Publicité
Publicité
Format du document : text/plain
Prévisualisation
# AdwCleaner 7.0.6.0 - Logfile created on Tue Jan 16 21:00:14 2018
# Updated on 2017/21/12 by Malwarebytes
# Running on Windows 7 Home Premium (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
Deleted: Windows Node
***** [ Folders ] *****
Deleted: C:\Windows\System32\config\systemprofile\AppData\Local\AdvinstAnalytics
Deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\AdvinstAnalytics
Deleted: C:\Users\Default\AppData\Local\AdvinstAnalytics
Deleted: C:\Users\Default User\AppData\Local\AdvinstAnalytics
Deleted: C:\Windows\WinKit
Deleted: C:\Windows\WinKit
Deleted: C:\Program Files (x86)\WeatherChickn
Deleted: C:\ProgramData\Utatity
Deleted: C:\ProgramData\Application Data\Utatity
Deleted: C:\Users\All Users\Utatity
Deleted: C:\ProgramData\Utatitys
Deleted: C:\ProgramData\Application Data\Utatitys
Deleted: C:\Users\All Users\Utatitys
Deleted: C:\Microleaves
Deleted: C:\ProgramData\Microleaves
Deleted: C:\ProgramData\Application Data\Microleaves
Deleted: C:\Program Files (x86)\Microleaves
Deleted: C:\Users\All Users\Microleaves
Deleted: C:\Users\redouanne\AppData\Roaming\Microleaves
Deleted: C:\Program Files (x86)\ContentPush
Deleted: C:\Program Files (x86)\Corteli
Deleted: C:\Users\redouanne\AppData\Local\GenericTools
***** [ Files ] *****
Deleted: C:\Users\redouanne\AppData\Roaming\\agent.dat
Deleted: C:\Users\redouanne\AppData\Roaming\\InstallationConfiguration.xml
Deleted: C:\Users\redouanne\AppData\Roaming\\Installer.dat
Deleted: C:\Users\redouanne\AppData\Roaming\\noah.dat
Deleted: C:\Users\redouanne\AppData\Roaming\\Config.xml
Deleted: C:\Users\redouanne\AppData\Roaming\\md.xml
Deleted: C:\Windows\System32\findit.xml
Deleted: C:\Windows\SysWOW64\findit.xml
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted: Online Application V2G1
Deleted: Online Application V2G3
Deleted: Online Application V2G2
Deleted: Traffic Exchange Updater
Deleted: Traffic Exchange Guard
Deleted: Online Application v2 Guardian
Deleted: Online Application Updater
Deleted: Online Application v2
Deleted: Online Application Guardian
Deleted: Online Application v2 Guard
Deleted: Online Application Guard
Deleted: Traffic Exchange Guardian
Deleted: Traffic Exchange
Deleted: Online Application
Deleted: Updater_Online_Application
***** [ Registry ] *****
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ak.staticimgfarm.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\safefinder.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search.safefinder.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\staticimgfarm.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\testonlinespeed.dl.tb.ask.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\weatherblink.dl.tb.ask.com
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Deleted: [Key] - HKLM\SOFTWARE\mtUtatity
Deleted: [Key] - HKU\S-1-5-21-4060538960-4076228373-212456521-1000\Software\mtUtatity
Deleted: [Key] - HKCU\Software\mtUtatity
Deleted: [Key] - HKLM\SOFTWARE\Microleaves
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{263A5900-A5C1-4830-A777-3BB2E9040BD2}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{8AAA620C-DA95-4049-9529-1829997C56F0}
Deleted: [Key] - HKU\S-1-5-21-4060538960-4076228373-212456521-1000\Software\InstallCore
Deleted: [Key] - HKCU\Software\InstallCore
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SOFTWARE\Corteli
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Features\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Products\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Program Files (x86)\Microleaves\Online Application\
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Program Files (x86)\Microleaves\
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\
Deleted: [Key] - HKU\S-1-5-21-4060538960-4076228373-212456521-1000\Software\GenericTools
Deleted: [Key] - HKCU\Software\GenericTools
Deleted: [Key] - HKU\S-1-5-21-4060538960-4076228373-212456521-1000\Software\myprintscreen.com
Deleted: [Key] - HKCU\Software\myprintscreen.com
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
Plugin deleted: Chrome Cleaner Pro -
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [7421 B] - [2018/1/16 20:57:44]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
# Updated on 2017/21/12 by Malwarebytes
# Running on Windows 7 Home Premium (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
Deleted: Windows Node
***** [ Folders ] *****
Deleted: C:\Windows\System32\config\systemprofile\AppData\Local\AdvinstAnalytics
Deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\AdvinstAnalytics
Deleted: C:\Users\Default\AppData\Local\AdvinstAnalytics
Deleted: C:\Users\Default User\AppData\Local\AdvinstAnalytics
Deleted: C:\Windows\WinKit
Deleted: C:\Windows\WinKit
Deleted: C:\Program Files (x86)\WeatherChickn
Deleted: C:\ProgramData\Utatity
Deleted: C:\ProgramData\Application Data\Utatity
Deleted: C:\Users\All Users\Utatity
Deleted: C:\ProgramData\Utatitys
Deleted: C:\ProgramData\Application Data\Utatitys
Deleted: C:\Users\All Users\Utatitys
Deleted: C:\Microleaves
Deleted: C:\ProgramData\Microleaves
Deleted: C:\ProgramData\Application Data\Microleaves
Deleted: C:\Program Files (x86)\Microleaves
Deleted: C:\Users\All Users\Microleaves
Deleted: C:\Users\redouanne\AppData\Roaming\Microleaves
Deleted: C:\Program Files (x86)\ContentPush
Deleted: C:\Program Files (x86)\Corteli
Deleted: C:\Users\redouanne\AppData\Local\GenericTools
***** [ Files ] *****
Deleted: C:\Users\redouanne\AppData\Roaming\\agent.dat
Deleted: C:\Users\redouanne\AppData\Roaming\\InstallationConfiguration.xml
Deleted: C:\Users\redouanne\AppData\Roaming\\Installer.dat
Deleted: C:\Users\redouanne\AppData\Roaming\\noah.dat
Deleted: C:\Users\redouanne\AppData\Roaming\\Config.xml
Deleted: C:\Users\redouanne\AppData\Roaming\\md.xml
Deleted: C:\Windows\System32\findit.xml
Deleted: C:\Windows\SysWOW64\findit.xml
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted: Online Application V2G1
Deleted: Online Application V2G3
Deleted: Online Application V2G2
Deleted: Traffic Exchange Updater
Deleted: Traffic Exchange Guard
Deleted: Online Application v2 Guardian
Deleted: Online Application Updater
Deleted: Online Application v2
Deleted: Online Application Guardian
Deleted: Online Application v2 Guard
Deleted: Online Application Guard
Deleted: Traffic Exchange Guardian
Deleted: Traffic Exchange
Deleted: Online Application
Deleted: Updater_Online_Application
***** [ Registry ] *****
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ak.staticimgfarm.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\safefinder.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search.safefinder.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\staticimgfarm.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\testonlinespeed.dl.tb.ask.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\weatherblink.dl.tb.ask.com
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Deleted: [Key] - HKLM\SOFTWARE\mtUtatity
Deleted: [Key] - HKU\S-1-5-21-4060538960-4076228373-212456521-1000\Software\mtUtatity
Deleted: [Key] - HKCU\Software\mtUtatity
Deleted: [Key] - HKLM\SOFTWARE\Microleaves
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{263A5900-A5C1-4830-A777-3BB2E9040BD2}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{8AAA620C-DA95-4049-9529-1829997C56F0}
Deleted: [Key] - HKU\S-1-5-21-4060538960-4076228373-212456521-1000\Software\InstallCore
Deleted: [Key] - HKCU\Software\InstallCore
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SOFTWARE\Corteli
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Features\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Products\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Program Files (x86)\Microleaves\Online Application\
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Program Files (x86)\Microleaves\
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\
Deleted: [Key] - HKU\S-1-5-21-4060538960-4076228373-212456521-1000\Software\GenericTools
Deleted: [Key] - HKCU\Software\GenericTools
Deleted: [Key] - HKU\S-1-5-21-4060538960-4076228373-212456521-1000\Software\myprintscreen.com
Deleted: [Key] - HKCU\Software\myprintscreen.com
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
Plugin deleted: Chrome Cleaner Pro -
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [7421 B] - [2018/1/16 20:57:44]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########