Publicité
Publicité
Format du document : text/plain
Prévisualisation
# AdwCleaner 7.0.6.0 - Logfile created on Tue Jan 09 09:28:24 2018
# Updated on 2017/21/12 by Malwarebytes
# Running on Windows 7 Ultimate (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
Deleted: BCUService
***** [ Folders ] *****
Deleted: C:\Users\joe\AppData\Roaming\cacaoweb
Deleted: C:\Program Files (x86)\DeviceVM
Deleted: C:\ProgramData\Logic Cramble
Deleted: C:\ProgramData\Application Data\Logic Cramble
Deleted: C:\Users\All Users\Logic Cramble
Deleted: C:\ProgramData\\tiser
Deleted: C:\Users\joe\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence
Deleted: C:\Program Files (x86)\FastDataX
Deleted: C:\Users\joe\AppData\Local\FastDataX
Deleted: C:\Users\joe\AppData\Local\Programs\SwytShopAlgoadChrome_Pkg3a
Deleted: C:\Users\joe\AppData\Roaming\RHEng
Deleted: C:\Program Files (x86)\ProxyGate
Deleted: C:\ProgramData\Quoteex
Deleted: C:\ProgramData\Application Data\Quoteex
Deleted: C:\Users\All Users\Quoteex
Deleted: C:\ProgramData\Microleaves
Deleted: C:\ProgramData\Application Data\Microleaves
Deleted: C:\Program Files (x86)\Microleaves
Deleted: C:\Users\All Users\Microleaves
Deleted: C:\ProgramData\Quoteexs
Deleted: C:\ProgramData\Application Data\Quoteexs
Deleted: C:\Users\All Users\Quoteexs
Deleted: C:\ProgramData\Quoteex
Deleted: C:\ProgramData\Application Data\Quoteex
Deleted: C:\Users\All Users\Quoteex
Deleted: C:\Program Files\1a718cae5c8caee452a06759d326af29
Deleted: C:\Program Files\33bddae401b030ee34a14e8281973faa
Deleted: C:\ProgramData\bece0272-2365-1
Deleted: C:\ProgramData\bece0272-2391-0
***** [ Files ] *****
Deleted: C:\Users\joe\AppData\Local\Main.dat
Deleted: C:\Users\joe\appdata\local\installationconfiguration.xml
Deleted: C:\Users\joe\AppData\Local\PO.DB
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted: PC-Mechanic Subscription
Deleted: PC-Mechanic Maintenance
***** [ Registry ] *****
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{6C05075E-BE2E-4AAE-988C-76F49E81D5C6}C:\users\joe\appdata\roaming\cacaoweb\cacaoweb.exe
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{B5ECFA01-842B-4B2B-82FB-F7DB71DEE89C}C:\users\joe\appdata\roaming\cacaoweb\cacaoweb.exe
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{0464482D-8734-44F3-97AE-DC97F547136E}C:\users\joe\appdata\roaming\cacaoweb\cacaoweb.exe
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{11D862EA-E557-4816-A0AD-18870F6C486C}C:\users\joe\appdata\roaming\cacaoweb\cacaoweb.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D793423B-FF18-4A54-B9C9-75B3396BAAC4}
Deleted: [Key] - HKU\S-1-5-21-172831021-3283507413-674538517-1000\Software\cacaoweb
Deleted: [Key] - HKCU\Software\cacaoweb
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{77AA6435-2488-4A94-9FE5-49519DD2ED9B}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|BCU
Deleted: [Value] - HKU\S-1-5-21-172831021-3283507413-674538517-1000\Software\Microsoft\Windows\CurrentVersion\Run|cacaoweb
Deleted: [Value] - HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cacaoweb
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence
***** [ Firefox (and derivatives) ] *****
Plugin deleted: cacaoweb - http://www.cacaoweb.org/
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [5100 B] - [2018/1/9 9:27:48]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
# Updated on 2017/21/12 by Malwarebytes
# Running on Windows 7 Ultimate (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
Deleted: BCUService
***** [ Folders ] *****
Deleted: C:\Users\joe\AppData\Roaming\cacaoweb
Deleted: C:\Program Files (x86)\DeviceVM
Deleted: C:\ProgramData\Logic Cramble
Deleted: C:\ProgramData\Application Data\Logic Cramble
Deleted: C:\Users\All Users\Logic Cramble
Deleted: C:\ProgramData\\tiser
Deleted: C:\Users\joe\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence
Deleted: C:\Program Files (x86)\FastDataX
Deleted: C:\Users\joe\AppData\Local\FastDataX
Deleted: C:\Users\joe\AppData\Local\Programs\SwytShopAlgoadChrome_Pkg3a
Deleted: C:\Users\joe\AppData\Roaming\RHEng
Deleted: C:\Program Files (x86)\ProxyGate
Deleted: C:\ProgramData\Quoteex
Deleted: C:\ProgramData\Application Data\Quoteex
Deleted: C:\Users\All Users\Quoteex
Deleted: C:\ProgramData\Microleaves
Deleted: C:\ProgramData\Application Data\Microleaves
Deleted: C:\Program Files (x86)\Microleaves
Deleted: C:\Users\All Users\Microleaves
Deleted: C:\ProgramData\Quoteexs
Deleted: C:\ProgramData\Application Data\Quoteexs
Deleted: C:\Users\All Users\Quoteexs
Deleted: C:\ProgramData\Quoteex
Deleted: C:\ProgramData\Application Data\Quoteex
Deleted: C:\Users\All Users\Quoteex
Deleted: C:\Program Files\1a718cae5c8caee452a06759d326af29
Deleted: C:\Program Files\33bddae401b030ee34a14e8281973faa
Deleted: C:\ProgramData\bece0272-2365-1
Deleted: C:\ProgramData\bece0272-2391-0
***** [ Files ] *****
Deleted: C:\Users\joe\AppData\Local\Main.dat
Deleted: C:\Users\joe\appdata\local\installationconfiguration.xml
Deleted: C:\Users\joe\AppData\Local\PO.DB
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted: PC-Mechanic Subscription
Deleted: PC-Mechanic Maintenance
***** [ Registry ] *****
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{6C05075E-BE2E-4AAE-988C-76F49E81D5C6}C:\users\joe\appdata\roaming\cacaoweb\cacaoweb.exe
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{B5ECFA01-842B-4B2B-82FB-F7DB71DEE89C}C:\users\joe\appdata\roaming\cacaoweb\cacaoweb.exe
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{0464482D-8734-44F3-97AE-DC97F547136E}C:\users\joe\appdata\roaming\cacaoweb\cacaoweb.exe
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{11D862EA-E557-4816-A0AD-18870F6C486C}C:\users\joe\appdata\roaming\cacaoweb\cacaoweb.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D793423B-FF18-4A54-B9C9-75B3396BAAC4}
Deleted: [Key] - HKU\S-1-5-21-172831021-3283507413-674538517-1000\Software\cacaoweb
Deleted: [Key] - HKCU\Software\cacaoweb
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{77AA6435-2488-4A94-9FE5-49519DD2ED9B}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|BCU
Deleted: [Value] - HKU\S-1-5-21-172831021-3283507413-674538517-1000\Software\Microsoft\Windows\CurrentVersion\Run|cacaoweb
Deleted: [Value] - HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cacaoweb
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence
***** [ Firefox (and derivatives) ] *****
Plugin deleted: cacaoweb - http://www.cacaoweb.org/
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [5100 B] - [2018/1/9 9:27:48]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########