Publicité
Publicité
Format du document : text/plain
Prévisualisation
# AdwCleaner 7.0.2.1 - Logfile created on Sun Sep 17 15:44:42 2017
# Updated on 2017/29/08 by Malwarebytes
# Running on Windows 7 Ultimate (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
Deleted: AppleNotificationsSrv
Deleted: ANSARE
Deleted: SNAREA
Deleted: terana
Deleted: VNASRE
Deleted: NPASRE
Deleted: CWASRE
Deleted: 3DM
Deleted: CSHMDR
Deleted: snare
Deleted: OtherSearch
Deleted: Kitty
Deleted: HPZebra Service
Deleted: SNAREA
Deleted: 434d24cdac74f54a9304eb257dcbe7f9
Deleted: 774bc071cc61735f703958bbc8d993f2
***** [ Folders ] *****
Deleted: C:\Program Files (x86)\Default Company Name
Deleted: C:\Users\sternouille\AppData\Local\ANSARE
Deleted: C:\Users\sternouille\AppData\Local\SNAREA
Deleted: C:\Users\sternouille\AppData\Local\terana
Deleted: C:\Users\sternouille\AppData\Local\VNASRE
Deleted: C:\Users\sternouille\AppData\Local\NPASRE
Deleted: C:\Users\sternouille\AppData\Local\CWASRE
Deleted: C:\Users\sternouille\AppData\Local\3DM
Deleted: C:\Users\sternouille\AppData\Local\CSHMDR
Deleted: C:\Users\sternouille\AppData\Local\snare
Deleted: C:\Windows\System32\\SSL
Deleted: C:\Windows\SysWOW64\\SSL
Deleted: C:\Users\sternouille\AppData\Roaming\cacaoweb
Deleted: C:\Program Files (x86)\Tencent
Deleted: C:\Program Files (x86)\AlphaGo
Deleted: C:\Program Files (x86)\WeatherInspect
Deleted: C:\Program Files (x86)\HPZebra
Deleted: C:\Users\sternouille\AppData\Local\AdService
Deleted: C:\Users\sternouille\AppData\Roaming\WinSAPSvc
Deleted: C:\Users\sternouille\AppData\Roaming\SSMgre
Deleted: C:\Program Files (x86)\WeatherInspect
Deleted: C:\Users\sternouille\AppData\Local\SNAREA
Deleted: C:\Program Files\774bc071cc61735f703958bbc8d993f2
Deleted: C:\Program Files\37a06bc1ea3c7c11e66f956e177cda15
Deleted: C:\Program Files\543e3415f247d061daa6ff5c0727ac6d
Deleted: C:\Program Files\6dfcb2b565d737bbd71ba703d437d119
Deleted: C:\Program Files (x86)\59103026_jumpeasy
***** [ Files ] *****
Deleted: C:\Users\All Users\Documents\\report.dat
Deleted: C:\Users\Public\Documents\\report.dat
Deleted: C:\Users\All Users\Documents\\temp.dat
Deleted: C:\Users\Public\Documents\\temp.dat
Deleted: C:\END
Deleted: C:\Users\sternouille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ScreenShot.lnk
Deleted: C:\Windows\SysNative\drivers\Lace_wpf_x64.sys
Deleted: C:\Users\sternouille\AppData\Local\Temp\BigFarm.lnk
Deleted: C:\Users\sternouille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\BigFarm.lnk
Deleted: C:\Users\sternouille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\BigFarm.lnk
Deleted: C:\Users\sternouille\Desktop\BigFarm.lnk
Deleted: C:\Users\sternouille\AppData\Local\Temp\big_bang_empire.lnk
Deleted: C:\Users\sternouille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\big_bang_empire.lnk
Deleted: C:\Users\sternouille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\big_bang_empire.lnk
Deleted: C:\Users\sternouille\Desktop\big_bang_empire.lnk
Deleted: C:\Users\sternouille\AppData\Local\uninstallce.exe
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted: Milimili
Deleted: Windows-PG
Deleted: Windows-WoShiBeiYongDe
Deleted: PowerWord-SCT-JT
Deleted: SMW_UpdateTask_Time_333839343232323032372d3437415a556c2a3223346c41
***** [ Registry ] *****
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost|NPASRE
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|SNARE
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\cloudfront.net
Deleted: [Key] - HKLM\SOFTWARE\InterSect Alliance
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{118B6258-BF13-47C9-8D46-B2A349196B5D}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B7CB7055-EFAE-4CD2-928A-15DB5F4FF7C7}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{51639FCA-678F-4D71-8044-E16E3D49187F}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2C652C0A-EC71-4797-8077-F67649177AB0}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{97D2FBF4-72CF-4DD6-8DA8-26710BC7BE71}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\DMunversion
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{33E06582-221E-400F-809B-30D3984DB355}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3B96B5D3-4A8D-42DC-9CDE-E9B94B3CFE5D}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D976BD4-0B6A-4757-9D2B-65AA20F4B4EA}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ACCC747B-2A59-4F30-BA7C-D26333DE65F5}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{BBBE01ED-0F1E-44DB-88C1-5CC1AEE3B462}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E6062A33-016E-4BDA-A6F1-890D989F8656}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved|{CBDECEF7-7A29-4CBF-A009-2673D82C7BF9}
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved|{63332668-8CE1-445D-A5EE-25929176714E}
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved|{754DF2CE-51E8-4895-B53C-6381418B84AE}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{D4801E96-E7A1-45F6-B124-7A36DFB40B81}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EFC0651C-B6D7-49CD-A6E0-B1CE9AB5FE46}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{12D3E096-0FDF-42CC-8F44-04944F9C1648}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{22389F39-2CF4-47C4-B8B2-273BB16BF70C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{23E3CEB3-D63A-433E-A5D0-4DB1C501B915}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{29E3319C-4B3C-479F-8692-BDD2CA30BEDD}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{367BD1CD-74A3-451F-B1A4-6A2DE4129A2D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{49F018EE-F362-4B5B-8EC8-BCF9246ABF21}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{63B73044-FC1A-4FE1-991B-FDBD4CDAA868}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{7207E52B-821E-4C05-A8D6-2965B2BE77CF}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{863FCF5D-DC39-4DA9-AF32-CB0025990EEE}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{B09E015A-4D4E-4F8D-A436-95E19140947D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{B1E712C4-03AA-495F-B0F5-0F057E126E2A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{D13DC65C-C77B-4986-9078-DEA3D34C71BB}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{F56ACA29-1C99-40F1-AC64-2E44C4F6BC71}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{E52EB753-1F56-4DF7-BE53-2C314AC5F8A1}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{371AD4A5-1520-4AA2-A8A4-F9AD3BAC6957}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{7F124846-5453-4BB8-A41D-E11481FFC9DF}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{8FD65019-BF09-45DA-AD81-E95AE911F1FD}
Deleted: [Value] - HKU\S-1-5-21-1237048931-779808844-1748554049-1000\Software\Microsoft\Windows\CurrentVersion\Run|ssn
Deleted: [Value] - HKCU\Software\Microsoft\Windows\CurrentVersion\Run|ssn
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\.QMDeskTopGCIcon
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD|BackgroundHost64.exe
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|BackgroundHost.exe
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD|BackgroundHost.exe
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|WinSAPSvc
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|Kitty
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|SNAREA
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|ANSARE
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|BIT
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|3DM
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|VNASRE
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|CWASRE
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|CSHMDR
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|terana
Deleted: [Key] - HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|WeatherInspect
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
Deleted: [Key] - HKLM\SOFTWARE\HPZebra
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HPZebra
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|AdsServiceGroup
Deleted: [Key] - HKU\S-1-5-21-1237048931-779808844-1748554049-1000\Software\ssn
Deleted: [Key] - HKCU\Software\ssn
Deleted: [Key] - HKU\S-1-5-21-1237048931-779808844-1748554049-1000\Software\MICROSOFT\wewewe
Deleted: [Key] - HKCU\Software\MICROSOFT\wewewe
Deleted: [Key] - HKLM\SOFTWARE\ScreenShot
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ScreenShot
Deleted: [Key] - HKU\S-1-5-21-1237048931-779808844-1748554049-1000\Software\Microsoft\BigTime
Deleted: [Key] - HKCU\Software\Microsoft\BigTime
Deleted: [Key] - HKLM\SOFTWARE\OtherSearch
Deleted: [Key] - HKLM\SOFTWARE\Applian Technologies
Deleted: [Key] - HKU\S-1-5-21-1237048931-779808844-1748554049-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\119
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\119
Deleted: [Key] - HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\APreSam
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\NSaveA
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\PrAmNP
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\MPrForShutT
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\PWeatherIns
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\PrIncub
Deleted: [Key] - HKU\S-1-5-21-1237048931-779808844-1748554049-1000\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}
Deleted: [Key] - HKCU\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|WeatherInspect
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[C0].txt - [49992 B] - [2017/2/18 18:17:15]
C:/AdwCleaner/AdwCleaner[C2].txt - [1684 B] - [2017/2/18 18:46:21]
C:/AdwCleaner/AdwCleaner[S0].txt - [50050 B] - [2017/2/17 8:53:4]
C:/AdwCleaner/AdwCleaner[S1].txt - [45728 B] - [2017/2/17 11:55:3]
C:/AdwCleaner/AdwCleaner[S2].txt - [46058 B] - [2017/2/18 9:41:20]
C:/AdwCleaner/AdwCleaner[S3].txt - [46105 B] - [2017/2/18 18:13:44]
C:/AdwCleaner/AdwCleaner[S4].txt - [1824 B] - [2017/2/18 18:41:58]
C:/AdwCleaner/AdwCleaner[S5].txt - [17316 B] - [2017/9/17 15:40:0]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt ##########
# Updated on 2017/29/08 by Malwarebytes
# Running on Windows 7 Ultimate (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
Deleted: AppleNotificationsSrv
Deleted: ANSARE
Deleted: SNAREA
Deleted: terana
Deleted: VNASRE
Deleted: NPASRE
Deleted: CWASRE
Deleted: 3DM
Deleted: CSHMDR
Deleted: snare
Deleted: OtherSearch
Deleted: Kitty
Deleted: HPZebra Service
Deleted: SNAREA
Deleted: 434d24cdac74f54a9304eb257dcbe7f9
Deleted: 774bc071cc61735f703958bbc8d993f2
***** [ Folders ] *****
Deleted: C:\Program Files (x86)\Default Company Name
Deleted: C:\Users\sternouille\AppData\Local\ANSARE
Deleted: C:\Users\sternouille\AppData\Local\SNAREA
Deleted: C:\Users\sternouille\AppData\Local\terana
Deleted: C:\Users\sternouille\AppData\Local\VNASRE
Deleted: C:\Users\sternouille\AppData\Local\NPASRE
Deleted: C:\Users\sternouille\AppData\Local\CWASRE
Deleted: C:\Users\sternouille\AppData\Local\3DM
Deleted: C:\Users\sternouille\AppData\Local\CSHMDR
Deleted: C:\Users\sternouille\AppData\Local\snare
Deleted: C:\Windows\System32\\SSL
Deleted: C:\Windows\SysWOW64\\SSL
Deleted: C:\Users\sternouille\AppData\Roaming\cacaoweb
Deleted: C:\Program Files (x86)\Tencent
Deleted: C:\Program Files (x86)\AlphaGo
Deleted: C:\Program Files (x86)\WeatherInspect
Deleted: C:\Program Files (x86)\HPZebra
Deleted: C:\Users\sternouille\AppData\Local\AdService
Deleted: C:\Users\sternouille\AppData\Roaming\WinSAPSvc
Deleted: C:\Users\sternouille\AppData\Roaming\SSMgre
Deleted: C:\Program Files (x86)\WeatherInspect
Deleted: C:\Users\sternouille\AppData\Local\SNAREA
Deleted: C:\Program Files\774bc071cc61735f703958bbc8d993f2
Deleted: C:\Program Files\37a06bc1ea3c7c11e66f956e177cda15
Deleted: C:\Program Files\543e3415f247d061daa6ff5c0727ac6d
Deleted: C:\Program Files\6dfcb2b565d737bbd71ba703d437d119
Deleted: C:\Program Files (x86)\59103026_jumpeasy
***** [ Files ] *****
Deleted: C:\Users\All Users\Documents\\report.dat
Deleted: C:\Users\Public\Documents\\report.dat
Deleted: C:\Users\All Users\Documents\\temp.dat
Deleted: C:\Users\Public\Documents\\temp.dat
Deleted: C:\END
Deleted: C:\Users\sternouille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ScreenShot.lnk
Deleted: C:\Windows\SysNative\drivers\Lace_wpf_x64.sys
Deleted: C:\Users\sternouille\AppData\Local\Temp\BigFarm.lnk
Deleted: C:\Users\sternouille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\BigFarm.lnk
Deleted: C:\Users\sternouille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\BigFarm.lnk
Deleted: C:\Users\sternouille\Desktop\BigFarm.lnk
Deleted: C:\Users\sternouille\AppData\Local\Temp\big_bang_empire.lnk
Deleted: C:\Users\sternouille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\big_bang_empire.lnk
Deleted: C:\Users\sternouille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\big_bang_empire.lnk
Deleted: C:\Users\sternouille\Desktop\big_bang_empire.lnk
Deleted: C:\Users\sternouille\AppData\Local\uninstallce.exe
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted: Milimili
Deleted: Windows-PG
Deleted: Windows-WoShiBeiYongDe
Deleted: PowerWord-SCT-JT
Deleted: SMW_UpdateTask_Time_333839343232323032372d3437415a556c2a3223346c41
***** [ Registry ] *****
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost|NPASRE
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|SNARE
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\cloudfront.net
Deleted: [Key] - HKLM\SOFTWARE\InterSect Alliance
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{118B6258-BF13-47C9-8D46-B2A349196B5D}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B7CB7055-EFAE-4CD2-928A-15DB5F4FF7C7}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{51639FCA-678F-4D71-8044-E16E3D49187F}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2C652C0A-EC71-4797-8077-F67649177AB0}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{97D2FBF4-72CF-4DD6-8DA8-26710BC7BE71}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\DMunversion
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{33E06582-221E-400F-809B-30D3984DB355}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3B96B5D3-4A8D-42DC-9CDE-E9B94B3CFE5D}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D976BD4-0B6A-4757-9D2B-65AA20F4B4EA}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ACCC747B-2A59-4F30-BA7C-D26333DE65F5}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{BBBE01ED-0F1E-44DB-88C1-5CC1AEE3B462}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E6062A33-016E-4BDA-A6F1-890D989F8656}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved|{CBDECEF7-7A29-4CBF-A009-2673D82C7BF9}
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved|{63332668-8CE1-445D-A5EE-25929176714E}
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved|{754DF2CE-51E8-4895-B53C-6381418B84AE}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{D4801E96-E7A1-45F6-B124-7A36DFB40B81}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EFC0651C-B6D7-49CD-A6E0-B1CE9AB5FE46}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{12D3E096-0FDF-42CC-8F44-04944F9C1648}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{22389F39-2CF4-47C4-B8B2-273BB16BF70C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{23E3CEB3-D63A-433E-A5D0-4DB1C501B915}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{29E3319C-4B3C-479F-8692-BDD2CA30BEDD}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{367BD1CD-74A3-451F-B1A4-6A2DE4129A2D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{49F018EE-F362-4B5B-8EC8-BCF9246ABF21}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{63B73044-FC1A-4FE1-991B-FDBD4CDAA868}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{7207E52B-821E-4C05-A8D6-2965B2BE77CF}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{863FCF5D-DC39-4DA9-AF32-CB0025990EEE}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{B09E015A-4D4E-4F8D-A436-95E19140947D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{B1E712C4-03AA-495F-B0F5-0F057E126E2A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{D13DC65C-C77B-4986-9078-DEA3D34C71BB}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{F56ACA29-1C99-40F1-AC64-2E44C4F6BC71}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{E52EB753-1F56-4DF7-BE53-2C314AC5F8A1}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{371AD4A5-1520-4AA2-A8A4-F9AD3BAC6957}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{7F124846-5453-4BB8-A41D-E11481FFC9DF}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{8FD65019-BF09-45DA-AD81-E95AE911F1FD}
Deleted: [Value] - HKU\S-1-5-21-1237048931-779808844-1748554049-1000\Software\Microsoft\Windows\CurrentVersion\Run|ssn
Deleted: [Value] - HKCU\Software\Microsoft\Windows\CurrentVersion\Run|ssn
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\.QMDeskTopGCIcon
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD|BackgroundHost64.exe
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|BackgroundHost.exe
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD|BackgroundHost.exe
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|WinSAPSvc
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|Kitty
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|SNAREA
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|ANSARE
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|BIT
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|3DM
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|VNASRE
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|CWASRE
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|CSHMDR
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|terana
Deleted: [Key] - HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|WeatherInspect
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
Deleted: [Key] - HKLM\SOFTWARE\HPZebra
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HPZebra
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|AdsServiceGroup
Deleted: [Key] - HKU\S-1-5-21-1237048931-779808844-1748554049-1000\Software\ssn
Deleted: [Key] - HKCU\Software\ssn
Deleted: [Key] - HKU\S-1-5-21-1237048931-779808844-1748554049-1000\Software\MICROSOFT\wewewe
Deleted: [Key] - HKCU\Software\MICROSOFT\wewewe
Deleted: [Key] - HKLM\SOFTWARE\ScreenShot
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ScreenShot
Deleted: [Key] - HKU\S-1-5-21-1237048931-779808844-1748554049-1000\Software\Microsoft\BigTime
Deleted: [Key] - HKCU\Software\Microsoft\BigTime
Deleted: [Key] - HKLM\SOFTWARE\OtherSearch
Deleted: [Key] - HKLM\SOFTWARE\Applian Technologies
Deleted: [Key] - HKU\S-1-5-21-1237048931-779808844-1748554049-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\119
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\119
Deleted: [Key] - HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\APreSam
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\NSaveA
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\PrAmNP
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\MPrForShutT
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\PWeatherIns
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\PrIncub
Deleted: [Key] - HKU\S-1-5-21-1237048931-779808844-1748554049-1000\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}
Deleted: [Key] - HKCU\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|WeatherInspect
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[C0].txt - [49992 B] - [2017/2/18 18:17:15]
C:/AdwCleaner/AdwCleaner[C2].txt - [1684 B] - [2017/2/18 18:46:21]
C:/AdwCleaner/AdwCleaner[S0].txt - [50050 B] - [2017/2/17 8:53:4]
C:/AdwCleaner/AdwCleaner[S1].txt - [45728 B] - [2017/2/17 11:55:3]
C:/AdwCleaner/AdwCleaner[S2].txt - [46058 B] - [2017/2/18 9:41:20]
C:/AdwCleaner/AdwCleaner[S3].txt - [46105 B] - [2017/2/18 18:13:44]
C:/AdwCleaner/AdwCleaner[S4].txt - [1824 B] - [2017/2/18 18:41:58]
C:/AdwCleaner/AdwCleaner[S5].txt - [17316 B] - [2017/9/17 15:40:0]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt ##########