cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

# AdwCleaner 7.0.1.0 - Logfile created on Tue Aug 01 12:47:38 2017
# Updated on 2017/05/08 by Malwarebytes
# Running on Windows 7 Professional (X86)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

Deleted: be7150856eafa500edf8d20c62f5d2ac


***** [ Folders ] *****

Deleted: C:\Users\Diaby\AppData\Roaming\\clean
Deleted: C:\Users\Diaby\AppData\LocalLow\IObit\Advanced SystemCare
Deleted: C:\Windows\System32\\SSL
Deleted: C:\Program Files\\reports
Deleted: C:\Program Files\SDownloader
Deleted: C:\ProgramData\ByteFence
Deleted: C:\ProgramData\Application Data\ByteFence
Deleted: C:\Program Files\ByteFence
Deleted: C:\Users\All Users\ByteFence
Deleted: C:\Users\Diaby\AppData\Roaming\BROWSERMODULE
Deleted: C:\Program Files\76f1c620a777bf6a6ddcfefa9f394791
Deleted: C:\ProgramData\{0A964816-BD3D-FFBD-BDCA-6C8656F7CE43}
Deleted: C:\ProgramData\{2ADA52B2-9D71-E519-B68B-EFE74E52E84A}
Deleted: C:\ProgramData\{2C572639-9BFC-9192-B446-5F136B69EC58}
Deleted: C:\ProgramData\{31AB411D-8600-F6B6-64FB-F7FC0B322FD5}
Deleted: C:\ProgramData\{386F9E0C-8FC4-29A7-6F6E-4EB2066B904E}
Deleted: C:\ProgramData\{38F2913E-8F59-2695-881F-B3DD7AF58906}
Deleted: C:\ProgramData\{3D643B4E-8ACF-8CE5-241F-49E64EEF689C}
Deleted: C:\ProgramData\{468CE655-F127-51FE-0A19-2AE671D4E195}
Deleted: C:\ProgramData\{497C8777-FED7-30DC-D3F1-8E44E4C657ED}
Deleted: C:\ProgramData\{4B11775E-FCBA-C0F5-C26F-8A2BEF93D7E1}
Deleted: C:\ProgramData\{5489DA41-E322-6DEA-5282-E82ECC03789E}
Deleted: C:\ProgramData\{569560EE-E13E-D745-591F-72542F10399B}
Deleted: C:\ProgramData\{5D3FBC1B-EA94-0BB0-4697-C277095FC0B9}
Deleted: C:\ProgramData\{628A9872-D521-2FD9-353E-AF963088CA20}
Deleted: C:\ProgramData\{79102ABB-CEBB-9D10-6AEC-55BDC884F946}
Deleted: C:\ProgramData\{7FC06DF5-C86B-DA5E-7D26-088EB8EB7485}
Deleted: C:\ProgramData\{8CB97737-3B12-C09C-5E2D-BF6C9EC40C1A}
Deleted: C:\ProgramData\{9184BAC3-262F-0D68-46BE-627B3F7A829B}
Deleted: C:\ProgramData\{ACBCD40A-42A8-4FF9-BD42-ABCD14998CBA}
Deleted: C:\ProgramData\{B30F16F6-04A4-A15D-95BE-C6BDD0100C69}
Deleted: C:\ProgramData\{B9A92DBE-0E02-9A15-BFA7-6AE572100A97}
Deleted: C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
Deleted: C:\ProgramData\{C73B4B53-7090-FCF8-CE7A-92F193FBB1A6}
Deleted: C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
Deleted: C:\ProgramData\{E9C21179-5E69-A6D2-D749-CFDBBE1BDD20}
Deleted: C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
Deleted: C:\ProgramData\{FEB2EEB1-4919-591A-050F-E1F613B5BBBA}
Deleted: C:\ProgramData\{FFF45F86-485F-E82D-8C41-8779A1BD2E0A}


***** [ Files ] *****

Deleted: C:\Program Files\\settings.dat
Deleted: C:\ProgramData\Duplicaterecord.js
Deleted: C:\ProgramData\Application Data\Duplicaterecord.js
Deleted: C:\Users\All Users\Duplicaterecord.js


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted: Driver Booster Scheduler
Deleted: ByteFence Scan
Deleted: ByteFence
Deleted: Launch 18391


***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\jhtrsq
Deleted: [Key] - HKU\.DEFAULT\Software\jhtrsq
Deleted: [Key] - HKU\S-1-5-18\Software\jhtrsq
Deleted: [Key] - HKLM\SOFTWARE\{84416237-6490-494D-9AD6-4994DD978971}
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|SNARE
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cmptch.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\static.cmptch.com
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|Search Page [http:\\www.startpageing123.com\search\?type=ds&ts=1490947755&z=33e568f777ecfbf16a72881g5z0t7e4t3z4z6get2m&from=che0812&uid=ST380013AS_5MR157QQXXXX5MR157QQ&q={searchTerms}]
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|Default_Search_URL [http:\\www.startpageing123.com\search\?type=ds&ts=1490947755&z=33e568f777ecfbf16a72881g5z0t7e4t3z4z6get2m&from=che0812&uid=ST380013AS_5MR157QQXXXX5MR157QQ&q={searchTerms}]
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|Start Page_TIMESTAMP [뀦ﯓǒ:\\www.startpageing123.com\search\?type=ds&ts=1490947755&z=33e568f777ecfbf16a72881g5z0t7e4t3z4z6get2m&from=che0812&uid=ST380013AS_5MR157QQXXXX5MR157QQ&q={searchTerms}]
Deleted: [Key] - HKU\S-1-5-21-377985148-792701347-3327087119-1001\Software\SpeedBit
Deleted: [Key] - HKCU\Software\SpeedBit
Deleted: [Key] - HKU\S-1-5-21-377985148-792701347-3327087119-1001\Software\Media Get LLC
Deleted: [Key] - HKCU\Software\Media Get LLC
Deleted: [Key] - HKLM\SOFTWARE\Lavasoft\Web Companion
Deleted: [Key] - HKU\S-1-5-21-377985148-792701347-3327087119-1001\Software\Lavasoft\Web Companion
Deleted: [Key] - HKCU\Software\Lavasoft\Web Companion
Deleted: [Key] - HKLM\SOFTWARE\msServer
Deleted: [Key] - HKU\S-1-5-21-377985148-792701347-3327087119-1001\Software\C84E
Deleted: [Key] - HKCU\Software\C84E
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\DMunversion
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{6DC82D15-92F2-11D1-A255-00A0C932C7DF}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Deleted: [Value] - HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\chrome.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
Deleted: [Value] - HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\firefox.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted: [Value] - HKLM\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Custom\chrome.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
Deleted: [Value] - HKLM\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Custom\firefox.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
Deleted: [Value] - HKLM\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Custom\iexplore.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
Deleted: [Value] - HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_removal_tool.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
Deleted: [Value] - HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_reporter_tool.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
Deleted: [Key] - HKLM\SOFTWARE\Classes\*\shell\ByteFence File Scan
Deleted: [Key] - HKLM\SOFTWARE\Classes\Directory\shell\ByteFence Folder Scan
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|WinSAPSvc
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|SNARER
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|Kitty
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|3DM
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Control\iSafeKrnlBoot
Deleted: [Key] - HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9
Deleted: [Key] - HKU\S-1-5-21-377985148-792701347-3327087119-1001\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
Deleted: [Key] - HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
Deleted: [Key] - HKU\S-1-5-21-377985148-792701347-3327087119-1001\Software\win
Deleted: [Key] - HKCU\Software\win
Deleted: [Key] - HKU\S-1-5-21-377985148-792701347-3327087119-1001\Software\MICROSOFT\wewewe
Deleted: [Key] - HKCU\Software\MICROSOFT\wewewe
Deleted: [Value] - HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\explorer.xxx|{8A4D5A43-C64A-45AB-BDF4-804FE18CEAFD}.SDB
Deleted: [Key] - HKLM\SOFTWARE\startpageing123Software
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\InstalledsDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|WINSNARE
Deleted: [Key] - HKU\S-1-5-21-377985148-792701347-3327087119-1001\Software\Genius
Deleted: [Key] - HKCU\Software\Genius
Deleted: [Key] - HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

Plugin deleted: Bitmotion - New Tab -
Plugin deleted: Сookies Control -
Plugin deleted: Search Manager -
Plugin deleted: Search Manager -


*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [11194 B] - [2017/8/1 12:45:5]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

Publicité


Signaler le contenu de ce document

Publicité