Publicité
Publicité
Format du document : text/plain
Prévisualisation
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-03.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-08-2019
# Duration: 00:00:08
# OS: Windows 7 Ultimate
# Cleaned: 72
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\UNINSTALL NEXUS
Deleted C:\ProgramData\B0B9B602000053A8
Deleted C:\Users\Léo\AppData\Local\Temp\OpenCandy
Deleted C:\Users\Léo\AppData\Local\Temp\VideoConverter
Deleted C:\Users\Léo\AppData\Roaming\MailUpdate
Deleted C:\Users\Léo\AppData\Roaming\Microsoft\Windows\Start Menu\Desktop Search
Deleted C:\Users\Léo\AppData\Roaming\infoSiw
Deleted C:\Users\Léo\Documents\PCProtect
Deleted C:\Windows\rss
***** [ Files ] *****
Deleted C:\Users\Léo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk
Deleted C:\Users\Léo\Downloads\DriverToolkitInstaller.exe
Deleted C:\Users\Léo\Favorites\Mail.Ru.url
Deleted C:\Users\Léo\Favorites\?????? ? ?????????.url
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\APN
Deleted HKCU\Software\APN PIP
Deleted HKCU\Software\Google\Chrome\NativeMessagingHosts\ru.mail.go.ext_info_host
Deleted HKCU\Software\Kromtech
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\ru.mail.go.ext_info_host
Deleted HKCU\Software\SSProtect
Deleted HKCU\Software\Store
Deleted HKCU\Software\WTools
Deleted HKCU\Software\infoSiw
Deleted HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{1BFAD520-1BDF-4C33-B909-AB7CD4AF07AD}C:\users\léo\appdata\roaming\cacaoweb\cacaoweb.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{F502591F-8B3A-4F59-ABC2-DF51D8047CFC}C:\users\léo\appdata\roaming\cacaoweb\cacaoweb.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{2243478A-09D8-45AF-814F-E4A88C9B5136}C:\users\léo\appdata\roaming\cacaoweb\cacaoweb.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{904A81A8-4F56-4702-B422-42DD83087D33}C:\users\léo\appdata\roaming\cacaoweb\cacaoweb.exe
Deleted HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Deleted HKLM\Software\Classes\IESearchPlugin.MailRuBHO
Deleted HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Deleted HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Deleted HKLM\Software\Classes\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160
Deleted HKLM\Software\Classes\Installer\UpgradeCodes\F928123A039649549966d4C29D35B1C9
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966d4C29D35B1C9
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0DA5D75B5B33B4B83724742699814F
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AAC05EAA51DC78A41A1DCE3B31038584
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C506B89D971FBA3418F37674F3BC1244
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FEA78903E905F6C41BA2E3CC615507CA
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E8E877ED6825FF148AE54DA13648DD38
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\BubbleSound
Deleted HKLM\Software\WebBar
Deleted HKLM\Software\Wow6432Node\APN
Deleted HKLM\Software\Wow6432Node\AskToolbar
Deleted HKLM\Software\Wow6432Node\SpeedBit
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\GenericAskToolbar.DLL
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{8E8F97CD-60B5-456F-A201-73065652D099}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AE298D-7E8A-4F53-BE55-15D2B065F6C0}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E8F97CD-60B5-456F-A201-73065652D099}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|ApnUpdater
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
Deleted HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\shopperz
***** [ Chromium (and derivatives) ] *****
Deleted ???????? ???????? ? ????? ?? Mail.Ru
Deleted ?????
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [9311 octets] - [08/07/2019 11:47:38]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-03.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-08-2019
# Duration: 00:00:08
# OS: Windows 7 Ultimate
# Cleaned: 72
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\UNINSTALL NEXUS
Deleted C:\ProgramData\B0B9B602000053A8
Deleted C:\Users\Léo\AppData\Local\Temp\OpenCandy
Deleted C:\Users\Léo\AppData\Local\Temp\VideoConverter
Deleted C:\Users\Léo\AppData\Roaming\MailUpdate
Deleted C:\Users\Léo\AppData\Roaming\Microsoft\Windows\Start Menu\Desktop Search
Deleted C:\Users\Léo\AppData\Roaming\infoSiw
Deleted C:\Users\Léo\Documents\PCProtect
Deleted C:\Windows\rss
***** [ Files ] *****
Deleted C:\Users\Léo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk
Deleted C:\Users\Léo\Downloads\DriverToolkitInstaller.exe
Deleted C:\Users\Léo\Favorites\Mail.Ru.url
Deleted C:\Users\Léo\Favorites\?????? ? ?????????.url
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\APN
Deleted HKCU\Software\APN PIP
Deleted HKCU\Software\Google\Chrome\NativeMessagingHosts\ru.mail.go.ext_info_host
Deleted HKCU\Software\Kromtech
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\ru.mail.go.ext_info_host
Deleted HKCU\Software\SSProtect
Deleted HKCU\Software\Store
Deleted HKCU\Software\WTools
Deleted HKCU\Software\infoSiw
Deleted HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{1BFAD520-1BDF-4C33-B909-AB7CD4AF07AD}C:\users\léo\appdata\roaming\cacaoweb\cacaoweb.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{F502591F-8B3A-4F59-ABC2-DF51D8047CFC}C:\users\léo\appdata\roaming\cacaoweb\cacaoweb.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{2243478A-09D8-45AF-814F-E4A88C9B5136}C:\users\léo\appdata\roaming\cacaoweb\cacaoweb.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{904A81A8-4F56-4702-B422-42DD83087D33}C:\users\léo\appdata\roaming\cacaoweb\cacaoweb.exe
Deleted HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Deleted HKLM\Software\Classes\IESearchPlugin.MailRuBHO
Deleted HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Deleted HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Deleted HKLM\Software\Classes\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160
Deleted HKLM\Software\Classes\Installer\UpgradeCodes\F928123A039649549966d4C29D35B1C9
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966d4C29D35B1C9
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0DA5D75B5B33B4B83724742699814F
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AAC05EAA51DC78A41A1DCE3B31038584
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C506B89D971FBA3418F37674F3BC1244
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FEA78903E905F6C41BA2E3CC615507CA
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E8E877ED6825FF148AE54DA13648DD38
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\BubbleSound
Deleted HKLM\Software\WebBar
Deleted HKLM\Software\Wow6432Node\APN
Deleted HKLM\Software\Wow6432Node\AskToolbar
Deleted HKLM\Software\Wow6432Node\SpeedBit
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\GenericAskToolbar.DLL
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{8E8F97CD-60B5-456F-A201-73065652D099}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AE298D-7E8A-4F53-BE55-15D2B065F6C0}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E8F97CD-60B5-456F-A201-73065652D099}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|ApnUpdater
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
Deleted HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\shopperz
***** [ Chromium (and derivatives) ] *****
Deleted ???????? ???????? ? ????? ?? Mail.Ru
Deleted ?????
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [9311 octets] - [08/07/2019 11:47:38]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########