Scribd Logo
Upload

Welcome to Scribd!

  • 57 views

    AdwCleaner (C00)

    Uploaded by

    Мария Топчеева
    Malwarebytes AdwCleaner cleaned 64 items and found no failures from a Windows 10 machine. Items deleted included services, folders, files, tasks, registry keys, and Chromium entries associated with Amigo, Mail.Ru, MeSafe, and other potentially unwanted programs. No malicious DLLs, WMI objects, shortcuts, Firefox entries, URLs, hosts file entries or preinstalled software were found.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd

    AdwCleaner (C00)

    Uploaded by

    Мария Топчеева
    57 views3 pages
    Malwarebytes AdwCleaner cleaned 64 items and found no failures from a Windows 10 machine. Items deleted included services, folders, files, tasks, registry keys, and Chromium entries associated with Amigo, Mail.Ru, MeSafe, and other potentially unwanted programs. No malicious DLLs, WMI objects, shortcuts, Firefox entries, URLs, hosts file entries or preinstalled software were found.

    Original Title

    AdwCleaner[C00]

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Malwarebytes AdwCleaner cleaned 64 items and found no failures from a Windows 10 machine. Items deleted included services, folders, files, tasks, registry keys, and Chromium entries associated with Amigo, Mail.Ru, MeSafe, and other potentially unwanted programs. No malicious DLLs, WMI objects, shortcuts, Firefox entries, URLs, hosts file entries or preinstalled software were found.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Download as txt, pdf, or txt
    57 views3 pages

    AdwCleaner (C00)

    Uploaded by

    Мария Топчеева
    Malwarebytes AdwCleaner cleaned 64 items and found no failures from a Windows 10 machine. Items deleted included services, folders, files, tasks, registry keys, and Chromium entries associated with Amigo, Mail.Ru, MeSafe, and other potentially unwanted programs. No malicious DLLs, WMI objects, shortcuts, Firefox entries, URLs, hosts file entries or preinstalled software were found.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Download as txt, pdf, or txt
    of 3

    # -------------------------------

    # Malwarebytes AdwCleaner 8.0.3.0


    # -------------------------------
    # Build: 03-03-2020
    # Database: 2020-03-13.1 (Cloud)
    # Support: https://www.malwarebytes.com/support
    #
    # -------------------------------
    # Mode: Clean
    # -------------------------------
    # Start: 03-22-2020
    # Duration: 00:01:55
    # OS: Windows 10 Enterprise
    # Cleaned: 64
    # Failed: 0

    ***** [ Services ] *****

    Deleted Windows Node

    ***** [ Folders ] *****

    Deleted C:\Users\�����\AppData\Local\Amigo
    Deleted C:\Users\�����\AppData\Local\ZaxarGameBrowser
    Deleted C:\Users\�����\AppData\Local\yc
    Deleted C:\Users\�����\AppData\Local\�o��� � ���e����
    Deleted C:\Users\�����\AppData\Local\���c� � ���e�����
    Deleted C:\Users\�����\AppData\Roaming\..\Local\wupdate
    Deleted C:\Users\�����\AppData\Roaming\setupsk
    Deleted C:\Users\�����\AppData\Roaming\setupsk_upd
    Deleted C:\Windows\WinKit

    ***** [ Files ] *****

    Deleted
    C:\Users\�����\AppData\Roaming\Mozilla\Firefox\Profiles\ojrgdkme.default\SEARCHPLUG
    INS\MAILRU.XML
    Deleted C:\Users\�����\Favorites\Mail.Ru ����� - ��������� �� ������!.url
    Deleted C:\Users\�����\Favorites\Mail.Ru.url

    ***** [ DLL ] *****

    No malicious DLLs cleaned.

    ***** [ WMI ] *****

    No malicious WMI cleaned.

    ***** [ Shortcuts ] *****

    No malicious shortcuts cleaned.

    ***** [ Tasks ] *****

    Deleted C:\Windows\System32\Tasks\PBOT
    Deleted C:\Windows\System32\Tasks\SETUPSK
    Deleted C:\Windows\System32\Tasks\WUPDATE
    ***** [ Registry ] *****

    Deleted HKCU\Software\Amigo
    Deleted HKCU\Software\MeSafe
    Deleted HKCU\Software\Media Get LLC
    Deleted HKCU\Software\Microsoft\Gosearch
    Deleted HKCU\Software\Microsoft\Gosearchq
    Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\mail.rambler.ru
    Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\news.rambler.ru
    Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\rambler.ru
    Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\thebrighttag.com
    Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.rambler.ru
    Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-
    C22C-4172-89FF-45215A135AC7}
    Deleted HKCU\Software\Microsoft\KometaInstaller
    Deleted
    HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|
    MailRuUpdater
    Deleted
    HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|setupsk
    Deleted
    HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|
    setupsk_upd
    Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\
    {8E8F97CD-60B5-456F-A201-73065652D099}
    Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8E8F97CD-
    60B5-456F-A201-73065652D099}
    Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|setupsk
    Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\setupsk
    Deleted HKCU\Software\NetBox
    Deleted HKCU\Software\Xpom
    Deleted HKCU\Software\csastats
    Deleted HKCU\Software\setupsk
    Deleted HKLM\SOFTWARE\Microsoft\Windows
    NT\CurrentVersion\Schedule\TaskCache\Plain\{BD05CEA3-47B1-41B6-B841-163E7F478323}#
    Deleted HKLM\SOFTWARE\Microsoft\Windows
    NT\CurrentVersion\Schedule\TaskCache\Tasks\{636F19C1-FB98-4AA2-AF68-A21314761FE2}#
    Deleted HKLM\SOFTWARE\Microsoft\Windows
    NT\CurrentVersion\Schedule\TaskCache\Tasks\{BD05CEA3-47B1-41B6-B841-163E7F478323}#
    Deleted HKLM\SOFTWARE\Microsoft\Windows
    NT\CurrentVersion\Schedule\TaskCache\Tree\PBot
    Deleted HKLM\SOFTWARE\Microsoft\Windows
    NT\CurrentVersion\Schedule\TaskCache\Tree\setupsk
    Deleted
    HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\Firew
    allRules|{C8D415D1-78F2-4198-86F9-F2B67149F0FE}
    Deleted HKLM\Software\Classes\IESearchPlugin.MailRuBHO
    Deleted HKLM\Software\Classes\TypeLib\{C69276F0-9BC1-404F-8566-FCB14D0ED4B8}
    Deleted HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon|Userinit
    Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{8E8F97CD-60B5-456F-A201-
    73065652D099}
    Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{C69276F0-9BC1-404F-8566-
    FCB14D0ED4B8}
    Deleted
    HKLM\Software\Wow6432Node\\MICROSOFT\MEDIAPLAYER\SHIMINCLUSIONLIST\amigo.exe
    Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low
    Rights\ElevationPolicy\{68AE298D-7E8A-4F53-BE55-15D2B065F6C0}
    Deleted
    HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
    Objects\{8E8F97CD-60B5-456F-A201-73065652D099}
    Deleted
    HKLM\System\CurrentControlSet\Services\EventLog\Application\service.exe
    Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\
    {8ce58c56-f191-4a37-8f91-cef370c7137d}|NameServer -
    "52.56.51.39,178.132.6.57,46.101.28.31,82.202.226.203,193.238.153.54#"
    Deleted HKU\.DEFAULT\Software\Amigo
    Deleted HKU\S-1-5-18\Software\Amigo

    ***** [ Chromium (and derivatives) ] *****

    Deleted MeSafe - nkknfledgpmlnapbbfdahiigcanjgana


    Deleted MeSafe - nkknfledgpmlnapbbfdahiigcanjgana
    Deleted ���������� �������� Mail.Ru - oelpkepjlgmehajehfeicfbjdiobdkfj
    Deleted ������� �������� Mail.Ru - ccfifbojenkenpkmnbnndeadpfdiffof
    Deleted ������� �������� Mail.Ru - ccfifbojenkenpkmnbnndeadpfdiffof
    Deleted ����� Mail.Ru - ojlcebdkbpjdpiligkdbbkdkfjmchbfd
    Deleted ����� Mail.Ru - ojlcebdkbpjdpiligkdbbkdkfjmchbfd

    ***** [ Chromium URLs ] *****

    No malicious Chromium URLs cleaned.

    ***** [ Firefox (and derivatives) ] *****

    No malicious Firefox entries cleaned.

    ***** [ Firefox URLs ] *****

    No malicious Firefox URLs cleaned.

    ***** [ Hosts File Entries ] *****

    No malicious hosts file entries cleaned.

    ***** [ Preinstalled Software ] *****

    No Preinstalled Software cleaned.

    *************************

    [+] Delete Tracing Keys


    [+] Reset Winsock

    *************************

    AdwCleaner[S00].txt - [7357 octets] - [22/03/2020 18:48:10]

    ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

    You might also like