Publicité
Publicité
Format du document : text/plain
Prévisualisation
# AdwCleaner 7.0.5.0 - Logfile created on Sun Dec 10 10:17:48 2017
# Updated on 2017/29/11 by Malwarebytes
# Running on Windows 7 Professional (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
Deleted: C:\Windows\System32\\SSL
Deleted: C:\Windows\SysWOW64\\SSL
Deleted: C:\Users\C-3PO\AppData\Roaming\Event Monitor
Deleted: C:\Program Files\Common Files\Noobzo
Deleted: C:\Users\C-3PO\AppData\Local\AdvinstAnalytics
Deleted: C:\ProgramData\Logic Cramble
Deleted: C:\ProgramData\Application Data\Logic Cramble
Deleted: C:\Users\All Users\Logic Cramble
Deleted: C:\Users\C-3PO\AppData\Local\AppTrailers
Deleted: C:\Users\C-3PO\AppData\Roaming\gplyra
Deleted: C:\Users\C-3PO\AppData\Local\AdService
Deleted: C:\ProgramData\SearchModule
Deleted: C:\ProgramData\Application Data\SearchModule
Deleted: C:\Users\All Users\SearchModule
Deleted: C:\Program Files (x86)\ProxyGate
Deleted: C:\ProgramData\Quoteex
Deleted: C:\ProgramData\Application Data\Quoteex
Deleted: C:\Users\All Users\Quoteex
Deleted: C:\ProgramData\Microleaves
Deleted: C:\ProgramData\Application Data\Microleaves
Deleted: C:\Users\All Users\Microleaves
Deleted: C:\Users\C-3PO\AppData\Roaming\Microleaves
Deleted: C:\Windows\\rss
Deleted: C:\Program Files (x86)\thzXuJvjU
Deleted: C:\Program Files (x86)\QYERbvxRHIE
Deleted: C:\Program Files (x86)\GXZiGyYLSHyU2
Deleted: C:\Program Files (x86)\dCHHaxjOpqUn
Deleted: C:\Program Files (x86)\SoftUpgrade
Deleted: C:\Users\C-3PO\AppData\Roaming\Interstatnogui
Deleted: C:\ProgramData\Quoteexs
Deleted: C:\ProgramData\Application Data\Quoteexs
Deleted: C:\Users\All Users\Quoteexs
Deleted: C:\ProgramData\Quoteex
Deleted: C:\ProgramData\Application Data\Quoteex
Deleted: C:\Users\All Users\Quoteex
Deleted: C:\Program Files (x86)\pccleanplus
Deleted: C:\Program Files (x86)\bnsplayer
Deleted: C:\Users\C-3PO\AppData\Roaming\NETCTL
Deleted: C:\Users\C-3PO\AppData\Roaming\EpicNet Inc
Deleted: C:\Users\C-3PO\AppData\Roaming\EpicNet Inc.
Deleted: C:\Program Files\8c023e14d62cc32fcaee500b3f1fb4dd
Deleted: C:\Program Files\02680e8d0cce57b8df28f1837c040670
Deleted: C:\Program Files\1c18ce34ae7044639b6f5760fa2e9576
Deleted: C:\Program Files\cdcce8892ce1e0817ee80313066dd4e8
Deleted: C:\ProgramData\65157148-1c93-1
Deleted: C:\ProgramData\65157148-2ae1-1
Deleted: C:\ProgramData\65157148-6247-0
Deleted: C:\ProgramData\db0cab8c-19c5-1
Deleted: C:\ProgramData\db0cab8c-3067-0
Deleted: C:\ProgramData\db0cab8c-3dd7-1
***** [ Files ] *****
Deleted: C:\Users\C-3PO\AppData\Local\Main.dat
Deleted: C:\END
Deleted: C:\Windows\SysNative\drivers\Lace_wpf_x64.sys
Deleted: C:\Windows\System32\config\systemprofile\appdata\local\installationconfiguration.xml
Deleted: C:\Users\C-3PO\appdata\local\installationconfiguration.xml
Deleted: C:\Windows\System32\config\systemprofile\AppData\Local\PO.DB
Deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\PO.DB
Deleted: C:\Users\C-3PO\AppData\Local\PO.DB
Deleted: C:\Users\C-3PO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet-Explorer Browser.lnk
Deleted: C:\Windows\System32\findit.xml
Deleted: C:\Windows\SysWOW64\findit.xml
Deleted: C:\Users\C-3PO\AppData\Local\uninstallce.exe
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted: FastDataX Task
Deleted: SystemHealer Run Delay
Deleted: PC Clean Plus
***** [ Registry ] *****
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\pccleanplus.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\plarium.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\utop.it
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.pccleanplus.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\cloudfront.net
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\d22j4fzzszoii2.cloudfront.net
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\staticimgfarm.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ttdetect.staticimgfarm.com
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\CoinisRevShare
Deleted: [Key] - HKCU\Software\CoinisRevShare
Deleted: [Key] - HKLM\SOFTWARE\PC
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\PC
Deleted: [Key] - HKCU\Software\PC
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154}
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154}
Deleted: [Key] - HKCU\Software\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154}
Deleted: [Key] - HKLM\SOFTWARE\Event Monitor
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\Event Monitor
Deleted: [Key] - HKCU\Software\Event Monitor
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2}
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2}
Deleted: [Key] - HKCU\Software\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2}
Deleted: [Key] - HKLM\SOFTWARE\Speedownloader0099
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\Speedownloader0099
Deleted: [Key] - HKCU\Software\Speedownloader0099
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\NetCtl
Deleted: [Key] - HKCU\Software\NetCtl
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Control\Class\{0C95ABFE-4FB6-49DB-B22F-0E1F5FC4BEEC}
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Control\Class\{EEEFACB3-729F-4484-B66D-E7A7917BBFC1}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2}
Deleted: [Key] - HKCU\Software\Classes\Applications\interstatnogui.exe
Deleted: [Key] - HKU\.DEFAULT\Software\WajIEnhance
Deleted: [Key] - HKU\S-1-5-18\Software\WajIEnhance
Deleted: [Key] - HKLM\SOFTWARE\SrcAAAesom Browser Enhancer
Deleted: [Key] - HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\AppDataLow\Software\AppTrailers
Deleted: [Key] - HKCU\Software\AppDataLow\Software\AppTrailers
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\gplyra
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\bytefence.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\fr.bytefence.com
Deleted: [Key] - HKU\.DEFAULT\Software\ByteFence
Deleted: [Key] - HKU\S-1-5-18\Software\ByteFence
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\msaver
Deleted: [Key] - HKCU\Software\msaver
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\FastDataX
Deleted: [Key] - HKCU\Software\FastDataX
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\{6711eba6-cf08-4edw-9528-86004fa424bb}
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\Microsoft\{6711eba6-cf08-4edw-9528-86004fa424bb}
Deleted: [Key] - HKCU\Software\Microsoft\{6711eba6-cf08-4edw-9528-86004fa424bb}
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|AdsServiceGroup
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\System Healer
Deleted: [Key] - HKCU\Software\System Healer
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\Hotspot
Deleted: [Key] - HKCU\Software\Hotspot
Deleted: [Key] - HKLM\SOFTWARE\SearchModule
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\Amigo
Deleted: [Key] - HKCU\Software\Amigo
Deleted: [Key] - HKLM\SOFTWARE\mtQuoteex
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\mtQuoteex
Deleted: [Key] - HKCU\Software\mtQuoteex
Deleted: [Key] - HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Quoteex.exe
Deleted: [Key] - HKLM\SOFTWARE\OtherSearch
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{C0D38E5A-7CF8-4105-8FE8-31B81443A114}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C0D38E5A-7CF8-4105-8FE8-31B81443A114}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C0D38E5A-7CF8-4105-8FE8-31B81443A114}
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\Interstatnogui
Deleted: [Key] - HKCU\Software\Interstatnogui
Deleted: [Key] - HKLM\SOFTWARE\Jawego
Deleted: [Key] - HKLM\SOFTWARE\mtQuoteex
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\mtQuoteex
Deleted: [Key] - HKCU\Software\mtQuoteex
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Quoteex.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\119
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\119
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\PrAmNP
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\Microsoft\PrAmNP
Deleted: [Key] - HKCU\Software\Microsoft\PrAmNP
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\PrIncub
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}
Deleted: [Key] - HKCU\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\csastats
Deleted: [Key] - HKCU\Software\csastats
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\PRODUCTSETUP
Deleted: [Key] - HKCU\Software\PRODUCTSETUP
Deleted: [Key] - HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\EpicNet Inc.
Deleted: [Key] - HKCU\Software\EpicNet Inc.
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|AdsServiceGroup
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Etsy
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\Microsoft\Etsy
Deleted: [Key] - HKCU\Software\Microsoft\Etsy
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [14626 B] - [2017/12/9 18:30:6]
C:/AdwCleaner/AdwCleaner[S1].txt - [13488 B] - [2017/12/10 10:15:29]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
# Updated on 2017/29/11 by Malwarebytes
# Running on Windows 7 Professional (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
Deleted: C:\Windows\System32\\SSL
Deleted: C:\Windows\SysWOW64\\SSL
Deleted: C:\Users\C-3PO\AppData\Roaming\Event Monitor
Deleted: C:\Program Files\Common Files\Noobzo
Deleted: C:\Users\C-3PO\AppData\Local\AdvinstAnalytics
Deleted: C:\ProgramData\Logic Cramble
Deleted: C:\ProgramData\Application Data\Logic Cramble
Deleted: C:\Users\All Users\Logic Cramble
Deleted: C:\Users\C-3PO\AppData\Local\AppTrailers
Deleted: C:\Users\C-3PO\AppData\Roaming\gplyra
Deleted: C:\Users\C-3PO\AppData\Local\AdService
Deleted: C:\ProgramData\SearchModule
Deleted: C:\ProgramData\Application Data\SearchModule
Deleted: C:\Users\All Users\SearchModule
Deleted: C:\Program Files (x86)\ProxyGate
Deleted: C:\ProgramData\Quoteex
Deleted: C:\ProgramData\Application Data\Quoteex
Deleted: C:\Users\All Users\Quoteex
Deleted: C:\ProgramData\Microleaves
Deleted: C:\ProgramData\Application Data\Microleaves
Deleted: C:\Users\All Users\Microleaves
Deleted: C:\Users\C-3PO\AppData\Roaming\Microleaves
Deleted: C:\Windows\\rss
Deleted: C:\Program Files (x86)\thzXuJvjU
Deleted: C:\Program Files (x86)\QYERbvxRHIE
Deleted: C:\Program Files (x86)\GXZiGyYLSHyU2
Deleted: C:\Program Files (x86)\dCHHaxjOpqUn
Deleted: C:\Program Files (x86)\SoftUpgrade
Deleted: C:\Users\C-3PO\AppData\Roaming\Interstatnogui
Deleted: C:\ProgramData\Quoteexs
Deleted: C:\ProgramData\Application Data\Quoteexs
Deleted: C:\Users\All Users\Quoteexs
Deleted: C:\ProgramData\Quoteex
Deleted: C:\ProgramData\Application Data\Quoteex
Deleted: C:\Users\All Users\Quoteex
Deleted: C:\Program Files (x86)\pccleanplus
Deleted: C:\Program Files (x86)\bnsplayer
Deleted: C:\Users\C-3PO\AppData\Roaming\NETCTL
Deleted: C:\Users\C-3PO\AppData\Roaming\EpicNet Inc
Deleted: C:\Users\C-3PO\AppData\Roaming\EpicNet Inc.
Deleted: C:\Program Files\8c023e14d62cc32fcaee500b3f1fb4dd
Deleted: C:\Program Files\02680e8d0cce57b8df28f1837c040670
Deleted: C:\Program Files\1c18ce34ae7044639b6f5760fa2e9576
Deleted: C:\Program Files\cdcce8892ce1e0817ee80313066dd4e8
Deleted: C:\ProgramData\65157148-1c93-1
Deleted: C:\ProgramData\65157148-2ae1-1
Deleted: C:\ProgramData\65157148-6247-0
Deleted: C:\ProgramData\db0cab8c-19c5-1
Deleted: C:\ProgramData\db0cab8c-3067-0
Deleted: C:\ProgramData\db0cab8c-3dd7-1
***** [ Files ] *****
Deleted: C:\Users\C-3PO\AppData\Local\Main.dat
Deleted: C:\END
Deleted: C:\Windows\SysNative\drivers\Lace_wpf_x64.sys
Deleted: C:\Windows\System32\config\systemprofile\appdata\local\installationconfiguration.xml
Deleted: C:\Users\C-3PO\appdata\local\installationconfiguration.xml
Deleted: C:\Windows\System32\config\systemprofile\AppData\Local\PO.DB
Deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\PO.DB
Deleted: C:\Users\C-3PO\AppData\Local\PO.DB
Deleted: C:\Users\C-3PO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet-Explorer Browser.lnk
Deleted: C:\Windows\System32\findit.xml
Deleted: C:\Windows\SysWOW64\findit.xml
Deleted: C:\Users\C-3PO\AppData\Local\uninstallce.exe
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted: FastDataX Task
Deleted: SystemHealer Run Delay
Deleted: PC Clean Plus
***** [ Registry ] *****
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\pccleanplus.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\plarium.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\utop.it
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.pccleanplus.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\cloudfront.net
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\d22j4fzzszoii2.cloudfront.net
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\staticimgfarm.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ttdetect.staticimgfarm.com
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\CoinisRevShare
Deleted: [Key] - HKCU\Software\CoinisRevShare
Deleted: [Key] - HKLM\SOFTWARE\PC
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\PC
Deleted: [Key] - HKCU\Software\PC
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154}
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154}
Deleted: [Key] - HKCU\Software\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154}
Deleted: [Key] - HKLM\SOFTWARE\Event Monitor
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\Event Monitor
Deleted: [Key] - HKCU\Software\Event Monitor
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2}
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2}
Deleted: [Key] - HKCU\Software\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2}
Deleted: [Key] - HKLM\SOFTWARE\Speedownloader0099
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\Speedownloader0099
Deleted: [Key] - HKCU\Software\Speedownloader0099
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\NetCtl
Deleted: [Key] - HKCU\Software\NetCtl
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Control\Class\{0C95ABFE-4FB6-49DB-B22F-0E1F5FC4BEEC}
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Control\Class\{EEEFACB3-729F-4484-B66D-E7A7917BBFC1}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2}
Deleted: [Key] - HKCU\Software\Classes\Applications\interstatnogui.exe
Deleted: [Key] - HKU\.DEFAULT\Software\WajIEnhance
Deleted: [Key] - HKU\S-1-5-18\Software\WajIEnhance
Deleted: [Key] - HKLM\SOFTWARE\SrcAAAesom Browser Enhancer
Deleted: [Key] - HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\AppDataLow\Software\AppTrailers
Deleted: [Key] - HKCU\Software\AppDataLow\Software\AppTrailers
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\gplyra
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\bytefence.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\fr.bytefence.com
Deleted: [Key] - HKU\.DEFAULT\Software\ByteFence
Deleted: [Key] - HKU\S-1-5-18\Software\ByteFence
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\msaver
Deleted: [Key] - HKCU\Software\msaver
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\FastDataX
Deleted: [Key] - HKCU\Software\FastDataX
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\{6711eba6-cf08-4edw-9528-86004fa424bb}
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\Microsoft\{6711eba6-cf08-4edw-9528-86004fa424bb}
Deleted: [Key] - HKCU\Software\Microsoft\{6711eba6-cf08-4edw-9528-86004fa424bb}
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|AdsServiceGroup
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\System Healer
Deleted: [Key] - HKCU\Software\System Healer
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\Hotspot
Deleted: [Key] - HKCU\Software\Hotspot
Deleted: [Key] - HKLM\SOFTWARE\SearchModule
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\Amigo
Deleted: [Key] - HKCU\Software\Amigo
Deleted: [Key] - HKLM\SOFTWARE\mtQuoteex
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\mtQuoteex
Deleted: [Key] - HKCU\Software\mtQuoteex
Deleted: [Key] - HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Quoteex.exe
Deleted: [Key] - HKLM\SOFTWARE\OtherSearch
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{C0D38E5A-7CF8-4105-8FE8-31B81443A114}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C0D38E5A-7CF8-4105-8FE8-31B81443A114}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C0D38E5A-7CF8-4105-8FE8-31B81443A114}
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\Interstatnogui
Deleted: [Key] - HKCU\Software\Interstatnogui
Deleted: [Key] - HKLM\SOFTWARE\Jawego
Deleted: [Key] - HKLM\SOFTWARE\mtQuoteex
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\mtQuoteex
Deleted: [Key] - HKCU\Software\mtQuoteex
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Quoteex.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\119
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\119
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\PrAmNP
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\Microsoft\PrAmNP
Deleted: [Key] - HKCU\Software\Microsoft\PrAmNP
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\PrIncub
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}
Deleted: [Key] - HKCU\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\csastats
Deleted: [Key] - HKCU\Software\csastats
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\PRODUCTSETUP
Deleted: [Key] - HKCU\Software\PRODUCTSETUP
Deleted: [Key] - HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\EpicNet Inc.
Deleted: [Key] - HKCU\Software\EpicNet Inc.
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|AdsServiceGroup
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Etsy
Deleted: [Key] - HKU\S-1-5-21-1342067083-540354075-4242860494-1000\Software\Microsoft\Etsy
Deleted: [Key] - HKCU\Software\Microsoft\Etsy
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [14626 B] - [2017/12/9 18:30:6]
C:/AdwCleaner/AdwCleaner[S1].txt - [13488 B] - [2017/12/10 10:15:29]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########