# AdwCleaner v5.019 - Logfile created 12/11/2015 at 13:42:49 # Updated 08/11/2015 by Xplode # Database : 2015-11-09.1 [Server] # Operating system : Windows 7 Professional (x64) # Username : mohamed - MOHAMED-PC # Running from : C:\Users\mohamed\Desktop\adwcleaner_5.019.exe # Option : Cleaning # Support : http://toolslib.net/forum ***** [ Services ] ***** [-] Service Deleted : QQPCRTP [-] Service Deleted : TAOAccelerator [-] Service Deleted : TSDefenseBt [-] Service Deleted : TSSysKit [-] Service Deleted : QMUdisk [-] Service Deleted : TS888x64 [-] Service Deleted : QQSysMonX64 [-] Service Deleted : TSCPM [-] Service Deleted : TFsFlt [-] Service Deleted : TAOFrame [!] Service Not Deleted : TAOKernelDriver [-] Service Deleted : TSSKX64 [-] Service Deleted : ihpmServer ***** [ Folders ] ***** [#] Folder Deleted : C:\IQIYI Video [#] Folder Deleted : C:\Program Files (x86)\tencent [#] Folder Deleted : C:\Program Files (x86)\RayDld [#] Folder Deleted : C:\Program Files (x86)\CinemaP-1.9cV09.11 [#] Folder Deleted : C:\Program Files (x86)\Common Files\tencent [#] Folder Deleted : C:\Program Files\Common Files\tencent [#] Folder Deleted : C:\ProgramData\IQIYI Video [#] Folder Deleted : C:\ProgramData\tencent [#] Folder Deleted : C:\ProgramData\TXQMPC [#] Folder Deleted : C:\Users\mohamed\AppData\Local\globalUpdate [#] Folder Deleted : C:\Users\mohamed\AppData\Local\SysassistByHotWheel [#] Folder Deleted : C:\Users\mohamed\AppData\Local\Temp\tencent [#] Folder Deleted : C:\Users\mohamed\AppData\Roaming\IQIYI Video [#] Folder Deleted : C:\Users\mohamed\AppData\Roaming\oursurfing [#] Folder Deleted : C:\Users\mohamed\AppData\Roaming\tencent [#] Folder Deleted : C:\Users\mohamed\AppData\Roaming\ppslog [#] Folder Deleted : C:\Users\mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\???? [#] Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\tencent ***** [ Files ] ***** [-] File Deleted : C:\Users\mohamed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\????.lnk [-] File Deleted : C:\Users\mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????\????\????.lnk [-] File Deleted : C:\Users\mohamed\Desktop\PPS????.lnk [-] File Deleted : C:\Users\mohamed\Desktop\????.lnk [-] File Deleted : C:\Windows\SysNative\drivers\TAOAccelerator64.sys [-] File Deleted : C:\Windows\SysNative\drivers\TSSKX64.sys [-] File Deleted : C:\Windows\SysNative\drivers\TAOKernel64.sys [-] File Deleted : C:\Windows\SysNative\drivers\TFsFltX64.sys [-] File Deleted : C:\Windows\SysWOW64\drivers\TsFltMgr.sys [-] File Deleted : C:\Windows\SysWOW64\drivers\TS888x64.sys ***** [ DLLs ] ***** ***** [ Shortcuts ] ***** [-] Shortcut Disinfected : C:\Users\mohamed\Desktop\Google Chrome.lnk [-] Shortcut Disinfected : C:\Users\mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk [-] Shortcut Disinfected : C:\Users\mohamed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [-] Shortcut Disinfected : C:\Users\mohamed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk ***** [ Scheduled tasks ] ***** [-] Task Deleted : amiupdaterExd [-] Task Deleted : amiupdaterExi ***** [ Registry ] ***** [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE [-] Key Deleted : HKLM\SOFTWARE\CLASSES\METNSD [-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP [-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP [-] Key Deleted : HKCU\Software\MozillaPlugins\@iqiyi.com/npWebPlayer [-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@iqiyi.com/npWebPlayer [-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@iqiyi.com/npclient [-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [HCDNClient] [-] Key Deleted : HKLM\SOFTWARE\Classes\qygameclient [-] Key Deleted : HKLM\SOFTWARE\Classes\HCDNProxy [-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@qq.com/QQPCMgr [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\PPStream.exe [-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ QQPCTray] [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB4F6285-4C32-49F2-950F-A5998F9CEC6C} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{085CB97F-6D0B-487D-B94C-E11A736C38CE} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{307B3CDB-9EE3-4137-9D18-F9AD6537ECEB} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E6A8DA1-5731-465B-B036-B9E16EF26CAC} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CF3CDEFB-31BE-43AE-B064-B9C62C883259} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D96C1D26-5CDF-4506-9244-57233C3984DF} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E} [-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B6360BD3-5CD0-40D3-BD87-DAFF37889F50} [-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E1D75F62-CBBD-45C7-9D1D-6B5ECEC2E006} [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB4F6285-4C32-49F2-950F-A5998F9CEC6C} [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FB4F6285-4C32-49F2-950F-A5998F9CEC6C} [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5E6A8DA1-5731-465B-B036-B9E16EF26CAC} [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5EC7C511-CD0F-42E6-830C-1BD9882F3458} [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FB4F6285-4C32-49F2-950F-A5998F9CEC6C} [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5EC7C511-CD0F-42E6-830C-1BD9882F3458} [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5E6A8DA1-5731-465B-B036-B9E16EF26CAC} [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5EC7C511-CD0F-42E6-830C-1BD9882F3458} [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5EC7C511-CD0F-42E6-830C-1BD9882F3458} [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E6A8DA1-1731-465B-B036-B9E16EF26CAC} [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E6BE0FB-8B18-4DFC-959F-233651CC4D7F} [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E6A8DA1-2731-465B-B036-B9E16EF26CAC} [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAC94FEE-45B4-4FD4-9EEA-D8978EC96C6E} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{085CB97F-6D0B-487D-B94C-E11A736C38CE} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5E6A8DA1-5731-465B-B036-B9E16EF26CAC} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5EC7C511-CD0F-42E6-830C-1BD9882F3458} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{B7667919-3765-4815-A66D-98A09BE662D6} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E} [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E6A8DA1-1731-465B-B036-B9E16EF26CAC} [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E6A8DA1-2731-465B-B036-B9E16EF26CAC} [-] Key Deleted : HKCU\Software\GlobalUpdate [-] Key Deleted : HKCU\Software\YorkNewCin [-] Key Deleted : HKCU\Software\HighDefAction [-] Key Deleted : HKCU\Software\ArenaHD [-] Key Deleted : HKCU\Software\QyGameClient [-] Key Deleted : HKCU\Software\PPStream [-] Key Deleted : HKCU\Software\CinemaP-1.9cV09.11-nv-ie [-] Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider [-] Key Deleted : HKCU\Software\AppDataLow\Software\QiYi [-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider [-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_ [-] Key Deleted : HKLM\SOFTWARE\GlobalUpdate [-] Key Deleted : HKLM\SOFTWARE\YorkNewCin [-] Key Deleted : HKLM\SOFTWARE\HighDefAction [-] Key Deleted : HKLM\SOFTWARE\oursurfingSoftware [-] Key Deleted : HKLM\SOFTWARE\ArenaHD [-] Key Deleted : HKLM\SOFTWARE\RayDld [-] Key Deleted : HKLM\SOFTWARE\ihpmserver [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IQIYI Video [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QQPCMgr [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PPStream [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\oursurfing [-] Key Deleted : [x64] HKLM\SOFTWARE\YorkNewCin [-] Key Deleted : [x64] HKLM\SOFTWARE\HighDefAction [-] Key Deleted : [x64] HKLM\SOFTWARE\ArenaHD [-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_ [-] Key Deleted : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_ [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GLOBALUPDATE.EXE [-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] [-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] [-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] [-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] [-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] [-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] [-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tab] [-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] [-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] [-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] [-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] [-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] ***** [ Web browsers ] ***** [-] [C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www.oursurfing.com/?type=hp&ts=1447286580&z=17b2ff4f0cf88b457a1e247g8zbzdm1oebbq8w7b6e&from=amt&uid=toshibaxmq01abd100_74jnt1r5txx74jnt1r5t [-] [C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Deleted : hxxp://www.oursurfing.com/web/?type=ds&ts=1447286580&z=17b2ff4f0cf88b457a1e247g8zbzdm1oebbq8w7b6e&from=amt&uid=toshibaxmq01abd100_74jnt1r5txx74jnt1r5t&q={searchTerms} [-] [C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ooebklgpfnbcnpokahmdidgbmlcdepkm [-] [C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : hxxp://www.oursurfing.com/?type=hp&ts=1447286580&z=17b2ff4f0cf88b457a1e247g8zbzdm1oebbq8w7b6e&from=amt&uid=toshibaxmq01abd100_74jnt1r5txx74jnt1r5t ************************* :: "Tracing" keys removed :: Winsock settings cleared ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [11939 bytes] ##########