Publicité
Publicité
Format du document : text/plain
Prévisualisation
# -------------------------------
# Malwarebytes AdwCleaner 8.0.3.0
# -------------------------------
# Build: 03-03-2020
# Database: 2020-03-02.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-11-2020
# Duration: 00:00:16
# OS: Windows 10 Home
# Cleaned: 56
# Failed: 1
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\ProgramData\Tencent
Deleted C:\Users\batcave2\AppData\Local\Tencent
Deleted C:\Users\batcave2\AppData\Roaming\Musixmatch
Deleted C:\Users\batcave2\AppData\Roaming\Tencent
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\s.thebrighttag.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\thebrighttag.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\timeshighereducation.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.timeshighereducation.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\s.thebrighttag.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\thebrighttag.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\timeshighereducation.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.timeshighereducation.com
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\csastats
Deleted HKLM\Software\Classes\METNSD
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.HPAudioSwitch Folder C:\Program Files (x86)\HP\HPAUDIOSWITCH
Deleted Preinstalled.HPAudioSwitch Folder C:\ProgramData\HP\HPAUDIOSWITCH
Deleted Preinstalled.HPAudioSwitch Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7EA76459-3A4F-4ADB-952F-7186F8581D7A}
Deleted Preinstalled.HPAudioSwitch Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPAudioSwitch
Deleted Preinstalled.HPAudioSwitch Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\HPAudioSwitch
Deleted Preinstalled.HPAudioSwitch Task C:\Windows\System32\Tasks\HPAUDIOSWITCH
Deleted Preinstalled.HPCoolSense Folder C:\Program Files (x86)\HP\HP COOLSENSE
Deleted Preinstalled.HPCoolSense Folder C:\Users\batcave2\AppData\Local\HEWLETT-PACKARD\HP COOLSENSE
Deleted Preinstalled.HPCoolSense Folder C:\Windows\System32\Tasks\HP\HP COOLSENSE
Deleted Preinstalled.HPCoolSense Registry HKLM\Software\Classes\CLSID\{224695A4-BD5E-4C38-B354-A4C828E61BF7}
Deleted Preinstalled.HPJumpStartBridge Folder C:\Program Files (x86)\HP\HP JUMPSTART BRIDGE
Deleted Preinstalled.HPJumpStartBridge Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96A5BFF3-81C2-48FE-A4C4-C76AF5FB7888}
Deleted Preinstalled.HPJumpStartBridge Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPJumpStartProvider
Deleted Preinstalled.HPJumpStartBridge Task C:\Windows\System32\Tasks\HPJUMPSTARTPROVIDER
Deleted Preinstalled.HPJumpStartLaunch Folder C:\Program Files (x86)\HP\HP JUMPSTART LAUNCH
Deleted Preinstalled.HPRegistrationService Folder C:\Program Files (x86)\HP\HP REGISTRATION SERVICE
Deleted Preinstalled.HPRegistrationService Folder C:\ProgramData\HP\HP REGISTRATION SERVICE
Deleted Preinstalled.HPRegistrationService Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D1E8F2D7-7794-4245-B286-87ED86C1893C}
Deleted Preinstalled.HPSupportAssistant Folder C:\HP\SUPPORT
Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP CUSTOMER FEEDBACK
Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\batcave2\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\batcave2\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Windows\System32\config\systemprofile\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{C0ABBA07-B636-47B8-B9E1-BB96D7CD4831}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{0A07AA35-BE9C-453F-A2F7-486E68B9DC69}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{52A6690A-A8F3-4EDC-8BA9-125FDD65337A}
Deleted Preinstalled.HPSureConnect Folder C:\Program Files (x86)\HP INC\HP SURE CONNECT
Deleted Preinstalled.HPSureConnect Folder C:\Program Files\HPCOMMRECOVERY
Deleted Preinstalled.HPSureConnect Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{6468C4A5-E47E-405F-B675-A70A70983EA6}
Not Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [8411 octets] - [11/03/2020 18:23:29]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# Malwarebytes AdwCleaner 8.0.3.0
# -------------------------------
# Build: 03-03-2020
# Database: 2020-03-02.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-11-2020
# Duration: 00:00:16
# OS: Windows 10 Home
# Cleaned: 56
# Failed: 1
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\ProgramData\Tencent
Deleted C:\Users\batcave2\AppData\Local\Tencent
Deleted C:\Users\batcave2\AppData\Roaming\Musixmatch
Deleted C:\Users\batcave2\AppData\Roaming\Tencent
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\s.thebrighttag.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\thebrighttag.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\timeshighereducation.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.timeshighereducation.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\s.thebrighttag.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\thebrighttag.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\timeshighereducation.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.timeshighereducation.com
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\csastats
Deleted HKLM\Software\Classes\METNSD
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.HPAudioSwitch Folder C:\Program Files (x86)\HP\HPAUDIOSWITCH
Deleted Preinstalled.HPAudioSwitch Folder C:\ProgramData\HP\HPAUDIOSWITCH
Deleted Preinstalled.HPAudioSwitch Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7EA76459-3A4F-4ADB-952F-7186F8581D7A}
Deleted Preinstalled.HPAudioSwitch Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPAudioSwitch
Deleted Preinstalled.HPAudioSwitch Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\HPAudioSwitch
Deleted Preinstalled.HPAudioSwitch Task C:\Windows\System32\Tasks\HPAUDIOSWITCH
Deleted Preinstalled.HPCoolSense Folder C:\Program Files (x86)\HP\HP COOLSENSE
Deleted Preinstalled.HPCoolSense Folder C:\Users\batcave2\AppData\Local\HEWLETT-PACKARD\HP COOLSENSE
Deleted Preinstalled.HPCoolSense Folder C:\Windows\System32\Tasks\HP\HP COOLSENSE
Deleted Preinstalled.HPCoolSense Registry HKLM\Software\Classes\CLSID\{224695A4-BD5E-4C38-B354-A4C828E61BF7}
Deleted Preinstalled.HPJumpStartBridge Folder C:\Program Files (x86)\HP\HP JUMPSTART BRIDGE
Deleted Preinstalled.HPJumpStartBridge Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96A5BFF3-81C2-48FE-A4C4-C76AF5FB7888}
Deleted Preinstalled.HPJumpStartBridge Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPJumpStartProvider
Deleted Preinstalled.HPJumpStartBridge Task C:\Windows\System32\Tasks\HPJUMPSTARTPROVIDER
Deleted Preinstalled.HPJumpStartLaunch Folder C:\Program Files (x86)\HP\HP JUMPSTART LAUNCH
Deleted Preinstalled.HPRegistrationService Folder C:\Program Files (x86)\HP\HP REGISTRATION SERVICE
Deleted Preinstalled.HPRegistrationService Folder C:\ProgramData\HP\HP REGISTRATION SERVICE
Deleted Preinstalled.HPRegistrationService Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D1E8F2D7-7794-4245-B286-87ED86C1893C}
Deleted Preinstalled.HPSupportAssistant Folder C:\HP\SUPPORT
Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP CUSTOMER FEEDBACK
Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\batcave2\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\batcave2\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Windows\System32\config\systemprofile\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{C0ABBA07-B636-47B8-B9E1-BB96D7CD4831}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{0A07AA35-BE9C-453F-A2F7-486E68B9DC69}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{52A6690A-A8F3-4EDC-8BA9-125FDD65337A}
Deleted Preinstalled.HPSureConnect Folder C:\Program Files (x86)\HP INC\HP SURE CONNECT
Deleted Preinstalled.HPSureConnect Folder C:\Program Files\HPCOMMRECOVERY
Deleted Preinstalled.HPSureConnect Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{6468C4A5-E47E-405F-B675-A70A70983EA6}
Not Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [8411 octets] - [11/03/2020 18:23:29]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########