Publicité
Publicité
Format du document : text/plain
Prévisualisation
# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-11-14.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-16-2018
# Duration: 00:00:03
# OS: Windows 10 Pro
# Cleaned: 41
# Failed: 1
***** [ Services ] *****
Deleted RunBooster
***** [ Folders ] *****
Deleted C:\Windows\System32\config\systemprofile\AppData\Roaming\CRMSvc
***** [ Files ] *****
Deleted C:\Users\lenovo\appdata\local\installationconfiguration.xml
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D105DFE2-8DF6-4BA0-ABF1-392716658963}
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\CRMSvc
Deleted HKLM\Software\MICROSOFT\TechnologyDesktopnew
Deleted HKLM\SOFTWARE\MICROSOFT\Speedycar
Deleted HKLM\Software\Wow6432Node\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Quoteex.exe
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs - "_C:\PROGRA~3\Quoteex\Dentoin.dll"
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1655C0CA-7AE7-4012-8502-970C8675E5F8
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|SharePal
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|SharePal Updater
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ShutdownTime
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run|ShutdownTime
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7f6e4c9b}
Deleted HKCU\Software\Microsoft\BigTime
Deleted HKLM\Software\Microsoft\DMunversion
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{bd549572-8286-4893-b71f-c9f280cd1037}|DhcpNameServer - "82.163.142.9"
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{775188a2-ab5e-4fdc-946c-d2a5485332ee}|DhcpNameServer - "82.163.142.9"
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{659a795b-4242-4c06-af22-043f48ea46aa}|DhcpNameServer - "82.163.142.9"
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters|NameServer - "82.163.142.9"
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{bd549572-8286-4893-b71f-c9f280cd1037}|NameServer - "82.163.142.9,95.211.158.137"
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{775188a2-ab5e-4fdc-946c-d2a5485332ee}|NameServer - "82.163.142.9,95.211.158.137"
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{659a795b-4242-4c06-af22-043f48ea46aa}|NameServer - "82.163.142.9,95.211.158.137"
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{54d06c90-063a-49b6-9119-5d5448328c07}|NameServer - "82.163.142.9,95.211.158.137"
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{425fe0f0-4606-4f80-8cd7-2ee396b16397}|NameServer - "82.163.142.9,95.211.158.137"
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters|NameServer - "95.211.158.137"
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main|Start Page
Deleted HKLM\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes|DefaultScope
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\ielnksrch
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0CE02FFA-A6B0-46F6-BA2F-BD32C3630126}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Quoteex.exe
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Quoteex.exe
Deleted HKU\S-1-5-18\Environment|SNP
Deleted HKU\.DEFAULT\Environment|SNP
Deleted HKCU\Software\MICROSOFT\wewewe
***** [ Chromium (and derivatives) ] *****
Deleted Tab Hibernation
Deleted plimopelmdneikoknbgpopffpbmlhgpa
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
Not Deleted suggestqueries.google.com
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [5819 octets] - [16/11/2018 14:11:53]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-11-14.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-16-2018
# Duration: 00:00:03
# OS: Windows 10 Pro
# Cleaned: 41
# Failed: 1
***** [ Services ] *****
Deleted RunBooster
***** [ Folders ] *****
Deleted C:\Windows\System32\config\systemprofile\AppData\Roaming\CRMSvc
***** [ Files ] *****
Deleted C:\Users\lenovo\appdata\local\installationconfiguration.xml
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D105DFE2-8DF6-4BA0-ABF1-392716658963}
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\CRMSvc
Deleted HKLM\Software\MICROSOFT\TechnologyDesktopnew
Deleted HKLM\SOFTWARE\MICROSOFT\Speedycar
Deleted HKLM\Software\Wow6432Node\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Quoteex.exe
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs - "_C:\PROGRA~3\Quoteex\Dentoin.dll"
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1655C0CA-7AE7-4012-8502-970C8675E5F8
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|SharePal
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|SharePal Updater
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ShutdownTime
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run|ShutdownTime
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7f6e4c9b}
Deleted HKCU\Software\Microsoft\BigTime
Deleted HKLM\Software\Microsoft\DMunversion
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{bd549572-8286-4893-b71f-c9f280cd1037}|DhcpNameServer - "82.163.142.9"
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{775188a2-ab5e-4fdc-946c-d2a5485332ee}|DhcpNameServer - "82.163.142.9"
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{659a795b-4242-4c06-af22-043f48ea46aa}|DhcpNameServer - "82.163.142.9"
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters|NameServer - "82.163.142.9"
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{bd549572-8286-4893-b71f-c9f280cd1037}|NameServer - "82.163.142.9,95.211.158.137"
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{775188a2-ab5e-4fdc-946c-d2a5485332ee}|NameServer - "82.163.142.9,95.211.158.137"
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{659a795b-4242-4c06-af22-043f48ea46aa}|NameServer - "82.163.142.9,95.211.158.137"
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{54d06c90-063a-49b6-9119-5d5448328c07}|NameServer - "82.163.142.9,95.211.158.137"
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{425fe0f0-4606-4f80-8cd7-2ee396b16397}|NameServer - "82.163.142.9,95.211.158.137"
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters|NameServer - "95.211.158.137"
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main|Start Page
Deleted HKLM\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes|DefaultScope
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\ielnksrch
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0CE02FFA-A6B0-46F6-BA2F-BD32C3630126}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Quoteex.exe
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Quoteex.exe
Deleted HKU\S-1-5-18\Environment|SNP
Deleted HKU\.DEFAULT\Environment|SNP
Deleted HKCU\Software\MICROSOFT\wewewe
***** [ Chromium (and derivatives) ] *****
Deleted Tab Hibernation
Deleted plimopelmdneikoknbgpopffpbmlhgpa
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
Not Deleted suggestqueries.google.com
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [5819 octets] - [16/11/2018 14:11:53]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########