Publicité
Publicité
Format du document : text/plain
Prévisualisation
# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-03-25.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-29-2019
# Duration: 00:00:13
# OS: Windows 10 Home
# Cleaned: 81
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Windows\ServiceProfiles\LocalService\AppData\Local\Host App Service
Deleted C:\Users\Public\App Explorer
Deleted C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Host App Service
Deleted C:\Users\Public\Pokki
Deleted C:\Users\amado\AppData\Local\Host App Service
Deleted C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com
***** [ Files ] *****
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk
Deleted C:\Windows\ServiceProfiles\LocalService\Desktop\App Explorer.lnk
Deleted C:\Windows\ServiceProfiles\NetworkService\Desktop\App Explorer.lnk
Deleted C:\Windows\System32\Tasks_Migrated\App Explorer
Deleted C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonAssistant.lnk
Deleted C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonAssistant.lnk
Deleted C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonAssistant (2).lnk
Deleted C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonAssistant (2).lnk
Deleted C:\Users\amado\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonAssistant.lnk
Deleted C:\Windows\ServiceProfiles\NetworkService\Favorites\Booking.com.url
Deleted C:\Windows\ServiceProfiles\LocalService\Favorites\Booking.com.url
Deleted C:\Users\amado\Favorites\Booking.com.url
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\App Explorer
***** [ Registry ] *****
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted HKCU\Software\Host App Service
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B21B283-16ED-4867-ABF7-15CAF389F57F}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer
Deleted HKCU\Software\Classes\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
Deleted HKU\S-1-5-18\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
Deleted HKCU\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
Deleted HKU\.DEFAULT\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
Deleted HKLM\Software\Wow6432Node\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F5415905096AA504A9FB967C7A138943
Deleted HKLM\Software\Wow6432Node\AppDataLow\Software\Amazon\AmazonAssistant
Deleted HKLM\Software\Wow6432Node\Classes\AppID\AmazonAppIE.dll
Deleted HKLM\SOFTWARE\Classes\AppID\AmazonAppIE.dll
Deleted HKLM\SYSTEM\Setup\FirstBoot\Services\Amazon Assistant Service
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}
Deleted HKLM\Software\Classes\Interface\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{BFF94CF8-2D3B-4B2F-BB83-3600280AFEBA}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}
Deleted HKLM\Software\Classes\Interface\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}
Deleted HKLM\Software\Wow6432Node\Classes\AppID\{F18AE3C4-D2AD-42AC-9282-509DCF035D06}
Deleted HKLM\Software\Classes\AppID\{F18AE3C4-D2AD-42AC-9282-509DCF035D06}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
Deleted HKLM\Software\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{ED721A76-8160-4DA0-A18E-7FD7C4574774}
Deleted HKLM\Software\Classes\TypeLib\{ED721A76-8160-4DA0-A18E-7FD7C4574774}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{DD67706E-819E-4EBD-BF8D-6D6147CC7A49}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{C97AF157-6A27-4F57-9D47-E2D3E4761B77}
Deleted HKLM\Software\Classes\Interface\{C97AF157-6A27-4F57-9D47-E2D3E4761B77}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{B1A429DB-FB06-4645-B7C0-0CC405EAD3CD}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{A4F6E1B3-469E-46EF-A936-FBA9D5EFD2B9}
Deleted HKLM\Software\Classes\Interface\{A4F6E1B3-469E-46EF-A936-FBA9D5EFD2B9}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{832599B2-55BF-4437-8F3E-030CF5AEB262}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{6EEBC7FF-67DA-4B90-9251-C2C5696E4B48}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{5180FE16-2E09-497B-9C8B-5A6F029ECECB}
Deleted HKLM\Software\Classes\Interface\{5180FE16-2E09-497B-9C8B-5A6F029ECECB}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{46803190-228D-470E-90FE-F5E0CEA9C4F2}
Deleted HKLM\Software\Classes\Interface\{46803190-228D-470E-90FE-F5E0CEA9C4F2}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{3E28F712-0D6C-4EE3-AC8C-8F060F5D7C33}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{2C4B6DB8-6413-403B-A038-16A352CFE8B9}
Deleted HKLM\Software\Classes\Interface\{2C4B6DB8-6413-403B-A038-16A352CFE8B9}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{23C5311E-016D-4999-BCB1-499898429D6C}
Deleted HKLM\Software\Classes\Interface\{23C5311E-016D-4999-BCB1-499898429D6C}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{22511E2E-7970-414E-BC7C-28D16C4AF54D}
Deleted HKLM\Software\Classes\Interface\{22511E2E-7970-414E-BC7C-28D16C4AF54D}
Deleted HKLM\Software\Wow6432Node\Classes\AppID\{9DC8FA51-B596-4F77-802C-5B295919C205}
Deleted HKLM\Software\Classes\AppID\{9DC8FA51-B596-4F77-802C-5B295919C205}
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\titan.service.amazonbrowserapp.co.uk
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\amazonbrowserapp.co.uk
Deleted HKCU\Software\SSProtect
Deleted HKLM\SOFTWARE\Mozilla\NativeMessagingHosts\com.totalav.passwordvaultassistant
Deleted HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.totalav.passwordvaultassistant
***** [ Chromium (and derivatives) ] *****
Deleted Amazon Assistant for Chrome
Deleted Avira SafeSearch Plus
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
Deleted Amazon Assistant for Firefox
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [9869 octets] - [29/03/2019 19:37:09]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-03-25.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-29-2019
# Duration: 00:00:13
# OS: Windows 10 Home
# Cleaned: 81
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Windows\ServiceProfiles\LocalService\AppData\Local\Host App Service
Deleted C:\Users\Public\App Explorer
Deleted C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Host App Service
Deleted C:\Users\Public\Pokki
Deleted C:\Users\amado\AppData\Local\Host App Service
Deleted C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com
***** [ Files ] *****
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk
Deleted C:\Windows\ServiceProfiles\LocalService\Desktop\App Explorer.lnk
Deleted C:\Windows\ServiceProfiles\NetworkService\Desktop\App Explorer.lnk
Deleted C:\Windows\System32\Tasks_Migrated\App Explorer
Deleted C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonAssistant.lnk
Deleted C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonAssistant.lnk
Deleted C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonAssistant (2).lnk
Deleted C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonAssistant (2).lnk
Deleted C:\Users\amado\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonAssistant.lnk
Deleted C:\Windows\ServiceProfiles\NetworkService\Favorites\Booking.com.url
Deleted C:\Windows\ServiceProfiles\LocalService\Favorites\Booking.com.url
Deleted C:\Users\amado\Favorites\Booking.com.url
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\App Explorer
***** [ Registry ] *****
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted HKCU\Software\Host App Service
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B21B283-16ED-4867-ABF7-15CAF389F57F}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer
Deleted HKCU\Software\Classes\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
Deleted HKU\S-1-5-18\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
Deleted HKCU\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
Deleted HKU\.DEFAULT\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
Deleted HKLM\Software\Wow6432Node\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F5415905096AA504A9FB967C7A138943
Deleted HKLM\Software\Wow6432Node\AppDataLow\Software\Amazon\AmazonAssistant
Deleted HKLM\Software\Wow6432Node\Classes\AppID\AmazonAppIE.dll
Deleted HKLM\SOFTWARE\Classes\AppID\AmazonAppIE.dll
Deleted HKLM\SYSTEM\Setup\FirstBoot\Services\Amazon Assistant Service
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}
Deleted HKLM\Software\Classes\Interface\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{BFF94CF8-2D3B-4B2F-BB83-3600280AFEBA}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}
Deleted HKLM\Software\Classes\Interface\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}
Deleted HKLM\Software\Wow6432Node\Classes\AppID\{F18AE3C4-D2AD-42AC-9282-509DCF035D06}
Deleted HKLM\Software\Classes\AppID\{F18AE3C4-D2AD-42AC-9282-509DCF035D06}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
Deleted HKLM\Software\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{ED721A76-8160-4DA0-A18E-7FD7C4574774}
Deleted HKLM\Software\Classes\TypeLib\{ED721A76-8160-4DA0-A18E-7FD7C4574774}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{DD67706E-819E-4EBD-BF8D-6D6147CC7A49}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{C97AF157-6A27-4F57-9D47-E2D3E4761B77}
Deleted HKLM\Software\Classes\Interface\{C97AF157-6A27-4F57-9D47-E2D3E4761B77}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{B1A429DB-FB06-4645-B7C0-0CC405EAD3CD}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{A4F6E1B3-469E-46EF-A936-FBA9D5EFD2B9}
Deleted HKLM\Software\Classes\Interface\{A4F6E1B3-469E-46EF-A936-FBA9D5EFD2B9}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{832599B2-55BF-4437-8F3E-030CF5AEB262}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{6EEBC7FF-67DA-4B90-9251-C2C5696E4B48}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{5180FE16-2E09-497B-9C8B-5A6F029ECECB}
Deleted HKLM\Software\Classes\Interface\{5180FE16-2E09-497B-9C8B-5A6F029ECECB}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{46803190-228D-470E-90FE-F5E0CEA9C4F2}
Deleted HKLM\Software\Classes\Interface\{46803190-228D-470E-90FE-F5E0CEA9C4F2}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{3E28F712-0D6C-4EE3-AC8C-8F060F5D7C33}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{2C4B6DB8-6413-403B-A038-16A352CFE8B9}
Deleted HKLM\Software\Classes\Interface\{2C4B6DB8-6413-403B-A038-16A352CFE8B9}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{23C5311E-016D-4999-BCB1-499898429D6C}
Deleted HKLM\Software\Classes\Interface\{23C5311E-016D-4999-BCB1-499898429D6C}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{22511E2E-7970-414E-BC7C-28D16C4AF54D}
Deleted HKLM\Software\Classes\Interface\{22511E2E-7970-414E-BC7C-28D16C4AF54D}
Deleted HKLM\Software\Wow6432Node\Classes\AppID\{9DC8FA51-B596-4F77-802C-5B295919C205}
Deleted HKLM\Software\Classes\AppID\{9DC8FA51-B596-4F77-802C-5B295919C205}
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\titan.service.amazonbrowserapp.co.uk
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\amazonbrowserapp.co.uk
Deleted HKCU\Software\SSProtect
Deleted HKLM\SOFTWARE\Mozilla\NativeMessagingHosts\com.totalav.passwordvaultassistant
Deleted HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.totalav.passwordvaultassistant
***** [ Chromium (and derivatives) ] *****
Deleted Amazon Assistant for Chrome
Deleted Avira SafeSearch Plus
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
Deleted Amazon Assistant for Firefox
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [9869 octets] - [29/03/2019 19:37:09]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########