Publicité
Publicité
Format du document : text/plain
Prévisualisation
# AdwCleaner 7.0.8.0 - Logfile created on Mon Apr 02 18:53:04 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 10 Home Pro (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
Deleted: HNService
***** [ Folders ] *****
Deleted: C:\Users\Kelai\AppData\Roaming\vShare
Deleted: C:\Users\Kelai\Documents\vShare
Deleted: C:\Users\Kelai\AppData\Local\Поиcк в Интeрнете
Deleted: C:\Users\Kelai\AppData\Local\Вoйти в Интeрнет
Deleted: C:\Users\Kelai\AppData\Local\Kometa
Deleted: C:\Users\Kelai\AppData\Roaming\OneSystemCare
Deleted: C:\Users\Kelai\AppData\Local\AdService
Deleted: C:\ProgramData\Mail.Ru
Deleted: C:\ProgramData\Application Data\Mail.Ru
Deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Mail.Ru
Deleted: C:\Program Files (x86)\Mail.Ru
Deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Mail.Ru
Deleted: C:\Users\All Users\Mail.Ru
Deleted: C:\Users\Kelai\AppData\Local\Mail.Ru
Deleted: C:\Users\Kelai\AppData\Roaming\\wget
Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted: C:\Program Files (x86)\nzctHtEYomUn
Deleted: C:\Program Files (x86)\dmpYwNbvAIE
Deleted: C:\Program Files (x86)\xgpUQycTQqVU2
Deleted: C:\Program Files (x86)\fBAefcjbU
Deleted: C:\Program Files (x86)\LhRqTWvAWAkNC
Deleted: C:\Program Files (x86)\HroDwsJolcQKhkTVgGR
Deleted: C:\Users\Kelai\AppData\Local\Kometa
Deleted: C:\ProgramData\\{0897014C-63E3-47DF-8A5F-4399CC5D61B9}
Deleted: C:\ProgramData\ee07e098-1cb5-1
Deleted: C:\ProgramData\ee07e098-5091-0
***** [ Files ] *****
Deleted: C:\END
Deleted: C:\Users\Kelai\Favorites\Mail.Ru.url
Deleted: C:\Users\Kelai\Favorites\Mail.Ru Агент - используй для общения!.url
Deleted: C:\Users\Kelai\AppData\Roaming\Mozilla\Firefox\Profiles\3tspysz3.default-1504974185514\searchplugins\bing-lavasoft.xml
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted: wget
Deleted: wgets
Deleted: PpWUtqNAktYcHMPNs2
Deleted: XblfzlrMwbeaKro2
Deleted: hesymncsXSHUyo
Deleted: OXEQaMeQLrItgErZxsR2
***** [ Registry ] *****
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\auto.mail.ru
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\deti.mail.ru
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\health.mail.ru
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\hi-tech.mail.ru
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\kino.mail.ru
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\lady.mail.ru
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\love.mail.ru
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\mail.ru
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\my.mail.ru
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\news.mail.ru
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\news.rambler.ru
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\otvet.mail.ru
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\rambler.ru
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.rambler.ru
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|Start Page [http:\\granena.ru\?utm_content=31b5cebd524a9af6c7a772dca81815e9&utm_source=startpm&utm_term=4fd981659cc4e14c18347441218f9569&utm_d=20180325]
Deleted: [Key] - HKU\S-1-5-21-4166688732-445737204-4036045611-1000\Software\Microsoft\Gosearchq
Deleted: [Key] - HKCU\Software\Microsoft\Gosearchq
Deleted: [Key] - HKU\S-1-5-21-4166688732-445737204-4036045611-1000\Software\Microsoft\Gosearch
Deleted: [Key] - HKCU\Software\Microsoft\Gosearch
Deleted: [Key] - HKLM\SOFTWARE\Lavasoft\Web Companion
Deleted: [Key] - HKU\S-1-5-21-4166688732-445737204-4036045611-1000\Software\Lavasoft\Web Companion
Deleted: [Key] - HKCU\Software\Lavasoft\Web Companion
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{8E8F97CD-60B5-456F-A201-73065652D099}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E8F97CD-60B5-456F-A201-73065652D099}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AE298D-7E8A-4F53-BE55-15D2B065F6C0}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted: [Key] - HKU\S-1-5-21-4166688732-445737204-4036045611-1000\Software\NetBox
Deleted: [Key] - HKCU\Software\NetBox
Deleted: [Key] - HKU\S-1-5-21-4166688732-445737204-4036045611-1000\Software\Microsoft\KometaInstaller
Deleted: [Key] - HKCU\Software\Microsoft\KometaInstaller
Deleted: [Key] - HKU\.DEFAULT\Software\ByteFence
Deleted: [Key] - HKU\S-1-5-18\Software\ByteFence
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|ByteFence.exe
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence
Deleted: [Key] - HKU\S-1-5-21-4166688732-445737204-4036045611-1000\Software\One System Care
Deleted: [Key] - HKCU\Software\One System Care
Deleted: [Key] - HKLM\SOFTWARE\Mail.Ru
Deleted: [Key] - HKU\S-1-5-21-4166688732-445737204-4036045611-1000\Software\Mail.Ru
Deleted: [Key] - HKU\S-1-5-21-4166688732-445737204-4036045611-1000\Software\AppDataLow\Software\Mail.Ru
Deleted: [Key] - HKCU\Software\Mail.Ru
Deleted: [Key] - HKCU\Software\AppDataLow\Software\Mail.Ru
Deleted: [Key] - HKCU\Software\Google\Chrome\NativeMessagingHosts\ru.mail.go.ext_info_host
Deleted: [Key] - HKCU\Software\Mozilla\NativeMessagingHosts\ru.mail.go.ext_info_host
Deleted: [Key] - HKLM\SOFTWARE\Classes\Applications\DriverDocSetup.exe
Deleted: [Value] - HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store|C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanionInstaller.exe
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{C0D38E5A-7CF8-4105-8FE8-31B81443A114}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C0D38E5A-7CF8-4105-8FE8-31B81443A114}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C0D38E5A-7CF8-4105-8FE8-31B81443A114}
Deleted: [Key] - HKU\S-1-5-21-4166688732-445737204-4036045611-1000\Software\MICROSOFT\KometaInstaller
Deleted: [Key] - HKCU\Software\MICROSOFT\KometaInstaller
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
Deleted: [Key] - HKU\S-1-5-21-4166688732-445737204-4036045611-1000\Software\csastats
Deleted: [Key] - HKCU\Software\csastats
Deleted: [Key] - HKU\S-1-5-21-4166688732-445737204-4036045611-1000\Software\SetupCompany
Deleted: [Key] - HKCU\Software\SetupCompany
***** [ Firefox (and derivatives) ] *****
Plugin deleted: Домашняя страница Mail.Ru -
Plugin deleted: Поиск Mail.Ru -
Plugin deleted: __MSG_extName__ -
Plugin deleted: __MSG_extName__ -
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [8670 B] - [2018/4/2 18:51:22]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 10 Home Pro (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
Deleted: HNService
***** [ Folders ] *****
Deleted: C:\Users\Kelai\AppData\Roaming\vShare
Deleted: C:\Users\Kelai\Documents\vShare
Deleted: C:\Users\Kelai\AppData\Local\Поиcк в Интeрнете
Deleted: C:\Users\Kelai\AppData\Local\Вoйти в Интeрнет
Deleted: C:\Users\Kelai\AppData\Local\Kometa
Deleted: C:\Users\Kelai\AppData\Roaming\OneSystemCare
Deleted: C:\Users\Kelai\AppData\Local\AdService
Deleted: C:\ProgramData\Mail.Ru
Deleted: C:\ProgramData\Application Data\Mail.Ru
Deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Mail.Ru
Deleted: C:\Program Files (x86)\Mail.Ru
Deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Mail.Ru
Deleted: C:\Users\All Users\Mail.Ru
Deleted: C:\Users\Kelai\AppData\Local\Mail.Ru
Deleted: C:\Users\Kelai\AppData\Roaming\\wget
Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted: C:\Program Files (x86)\nzctHtEYomUn
Deleted: C:\Program Files (x86)\dmpYwNbvAIE
Deleted: C:\Program Files (x86)\xgpUQycTQqVU2
Deleted: C:\Program Files (x86)\fBAefcjbU
Deleted: C:\Program Files (x86)\LhRqTWvAWAkNC
Deleted: C:\Program Files (x86)\HroDwsJolcQKhkTVgGR
Deleted: C:\Users\Kelai\AppData\Local\Kometa
Deleted: C:\ProgramData\\{0897014C-63E3-47DF-8A5F-4399CC5D61B9}
Deleted: C:\ProgramData\ee07e098-1cb5-1
Deleted: C:\ProgramData\ee07e098-5091-0
***** [ Files ] *****
Deleted: C:\END
Deleted: C:\Users\Kelai\Favorites\Mail.Ru.url
Deleted: C:\Users\Kelai\Favorites\Mail.Ru Агент - используй для общения!.url
Deleted: C:\Users\Kelai\AppData\Roaming\Mozilla\Firefox\Profiles\3tspysz3.default-1504974185514\searchplugins\bing-lavasoft.xml
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted: wget
Deleted: wgets
Deleted: PpWUtqNAktYcHMPNs2
Deleted: XblfzlrMwbeaKro2
Deleted: hesymncsXSHUyo
Deleted: OXEQaMeQLrItgErZxsR2
***** [ Registry ] *****
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\auto.mail.ru
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\deti.mail.ru
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\health.mail.ru
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\hi-tech.mail.ru
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\kino.mail.ru
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\lady.mail.ru
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\love.mail.ru
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\mail.ru
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\my.mail.ru
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\news.mail.ru
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\news.rambler.ru
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\otvet.mail.ru
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\rambler.ru
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.rambler.ru
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|Start Page [http:\\granena.ru\?utm_content=31b5cebd524a9af6c7a772dca81815e9&utm_source=startpm&utm_term=4fd981659cc4e14c18347441218f9569&utm_d=20180325]
Deleted: [Key] - HKU\S-1-5-21-4166688732-445737204-4036045611-1000\Software\Microsoft\Gosearchq
Deleted: [Key] - HKCU\Software\Microsoft\Gosearchq
Deleted: [Key] - HKU\S-1-5-21-4166688732-445737204-4036045611-1000\Software\Microsoft\Gosearch
Deleted: [Key] - HKCU\Software\Microsoft\Gosearch
Deleted: [Key] - HKLM\SOFTWARE\Lavasoft\Web Companion
Deleted: [Key] - HKU\S-1-5-21-4166688732-445737204-4036045611-1000\Software\Lavasoft\Web Companion
Deleted: [Key] - HKCU\Software\Lavasoft\Web Companion
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{8E8F97CD-60B5-456F-A201-73065652D099}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E8F97CD-60B5-456F-A201-73065652D099}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AE298D-7E8A-4F53-BE55-15D2B065F6C0}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted: [Key] - HKU\S-1-5-21-4166688732-445737204-4036045611-1000\Software\NetBox
Deleted: [Key] - HKCU\Software\NetBox
Deleted: [Key] - HKU\S-1-5-21-4166688732-445737204-4036045611-1000\Software\Microsoft\KometaInstaller
Deleted: [Key] - HKCU\Software\Microsoft\KometaInstaller
Deleted: [Key] - HKU\.DEFAULT\Software\ByteFence
Deleted: [Key] - HKU\S-1-5-18\Software\ByteFence
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|ByteFence.exe
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence
Deleted: [Key] - HKU\S-1-5-21-4166688732-445737204-4036045611-1000\Software\One System Care
Deleted: [Key] - HKCU\Software\One System Care
Deleted: [Key] - HKLM\SOFTWARE\Mail.Ru
Deleted: [Key] - HKU\S-1-5-21-4166688732-445737204-4036045611-1000\Software\Mail.Ru
Deleted: [Key] - HKU\S-1-5-21-4166688732-445737204-4036045611-1000\Software\AppDataLow\Software\Mail.Ru
Deleted: [Key] - HKCU\Software\Mail.Ru
Deleted: [Key] - HKCU\Software\AppDataLow\Software\Mail.Ru
Deleted: [Key] - HKCU\Software\Google\Chrome\NativeMessagingHosts\ru.mail.go.ext_info_host
Deleted: [Key] - HKCU\Software\Mozilla\NativeMessagingHosts\ru.mail.go.ext_info_host
Deleted: [Key] - HKLM\SOFTWARE\Classes\Applications\DriverDocSetup.exe
Deleted: [Value] - HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store|C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanionInstaller.exe
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{C0D38E5A-7CF8-4105-8FE8-31B81443A114}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C0D38E5A-7CF8-4105-8FE8-31B81443A114}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C0D38E5A-7CF8-4105-8FE8-31B81443A114}
Deleted: [Key] - HKU\S-1-5-21-4166688732-445737204-4036045611-1000\Software\MICROSOFT\KometaInstaller
Deleted: [Key] - HKCU\Software\MICROSOFT\KometaInstaller
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
Deleted: [Key] - HKU\S-1-5-21-4166688732-445737204-4036045611-1000\Software\csastats
Deleted: [Key] - HKCU\Software\csastats
Deleted: [Key] - HKU\S-1-5-21-4166688732-445737204-4036045611-1000\Software\SetupCompany
Deleted: [Key] - HKCU\Software\SetupCompany
***** [ Firefox (and derivatives) ] *****
Plugin deleted: Домашняя страница Mail.Ru -
Plugin deleted: Поиск Mail.Ru -
Plugin deleted: __MSG_extName__ -
Plugin deleted: __MSG_extName__ -
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [8670 B] - [2018/4/2 18:51:22]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########