Publicité
Publicité
Format du document : text/plain
Prévisualisation
# -------------------------------
# Malwarebytes AdwCleaner 7.2.5.0
# -------------------------------
# Build: 11-26-2018
# Database: 2018-12-17.4 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-18-2018
# Duration: 00:01:25
# OS: Windows 10 Enterprise
# Cleaned: 127
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Users\ASUS\AppData\Local\snare
Deleted C:\Users\ASUS\AppData\Local\CSHMDR
Deleted C:\Users\ASUS\AppData\Local\3DM
Deleted C:\Users\ASUS\AppData\Local\CWASRE
Deleted C:\Users\ASUS\AppData\Local\SNAREA
Deleted C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\amuleC
Deleted C:\Program Files (x86)\amulell
Deleted C:\Users\ASUS\AppData\Local\SNARER
Deleted C:\Users\ASUS\AppData\Roaming\SNARER
Deleted C:\Users\ASUS\AppData\Roaming\WinSnare
Deleted C:\Program Files\f09er35s
Deleted C:\Program Files (x86)\WinArcher
Deleted C:\Program Files (x86)\Terela
Deleted C:\Program Files (x86)\Default Company Name
Deleted C:\Users\ASUS\AppData\Roaming\Kyubey
Deleted C:\ProgramData\FileFinder
Deleted C:\Program Files (x86)\FileFinder
Deleted C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\FileFinder
Deleted C:\Program Files (x86)\Bookness
Deleted C:\Users\ASUS\AppData\Local\Bookness
Deleted C:\Program Files (x86)\WINSNARE(4.4.6)
Deleted C:\Program Files (x86)\WINSNARE(4.1.1)
Deleted C:\Program Files (x86)\WINSNARE(4.1.0)
Deleted C:\Program Files (x86)\WINSNARE(4.0.9)
Deleted C:\Program Files (x86)\WINSNARE(4.0.8)
Deleted C:\Program Files (x86)\BikaQRss
Deleted C:\Program Files (x86)\BikaQRssReader
Deleted C:\Users\ASUS\AppData\Roaming\DRPSu
Deleted C:\ProgramData\WinSAPSvc
Deleted C:\Users\ASUS\AppData\Roaming\WinSAPSvc
Deleted C:\ProgramData\FFinder LTD
Deleted C:\Program Files (x86)\AlphaGo
Deleted C:\Program Files (x86)\deskapp
Deleted C:\Program Files (x86)\amuleCexx
Deleted C:\Program Files (x86)\Gub
Deleted C:\Program Files (x86)\Gubed
Deleted C:\Users\ASUS\AppData\Roaming\aMule
Deleted C:\Program Files (x86)\reports
Deleted C:\Users\ASUS\AppData\Roaming\Firefox
Deleted C:\ProgramData\wintools
***** [ Files ] *****
Deleted C:\Users\ASUS\Desktop\FileFinder.lnk
Deleted C:\Program Files (x86)\settings.dat
Deleted C:\Users\Public\Documents\cfg.ini
Deleted C:\Users\Public\Documents\cc.ini
Deleted C:\Users\Public\Documents\temp.dat
Deleted C:\Users\Public\Documents\report.dat
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\Windows-PG
Deleted C:\Windows\System32\Tasks\BikaQ_FetchAndUpgrade_CanBeDel
Deleted C:\Windows\System32\Tasks\WinTOOL
***** [ Registry ] *****
Deleted HKCU\Software\deskapp
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{13D7C2E9-08E7-4889-94FF-87E707184E53}
Deleted HKLM\Software\Wow6432Node\{84416237-6490-494D-9AD6-4994DD978971}
Deleted HKCU\Software\WinSnare
Deleted HKLM\Software\Wow6432Node\WinArcher
Deleted HKU\S-1-5-18\Software\jhdbca
Deleted HKU\.DEFAULT\Software\jhdbca
Deleted HKLM\Software\Wow6432Node\jhdbca
Deleted HKLM\Software\jhdbca
Deleted HKLM\Software\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|ENABLESHELLEXECUTEHOOKS
Deleted HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|ENABLESHELLEXECUTEHOOKS
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BA2B96BF-4FAA-4F3C-B337-82F0AB9040E7}�
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BA2B96BF-4FAA-4F3C-B337-82F0AB9040E7}�
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Windows-PG
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\snare
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\CSHMDR
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\CWASRE
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\SNAREA
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\SNARER
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\WinSnare
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FileFinder
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{A90E9850-8EC2-4143-A709-71213BFE729B}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{B78D244D-9140-4116-980D-843D91167B5D}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{09F412AD-B2B2-4BBE-9E29-50EB5D369168}
Deleted HKCU\SOFTWARE\0260FC955F0104BF5C8DE44FE934A295
Deleted HKLM\Software\Wow6432Node\0260FC955F0104BF5C8DE44FE934A295
Deleted HKLM\SOFTWARE\0260FC955F0104BF5C8DE44FE934A295
Deleted HKLM\Software\Wow6432Node\amisitesSoftware
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{73493EDD-E1C7-4AAB-8B94-89673B434C62}�
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73493EDD-E1C7-4AAB-8B94-89673B434C62}�
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BikaQ_FetchAndUpgrade_CanBeDel
Deleted HKCU\Software\drpsu
Deleted HKLM\Software\Wow6432Node\drpsu
Deleted HKLM\Software\Wow6432Node\FFinder LTD
Deleted HKCU\Software\csastats
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{97D2FBF4-72CF-4DD6-8DA8-26710BC7BE71}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E1AF73C7-0C82-4D66-829E-16B29FBBF384}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2C652C0A-EC71-4797-8077-F67649177AB0}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{51639FCA-678F-4D71-8044-E16E3D49187F}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{118B6258-BF13-47C9-8D46-B2A349196B5D}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{78A2D999-4673-4FCC-818E-57B0AF8F3B70}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{56B2B28A-E663-4D28-84A3-3846068A7D63}
Deleted HKLM\Software\InterSect Alliance
Deleted HKLM\Software\Wow6432Node\amule-custom
Deleted HKCU\Software\ICSW1.23
Deleted HKLM\Software\Wow6432Node\trotuxSoftware
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{007B805B-64FF-4A13-9A34-F24C5FBA5CCE}�
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{007B805B-64FF-4A13-9A34-F24C5FBA5CCE}�
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Multimedia\Manager
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.amisites.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\amisites.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.amisites.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\amisites.com
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Deleted HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Default_Page_URL
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKLM\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKLM\Software\Microsoft\Internet Explorer\Main|Search Page
Deleted HKLM\Software\Microsoft\Internet Explorer\Main|Default_Search_URL
Deleted HKLM\Software\Microsoft\Internet Explorer\Main|Default_Page_URL
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKLM\Software\Wow6432Node\ScreenShot
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2906ABE2-B9AA-4C44-970D-E8D46EF40FF7}�
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2906ABE2-B9AA-4C44-970D-E8D46EF40FF7}�
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WinTOOL
***** [ Chromium (and derivatives) ] *****
Deleted Fast search
Deleted Fast search
Deleted Fast search
***** [ Chromium URLs ] *****
Deleted mystarting123
Deleted http://www.amisites.com/?type=hp&ts=1486116690&z=2b6ca1d2f842fed5ebce2d7g0zdb3qbg5g8qbq3beb&from=che0812&uid=TOSHIBAXMQ01ABD100_6648P2P7TXX6648P2P7T
Deleted http://www.amisites.com/?type=hp&ts=1486116690&z=2b6ca1d2f842fed5ebce2d7g0zdb3qbg5g8qbq3beb&from=che0812&uid=TOSHIBAXMQ01ABD100_6648P2P7TXX6648P2P7T
Deleted amisites
Deleted Ask
Deleted http://www.ourluckysites.com/?type=hp&ts=1492424243&z=e9a158aca1217439b90f4e4g8zat0oczaobz3o5z5c&from=che0812&uid=TOSHIBAXMQ01ABD100_6648P2P7TXX6648P2P7T
Deleted http://www.ourluckysites.com/?type=hp&ts=1492424243&z=e9a158aca1217439b90f4e4g8zat0oczaobz3o5z5c&from=che0812&uid=TOSHIBAXMQ01ABD100_6648P2P7TXX6648P2P7T
Deleted mystarting123
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [13156 octets] - [18/12/2018 16:20:35]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# Malwarebytes AdwCleaner 7.2.5.0
# -------------------------------
# Build: 11-26-2018
# Database: 2018-12-17.4 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-18-2018
# Duration: 00:01:25
# OS: Windows 10 Enterprise
# Cleaned: 127
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Users\ASUS\AppData\Local\snare
Deleted C:\Users\ASUS\AppData\Local\CSHMDR
Deleted C:\Users\ASUS\AppData\Local\3DM
Deleted C:\Users\ASUS\AppData\Local\CWASRE
Deleted C:\Users\ASUS\AppData\Local\SNAREA
Deleted C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\amuleC
Deleted C:\Program Files (x86)\amulell
Deleted C:\Users\ASUS\AppData\Local\SNARER
Deleted C:\Users\ASUS\AppData\Roaming\SNARER
Deleted C:\Users\ASUS\AppData\Roaming\WinSnare
Deleted C:\Program Files\f09er35s
Deleted C:\Program Files (x86)\WinArcher
Deleted C:\Program Files (x86)\Terela
Deleted C:\Program Files (x86)\Default Company Name
Deleted C:\Users\ASUS\AppData\Roaming\Kyubey
Deleted C:\ProgramData\FileFinder
Deleted C:\Program Files (x86)\FileFinder
Deleted C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\FileFinder
Deleted C:\Program Files (x86)\Bookness
Deleted C:\Users\ASUS\AppData\Local\Bookness
Deleted C:\Program Files (x86)\WINSNARE(4.4.6)
Deleted C:\Program Files (x86)\WINSNARE(4.1.1)
Deleted C:\Program Files (x86)\WINSNARE(4.1.0)
Deleted C:\Program Files (x86)\WINSNARE(4.0.9)
Deleted C:\Program Files (x86)\WINSNARE(4.0.8)
Deleted C:\Program Files (x86)\BikaQRss
Deleted C:\Program Files (x86)\BikaQRssReader
Deleted C:\Users\ASUS\AppData\Roaming\DRPSu
Deleted C:\ProgramData\WinSAPSvc
Deleted C:\Users\ASUS\AppData\Roaming\WinSAPSvc
Deleted C:\ProgramData\FFinder LTD
Deleted C:\Program Files (x86)\AlphaGo
Deleted C:\Program Files (x86)\deskapp
Deleted C:\Program Files (x86)\amuleCexx
Deleted C:\Program Files (x86)\Gub
Deleted C:\Program Files (x86)\Gubed
Deleted C:\Users\ASUS\AppData\Roaming\aMule
Deleted C:\Program Files (x86)\reports
Deleted C:\Users\ASUS\AppData\Roaming\Firefox
Deleted C:\ProgramData\wintools
***** [ Files ] *****
Deleted C:\Users\ASUS\Desktop\FileFinder.lnk
Deleted C:\Program Files (x86)\settings.dat
Deleted C:\Users\Public\Documents\cfg.ini
Deleted C:\Users\Public\Documents\cc.ini
Deleted C:\Users\Public\Documents\temp.dat
Deleted C:\Users\Public\Documents\report.dat
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\Windows-PG
Deleted C:\Windows\System32\Tasks\BikaQ_FetchAndUpgrade_CanBeDel
Deleted C:\Windows\System32\Tasks\WinTOOL
***** [ Registry ] *****
Deleted HKCU\Software\deskapp
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{13D7C2E9-08E7-4889-94FF-87E707184E53}
Deleted HKLM\Software\Wow6432Node\{84416237-6490-494D-9AD6-4994DD978971}
Deleted HKCU\Software\WinSnare
Deleted HKLM\Software\Wow6432Node\WinArcher
Deleted HKU\S-1-5-18\Software\jhdbca
Deleted HKU\.DEFAULT\Software\jhdbca
Deleted HKLM\Software\Wow6432Node\jhdbca
Deleted HKLM\Software\jhdbca
Deleted HKLM\Software\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|ENABLESHELLEXECUTEHOOKS
Deleted HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|ENABLESHELLEXECUTEHOOKS
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BA2B96BF-4FAA-4F3C-B337-82F0AB9040E7}�
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BA2B96BF-4FAA-4F3C-B337-82F0AB9040E7}�
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Windows-PG
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\snare
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\CSHMDR
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\CWASRE
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\SNAREA
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\SNARER
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\WinSnare
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FileFinder
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{A90E9850-8EC2-4143-A709-71213BFE729B}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{B78D244D-9140-4116-980D-843D91167B5D}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{09F412AD-B2B2-4BBE-9E29-50EB5D369168}
Deleted HKCU\SOFTWARE\0260FC955F0104BF5C8DE44FE934A295
Deleted HKLM\Software\Wow6432Node\0260FC955F0104BF5C8DE44FE934A295
Deleted HKLM\SOFTWARE\0260FC955F0104BF5C8DE44FE934A295
Deleted HKLM\Software\Wow6432Node\amisitesSoftware
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{73493EDD-E1C7-4AAB-8B94-89673B434C62}�
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73493EDD-E1C7-4AAB-8B94-89673B434C62}�
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BikaQ_FetchAndUpgrade_CanBeDel
Deleted HKCU\Software\drpsu
Deleted HKLM\Software\Wow6432Node\drpsu
Deleted HKLM\Software\Wow6432Node\FFinder LTD
Deleted HKCU\Software\csastats
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{97D2FBF4-72CF-4DD6-8DA8-26710BC7BE71}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E1AF73C7-0C82-4D66-829E-16B29FBBF384}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2C652C0A-EC71-4797-8077-F67649177AB0}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{51639FCA-678F-4D71-8044-E16E3D49187F}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{118B6258-BF13-47C9-8D46-B2A349196B5D}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{78A2D999-4673-4FCC-818E-57B0AF8F3B70}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{56B2B28A-E663-4D28-84A3-3846068A7D63}
Deleted HKLM\Software\InterSect Alliance
Deleted HKLM\Software\Wow6432Node\amule-custom
Deleted HKCU\Software\ICSW1.23
Deleted HKLM\Software\Wow6432Node\trotuxSoftware
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{007B805B-64FF-4A13-9A34-F24C5FBA5CCE}�
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{007B805B-64FF-4A13-9A34-F24C5FBA5CCE}�
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Multimedia\Manager
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.amisites.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\amisites.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.amisites.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\amisites.com
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Deleted HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Default_Page_URL
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKLM\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKLM\Software\Microsoft\Internet Explorer\Main|Search Page
Deleted HKLM\Software\Microsoft\Internet Explorer\Main|Default_Search_URL
Deleted HKLM\Software\Microsoft\Internet Explorer\Main|Default_Page_URL
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKLM\Software\Wow6432Node\ScreenShot
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2906ABE2-B9AA-4C44-970D-E8D46EF40FF7}�
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2906ABE2-B9AA-4C44-970D-E8D46EF40FF7}�
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WinTOOL
***** [ Chromium (and derivatives) ] *****
Deleted Fast search
Deleted Fast search
Deleted Fast search
***** [ Chromium URLs ] *****
Deleted mystarting123
Deleted http://www.amisites.com/?type=hp&ts=1486116690&z=2b6ca1d2f842fed5ebce2d7g0zdb3qbg5g8qbq3beb&from=che0812&uid=TOSHIBAXMQ01ABD100_6648P2P7TXX6648P2P7T
Deleted http://www.amisites.com/?type=hp&ts=1486116690&z=2b6ca1d2f842fed5ebce2d7g0zdb3qbg5g8qbq3beb&from=che0812&uid=TOSHIBAXMQ01ABD100_6648P2P7TXX6648P2P7T
Deleted amisites
Deleted Ask
Deleted http://www.ourluckysites.com/?type=hp&ts=1492424243&z=e9a158aca1217439b90f4e4g8zat0oczaobz3o5z5c&from=che0812&uid=TOSHIBAXMQ01ABD100_6648P2P7TXX6648P2P7T
Deleted http://www.ourluckysites.com/?type=hp&ts=1492424243&z=e9a158aca1217439b90f4e4g8zat0oczaobz3o5z5c&from=che0812&uid=TOSHIBAXMQ01ABD100_6648P2P7TXX6648P2P7T
Deleted mystarting123
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [13156 octets] - [18/12/2018 16:20:35]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########