AdwCleaner (S1)

#
#
#
#
#
#
#
AdwCleaner v4.207 - Logfile created 23/06/2015 at 20:40:54

Updated 21/06/2015 by Xplode
Database : 2015-06-21.2 [Server]
Operating system : Windows 8.1 Pro (x64)
Username : laur - TOSHIBA-I7
Running from : C:\Users\laur\Downloads\adwcleaner_4.207.exe
Option : Cleaning
***** [ Services ] *****

[#]
[#]
[#]
[#]
Service
Service
Service
Service
Deleted
Deleted
Deleted
Deleted
:
:
:
:
globalUpdate
globalUpdatem
IHProtect Service
WindowsMangerProtect
***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\ProgramData\IHProtectUpDate
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\miuitab
Folder Deleted : C:\Users\laur\AppData\Local\globalUpdate
Folder Deleted : C:\Users\laur\AppData\Roaming\Mozilla\Firefox\Profiles\iwh7zkjr
.default\Extensions\anttoolbar@ant.com
.default\Extensions\zzoomit@zoom.com
.default\Extensions\sweetsearch@gmail.com
.default\Extensions\searchffv2@gmail.com
File Deleted : C:\Users\laur\AppData\Roaming\Mozilla\Firefox\Profiles\iwh7zkjr.d
efault\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
File Deleted : C:\Users\laur\AppData\Roaming\1jemr3E1wUIrFVS
File Deleted : C:\Users\laur\AppData\Roaming\1jemr3E1wUIrFVS.exe
File Deleted : C:\Users\laur\AppData\Roaming\bsfwyt8D
File Deleted : C:\Users\laur\AppData\Roaming\bsfwyt8D.exe
efault\user.js
efault\searchplugins\omniboxes.xml
***** [ Scheduled tasks ] *****
Task
Task
Task
Task
Task
Task
Deleted
Deleted
Deleted
Deleted
Deleted
Deleted
:
:
:
:
:
:
globalUpdateUpdateTaskMachineCore
globalUpdateUpdateTaskMachineUA
amiupdaterExd
amiupdaterExi
1jemr3E1wUIrFVS
bsfwyt8D
***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozi
lla Firefox.lnk
Shortcut Disinfected : C:\Users\laur\AppData\Roaming\Microsoft\Internet Explorer
\Quick Launch\User Pinned\TaskBar\Mozilla Firefox (2).lnk
Shortcut Disinfected : C:\Users\laur\AppData\Roaming\Microsoft\Internet Explorer
\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [sweetsearch@gmail.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [searchffv2@gmail.com]
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.
1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1
.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1
.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFa
llback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFa
llback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.
0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Upda
te;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Upda
te;version=4
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Window
sMangerProtect
Key Deleted : HKCU\Software\Mozilla\Extends
Key Deleted : HKLM\SOFTWARE\Classes\AppID\globalupdate.exe
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF
5B8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser He
lper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{51D26BB4
-4D2C-4AE4-9873-5FF41B6DED1F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{51D26
BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{56
45E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7
BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPoli
cy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
cy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
cy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-141
4F07DF5B8}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023
ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.E
XE\shell\open\command
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D
776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67C334C0-4
08D-4E6D-B5A7-0ADD6AFFA252}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-C
BCF-4FDA-883E-ADEF965B476C}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\HomeTab
Key Deleted : HKCU\Software\simplytech
Key Deleted : HKCU\Software\WajIEnhance
Key Deleted : HKCU\Software\TNT2
Key Deleted : HKCU\Software\WajIntEnhance
Key Deleted : HKCU\Software\SearchProtectWS
Key Deleted : HKCU\Software\Crossbrowse
Key Deleted : HKCU\Software\Linkey
Key Deleted : HKCU\Software\YorkNewCin
Key Deleted : HKCU\Software\HighDefAction
Key Deleted : HKCU\Software\ArenaHD
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\Iminent
Key Deleted : HKLM\SOFTWARE\SearchProtect
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\IHProtect

Key Deleted : HKLM\SOFTWARE\WajIntEnhance
Key Deleted : HKLM\SOFTWARE\omniboxesSoftware
Key Deleted : HKLM\SOFTWARE\Crossbrowse
Key Deleted : HKLM\SOFTWARE\SpeedBit
Key Deleted : HKLM\SOFTWARE\AIM Toolbar
Key Deleted : HKLM\SOFTWARE\YorkNewCin
Key Deleted : HKLM\SOFTWARE\HighDefAction
Key Deleted : HKLM\SOFTWARE\ArenaHD
Key Deleted : HKLM\SOFTWARE\FFPluginHp
Key Deleted : HKLM\SOFTWARE\ZoomWebLists
Key Deleted : HKLM\SOFTWARE\searchult
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBooster
ARP
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentTo
olbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchPro
tect
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnh
ance
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.
com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBooster
ARP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentTo
olbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchPro
tect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnh
ance
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.
com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Key Deleted : [x64] HKLM\SOFTWARE\YorkNewCin
Key Deleted : [x64] HKLM\SOFTWARE\HighDefAction
Key Deleted : [x64] HKLM\SOFTWARE\ArenaHD
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execu
tion Options\globalupdate.exe
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17840
Setting Restored
Setting Restored
Setting Restored
URL]
Setting Restored
h_URL]
Setting Restored
h_URL]
Setting Restored
URL]
Setting Restored
Setting Restored
Setting Restored
_Page_URL]
Setting Restored
age]
: HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]

: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
: HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_
: HKCU\Software\Microsoft\Internet Explorer\Main [Default_Searc
: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Searc
: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_
: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default
: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start P
-\\ Mozilla Firefox v38.0.5 (x86 en-US)

[iwh7zkjr.default\prefs.js] - Line Deleted : user_pref("browser.newtab.url", "ch
rome://quick_start/content/index.html");
[iwh7zkjr.default\prefs.js] - Line Deleted : user_pref("browser.search.defaulten
ginename", "omniboxes");
[iwh7zkjr.default\prefs.js] - Line Deleted : user_pref("browser.search.searcheng
ine.alias", "omniboxes");
ine.iconURL", "hxxp://www.omniboxes.com/favicon.ico");
ine.name", "omniboxes");
ine.url", "hxxp://www.omniboxes.com/web/?type=ds&ts=1435078255&z=a43e830311e4793
2bb8d1a6g6zac6wee4m5b0o1wbc&from=amt&uid=HGSTXHTS541010A9E680_130817JA1002101MUL
XMX&q[...]
[iwh7zkjr.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedE
ngine", "omniboxes");
[iwh7zkjr.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage
", "hxxp://www.omniboxes.com/?type=hp&ts=1435078255&z=a43e830311e47932bb8d1a6g6z
ac6wee4m5b0o1wbc&from=amt&uid=HGSTXHTS541010A9E680_130817JA1002101MULXMX");
[iwh7zkjr.default\prefs.js] - Line Deleted : user_pref("extensions.freecorder@fr
eecorder.com.current_url", "hxxp://malwaretips.com/blogs/remove-omniboxes-virus/
");
[iwh7zkjr.default\prefs.js] - Line Deleted : user_pref("extensions.freecorder@fr
eecorder.com.menuitems", "[{\"name\":\"Freecorder Menu Header\",\"img\":\"hxxp:/
/freecorder.com/fc8/ui/buttons/menu_header.png\",\"width\":225,\"height\":65},{\
"name[...]
[iwh7zkjr.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.e
nable_search1", false);
[iwh7zkjr.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.s
d.closeWindowWithLastTab_prev_state", false);
-\\ Google Chrome v43.0.2357.130
[C:\Users\laur\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences]
- Deleted [Homepage] : hxxp://www.omniboxes.com/?type=hp&ts=1435078255&z=a43e83
0311e47932bb8d1a6g6zac6wee4m5b0o1wbc&from=amt&uid=HGSTXHTS541010A9E680_130817JA1
002101MULXMX
-\\ Opera v30.0.1835.59
*************************
AdwCleaner[R0].txt
AdwCleaner[R1].txt
AdwCleaner[S0].txt
AdwCleaner[S1].txt
[12776
[17407
[12513
[14654
bytes]
bytes]
bytes]
bytes]
[19/06/2015
[23/06/2015
[19/06/2015
[23/06/2015
23:17:49]
20:39:49]
23:19:50]
20:40:54]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [14714 bytes] ##########

AdwCleaner (S1)

Caricato da

Informazioni sul documento

Titolo originale

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

AdwCleaner (S1)

Caricato da

Copyright:

Formati disponibili

#

AdwCleaner v4.207 - Logfile created 23/06/2015 at 20:40:54

* [ Services ] *

* [ Files / Folders ] *

* [ Shortcuts ] *

* [ Registry ] *

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}

Key Deleted : HKLM\SOFTWARE\IHProtect

: HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v38.0.5 (x86 en-US)

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [14714 bytes] ##########

Potrebbero piacerti anche