# AdwCleaner v6.041 - Logfile created 20/12/2016 at 09:23:53
# Updated on 16/12/2016 by Malwarebytes
# Database : 2016-12-19.1 [Local]
# Operating System : Windows 10 Home  (X64)
# Username : Veronique - FIXE_ORANGE
# Running from : D:\Emmanuel\Telechargement\adwcleaner_6-041_fr_430277.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

[-] Service deleted: iSafeKrnl
[-] Service deleted: iSafeKrnlBoot
[-] Service deleted: iSafeKrnlKit
[-] Service deleted: iSafeKrnlMon
[-] Service deleted: iSafeKrnlR3
[-] Service deleted: iSafeNetFilter
[-] Service deleted: iSafeService
[-] Service deleted: ed2kidle
[-] Service deleted: iThemes5


***** [ Folders ] *****

[-] Folder deleted: C:\Users\Veronique\AppData\Local\WallpaperBoard
[-] Folder deleted: C:\Users\Veronique\AppData\Local\legness
[#] Folder deleted on reboot: C:\Users\Veronique\AppData\Local\Legness
[#] Folder deleted on reboot: C:\Users\Veronique\AppData\Roaming\Elex-tech
[-] Folder deleted: C:\Users\Veronique\AppData\Roaming\aMule
[-] Folder deleted: C:\Users\Veronique\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence
[-] Folder deleted: C:\Users\Veronique\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WallpaperBoard
[-] Folder deleted: C:\Program Files\ByteFence
[-] Folder deleted: C:\ProgramData\Tencent
[-] Folder deleted: C:\ProgramData\UvConverter
[#] Folder deleted on reboot: C:\ProgramData\Application Data\Tencent
[#] Folder deleted on reboot: C:\ProgramData\Application Data\UvConverter
[-] Folder deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverWhiz
[-] Folder deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aMuleCustom
[-] Folder deleted: C:\Program Files (x86)\DriverWhiz
[#] Folder deleted on reboot: C:\Program Files (x86)\Elex-tech
[-] Folder deleted: C:\Program Files (x86)\walalala co
[-] Folder deleted: C:\Program Files (x86)\legness
[-] Folder deleted: C:\Program Files (x86)\amuleC1
[#] Folder deleted on reboot: C:\Program Files (x86)\Legness
[-] Folder deleted: C:\WINDOWS\SysWoW64\config\systemprofile\AppData\Roaming\aMule
[-] Folder deleted: C:\Users\Veronique\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej


***** [ Files ] *****

[-] File deleted: C:\Users\Veronique\Desktop\Youtube.lnk
[-] File deleted: C:\WINDOWS\SysNative\log\iSafeKrnlCall.log
[-] File deleted: C:\WINDOWS\SysNative\drivers\iSafeKrnlBoot.sys
[-] File deleted: C:\WINDOWS\SysNative\drivers\iSafeNetFilter.sys


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****

[-] Shortcut disinfected: C:\Users\Veronique\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk
[-] Shortcut disinfected: C:\Users\Veronique\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk


***** [ Scheduled Tasks ] *****

[-] Task deleted: Yahoo! Powered dasan


***** [ Registry ] *****

[-] Key deleted: HKU\.DEFAULT\Software\ecb`nl
[-] Key deleted: HKU\S-1-5-21-347313316-3756737253-4142799880-1008\Software\DriverWhiz
[-] Key deleted: HKU\S-1-5-21-347313316-3756737253-4142799880-1008\Software\eSupport.com
[-] Key deleted: HKU\S-1-5-21-347313316-3756737253-4142799880-1008\Software\nuevos-programas.com
[-] Key deleted: HKU\S-1-5-21-347313316-3756737253-4142799880-1008\Software\PRODUCTSETUP
[-] Key deleted: HKU\S-1-5-21-347313316-3756737253-4142799880-1008\Software\csastats
[-] Key deleted: HKU\S-1-5-21-347313316-3756737253-4142799880-1008\Software\WallpaperBoard
[-] Key deleted: HKU\S-1-5-21-347313316-3756737253-4142799880-1008\Software\ICSW1.23
[-] Key deleted: HKU\S-1-5-21-347313316-3756737253-4142799880-1008\Software\Microsoft\Windows\CurrentVersion\Uninstall\WallpaperBoard
[#] Key deleted on reboot: HKU\S-1-5-18\Software\ecb`nl
[#] Key deleted on reboot: HKCU\Software\DriverWhiz
[#] Key deleted on reboot: HKCU\Software\eSupport.com
[#] Key deleted on reboot: HKCU\Software\nuevos-programas.com
[#] Key deleted on reboot: HKCU\Software\PRODUCTSETUP
[#] Key deleted on reboot: HKCU\Software\csastats
[#] Key deleted on reboot: HKCU\Software\WallpaperBoard
[#] Key deleted on reboot: HKCU\Software\ICSW1.23
[-] Key deleted: HKLM\SOFTWARE\Elex-tech
[-] Key deleted: HKLM\SOFTWARE\ScreenShot
[-] Key deleted: HKLM\SOFTWARE\ecb`nl
[-] Key deleted: HKLM\SOFTWARE\InterHop
[-] Key deleted: HKLM\SOFTWARE\amule-custom
[-] Key deleted: HKLM\SOFTWARE\walalala co
[-] Key deleted: HKLM\SOFTWARE\mylucky123Software
[-] Key deleted: HKLM\SOFTWARE\UvConverter
[#] Key deleted on reboot: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WallpaperBoard
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{58C69614-BB4F-4E55-BF6B-AFCB0B7377DB}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{19539992-061C-4E8B-9053-07B175303AF4}
[#] Key deleted on reboot: [x64] HKCU\Software\DriverWhiz
[#] Key deleted on reboot: [x64] HKCU\Software\eSupport.com
[#] Key deleted on reboot: [x64] HKCU\Software\nuevos-programas.com
[#] Key deleted on reboot: [x64] HKCU\Software\PRODUCTSETUP
[#] Key deleted on reboot: [x64] HKCU\Software\csastats
[#] Key deleted on reboot: [x64] HKCU\Software\WallpaperBoard
[#] Key deleted on reboot: [x64] HKCU\Software\ICSW1.23
[-] Key deleted: [x64] HKLM\SOFTWARE\DriverWhiz
[-] Key deleted: [x64] HKLM\SOFTWARE\WebBar
[-] Key deleted: [x64] HKLM\SOFTWARE\ecb`nl
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WallpaperBoard
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Driver Whiz
[-] Data restored: HKU\S-1-5-21-347313316-3756737253-4142799880-1008\Software\Microsoft\Internet Explorer\Main [Search Page] 
[-] Data restored: HKU\S-1-5-21-347313316-3756737253-4142799880-1008\Software\Microsoft\Internet Explorer\Main [Start Page] 
[-] Data restored: HKU\S-1-5-21-347313316-3756737253-4142799880-1008\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] 
[-] Data restored: HKU\S-1-5-21-347313316-3756737253-4142799880-1008\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] 
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] 
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] 
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] 
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] 
[-] Data restored: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] 
[-] Data restored: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] 
[-] Data restored: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] 
[-] Data restored: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] 
[-] Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] 
[-] Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] 
[-] Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] 
[-] Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] 
[-] Data restored: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] 
[-] Data restored: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] 
[-] Data restored: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] 
[-] Data restored: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] 
[-] Key deleted: HKU\S-1-5-21-347313316-3756737253-4142799880-1008\Software\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}
[-] Key deleted: HKU\S-1-5-21-347313316-3756737253-4142799880-1008\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Data restored: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Data restored: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\bestpriceninja.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\foxi69.tlscdn.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pstatic.bestpriceninja.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\tlscdn.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\bestpriceninja.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\foxi69.tlscdn.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\pstatic.bestpriceninja.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\tlscdn.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\bestpriceninja.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\foxi69.tlscdn.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\pstatic.bestpriceninja.com
[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\tlscdn.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\bestpriceninja.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\foxi69.tlscdn.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pstatic.bestpriceninja.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\tlscdn.com
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\bestpriceninja.com
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\foxi69.tlscdn.com
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\pstatic.bestpriceninja.com
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\tlscdn.com
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\bestpriceninja.com
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\foxi69.tlscdn.com
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\pstatic.bestpriceninja.com
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\tlscdn.com
[-] Value deleted: HKU\S-1-5-21-347313316-3756737253-4142799880-1008\Software\Microsoft\Windows\CurrentVersion\Run [WallpaperBoard]
[-] Value deleted: HKU\S-1-5-21-347313316-3756737253-4142799880-1008\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [WallpaperBoard]
[#] Value deleted on reboot: HKCU\Software\Microsoft\Windows\CurrentVersion\Run [WallpaperBoard]
[#] Value deleted on reboot: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Run [WallpaperBoard]
[-] Value deleted: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION [winwb.exe]
[-] Key deleted: HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\DriverWhiz.exe
[-] Value deleted: HKLM\SYSTEM\CurrentControlSet\Services\Themes [DependOnService]
[-] Key deleted: HKCU\Software\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej
[-] Key deleted: HKLM\SOFTWARE\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej
[#] Key deleted on reboot: [x64] HKCU\Software\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej
[-] Key deleted: [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej


***** [ Web browsers ] *****

[-] [C:\Users\Veronique\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: nuesearch
[-] [C:\Users\Veronique\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Deleted: hxxp://www.nuesearch.com/?type=hp&ts=1473242736&z=9b82a88307052d11ae6f77egbz9m4cbo4z4o2mac8m&from=che0812&uid=WDCXWD6400AAKS-22A7B2_WD-WCASYD21358913589
[-] [C:\Users\Veronique\AppData\Local\Google\Chrome\User Data\Default] [favicon_url] Deleted: hxxp://www.nuesearch.com/searchfavicon.ico
[-] [C:\Users\Veronique\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: pilplloabdedfmialnfchjomjmpjcoej
[-] [C:\Users\Veronique\AppData\Local\Google\Chrome\User Data\Default] [homepage] Deleted: hxxp://www.nuesearch.com/?type=hp&ts=1473242736&z=9b82a88307052d11ae6f77egbz9m4cbo4z4o2mac8m&from=che0812&uid=WDCXWD6400AAKS-22A7B2_WD-WCASYD21358913589


*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [26842 Bytes] - [27/09/2016 15:42:13]
C:\AdwCleaner\AdwCleaner[C2].txt - [15794 Bytes] - [20/12/2016 09:23:53]
C:\AdwCleaner\AdwCleaner[S0].txt - [25590 Bytes] - [27/09/2016 15:40:24]
C:\AdwCleaner\AdwCleaner[S1].txt - [17593 Bytes] - [20/12/2016 09:18:23]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [16016 Bytes] ##########