelp.dll
Deleted: C:\Users\toshiba\Favorites\Mail.Ru Агент - используй для общения!.url


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

Cleaned: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk[http:\\www.yeadesktop.com\]
Cleaned: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk[http:\\www.yeadesktop.com\]


***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Value] - HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|ENABLESHELLEXECUTEHOOKS
Deleted: [Key] - HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.ascplugin.protect
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchy
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{24F5E422-6A70-4FAA-8CAD-E23D5DC1DAE6}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DD0688A5-FC8B-4E93-A485-CBF606A56D49}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\DMunversion
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|gplyra
Deleted: [Value] - HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|YeaDesktop.exe
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|YeaDesktop.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\gplyra
Deleted: [Key] - HKU\S-1-5-21-2074184489-2815443456-4149718103-1001\Software\isMiner
Deleted: [Key] - HKCU\Software\isMiner
Deleted: [Key] - HKU\S-1-5-21-2074184489-2815443456-4149718103-1001\Software\Xpom
Deleted: [Key] - HKCU\Software\Xpom
Deleted: [Key] - HKU\S-1-5-21-2074184489-2815443456-4149718103-1001\Software\Mail.Ru
Deleted: [Key] - HKU\S-1-5-21-2074184489-2815443456-4149718103-1001\Software\AppDataLow\Software\Mail.Ru
Deleted: [Key] - HKCU\Software\Mail.Ru
Deleted: [Key] - HKCU\Software\AppDataLow\Software\Mail.Ru
Deleted: [Key] - HKU\S-1-5-21-2074184489-2815443456-4149718103-1001\Software\MICROSOFT\wewewe
Deleted: [Key] - HKCU\Software\MICROSOFT\wewewe
Deleted: [Key] - HKU\S-1-5-21-2074184489-2815443456-4149718103-1001\Software\Amigo
Deleted: [Key] - HKCU\Software\Amigo
Deleted: [Key] - HKU\S-1-5-21-2074184489-2815443456-4149718103-1001\Software\Microsoft\BigTime
Deleted: [Key] - HKCU\Software\Microsoft\BigTime
Deleted: [Key] - HKU\S-1-5-21-2074184489-2815443456-4149718103-1001\Software\drpsu
Deleted: [Key] - HKCU\Software\drpsu
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\APreSam
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\NSaveA
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\PrAmNP
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\MPrForShutT
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\PrIncub
Deleted: [Key] - HKU\S-1-5-21-2074184489-2815443456-4149718103-1001\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}
Deleted: [Key] - HKCU\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [4698 B] - [2017/8/31 11:37:42]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########