# ------------------------------- # Malwarebytes AdwCleaner 7.2.5.0 # ------------------------------- # Build: 11-26-2018 # Database: 2018-11-30.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 12-03-2018 # Duration: 00:02:19 # OS: Windows 7 Home Basic # Cleaned: 64 # Failed: 2 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** Deleted C:\Users\иар\AppData\Roaming\SPI Deleted C:\Users\иар\AppData\Local\Amigo Deleted C:\ProgramData\Auslogics\BoostSpeed Deleted C:\Users\иар\AppData\Roaming\Auslogics\BoostSpeed Deleted C:\Users\иар\AppData\Roaming\DRPSu Deleted C:\Program Files (x86)\DriverPack Notifier Deleted C:\Users\иар\AppData\Roaming\DriverPack Notifier Deleted C:\Program Files (x86)\FileViewPro Deleted C:\Users\иар\AppData\Local\FileViewPro Deleted C:\Users\иар\AppData\Local\Nichrome Deleted C:\Users\иар\AppData\Local\Xpom Deleted C:\ProgramData\Rising Deleted C:\Program Files (x86)\Rising Deleted C:\Users\иар\AppData\Roaming\DriverCure Deleted C:\Users\иар\AppData\Roaming\browsers Deleted C:\ProgramData\Guard.Mail.ru Deleted C:\Users\иар\AppData\Local\Mail.Ru Deleted C:\Users\иар\AppData\Local\MailRu Deleted C:\ProgramData\PARETOLOGIC Deleted C:\Users\иар\AppData\Roaming\PARETOLOGIC Deleted C:\Windows\Installer\{773A8CA8-3876-4AA1-AB78-EECA231BFF3A} ***** [ Files ] ***** Deleted C:\Users\иар\AppData\Roaming\Mozilla\Firefox\Profiles\35xjub17.default\searchplugins\bingp.xml Deleted C:\Users\иар\AppData\Roaming\Mozilla\Firefox\Profiles\35xjub17.default\SEARCHPLUGINS\MAILRU.XML Deleted C:\Users\иар\Favorites\Mail.Ru Агент - используй для общения!.url Deleted C:\Windows\System32\roboot64.exe ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKLM\Software\Wow6432Node\MICROSOFT\MEDIAPLAYER\SHIMINCLUSIONLIST\amigo.exe Deleted HKLM\Software\Wow6432Node\Auslogics\BoostSpeed Deleted HKLM\Software\Wow6432Node\CLASSES\INTERFACE\{DCC049B0-CA04-4E58-B4C8-CE62AC6F5096} Deleted HKLM\SOFTWARE\CLASSES\INTERFACE\{DCC049B0-CA04-4E58-B4C8-CE62AC6F5096} Deleted HKLM\Software\Wow6432Node\CLASSES\TYPELIB\{FE9301D5-9266-4A2F-8767-85482115CAB0} Deleted HKLM\SOFTWARE\CLASSES\TYPELIB\{FE9301D5-9266-4A2F-8767-85482115CAB0} Deleted HKCU\Software\drpsu Deleted HKU\S-1-5-21-4020304659-3910671362-1857818088-1000\Software\drpsu Deleted HKLM\Software\Wow6432Node\drpsu Deleted HKLM\Software\Wow6432Node\PIP Deleted HKCU\Software\ParetoLogic Deleted HKLM\Software\Wow6432Node\ParetoLogic Deleted HKCU\Software\MediaGet Deleted HKCU\Software\Media Get LLC Deleted HKCU\Software\APN PIP Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA} Deleted HKLM\Software\Classes\CLSID\{278029E0-2347-4254-A65E-204AC55E2508} Deleted HKLM\Software\Wow6432Node\Classes\AppID\{278029E0-2347-4254-A65E-204AC55E2508} Deleted HKLM\Software\Classes\AppID\{278029E0-2347-4254-A65E-204AC55E2508} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{6DC82D15-92F2-11D1-A255-00A0C932C7DF} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{82351441-9094-11D1-A24B-00A0C932C7DF} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{61AB12E1-A5FF-11D1-B2E9-444553540000} Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF} Deleted HKLM\Software\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF} Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\brsochi.ru Deleted HKCU\Software\AppDataLow\Software\Mail.Ru Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B8204CF3-1A6A-4C1F-A489-CF56F10FEE48} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SystemScript ***** [ Chromium (and derivatives) ] ***** Deleted Поиск и стартовая – Яндекс Deleted Поиск Яндексa Deleted Стартовая — Яндекс Deleted jedelkhanefmcnpappfhachbpnlhomai Deleted jedelkhanefmcnpappfhachbpnlhomai Deleted pchfckkccldkbclgdepkaonamkignanh Deleted Touch VPN ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** Deleted SaveFrom.net helper Deleted Визуальные закладки Deleted Элементы Яндекса: Почта ***** [ Firefox URLs ] ***** Not Deleted nova.rambler.ru Not Deleted nova.rambler.ru ************************* [+] remove_folder_Auslogics [+] remove_folder_Auslogics(2) [+] remove_folder_Auslogics(3) [+] remove_folder_Auslogics(4) [+] remove_regKey_Auslogics [+] Delete Tracing Keys [+] Reset Chromium Policies [+] Reset IE Policies [+] Reset Winsock ************************* AdwCleaner[S00].txt - [6390 octets] - [03/12/2018 16:15:11] AdwCleaner[S01].txt - [6451 octets] - [03/12/2018 16:16:41] AdwCleaner[S02].txt - [6512 octets] - [03/12/2018 17:36:40] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########