# AdwCleaner v5.201 - Logfile created 30/06/2016 at 23:04:47 # Updated 30/06/2016 by ToolsLib # Database : 2016-06-30.2 [Server] # Operating system : Windows 7 Ultimate Service Pack 1 (X86) # Username : Yondaime - YONDAIME-PC # Running from : C:\Users\Yondaime\Desktop\adwcleaner_5.201.exe # Option : Scan # Support : https://toolslib.net/forum ***** [ Services ] ***** Service Found : QMUdisk Service Found : TSSK Service Found : WdMan Service Found : TDataSvr Service Found : softaal Service Found : SRepairDrv Service Found : tsnethlp ***** [ Folders ] ***** Folder Found : C:\ProgramData\0winp0 Folder Found : C:\ProgramData\gwinpg Folder Found : C:\ProgramData\kwinpk Folder Found : C:\ProgramData\qwinpq Folder Found : C:\ProgramData\Application Data\0winp0 Folder Found : C:\ProgramData\Application Data\gwinpg Folder Found : C:\ProgramData\Application Data\kwinpk Folder Found : C:\ProgramData\Application Data\qwinpq Folder Found : C:\Program Files\WinZipper Folder Found : C:\Program Files\TData Folder Found : C:\Program Files\QQBrowser Folder Found : C:\Program Files\TXQQBrowser Folder Found : C:\Program Files\4C4C4544-1438042583-5310-804E-B8C04F58344A Folder Found : C:\Program Files\CinemaP-1.9cV23.08 Folder Found : C:\Program Files\Begoch Folder Found : C:\Windows\system32\config\systemprofile\AppData\Roaming\tencent Folder Found : C:\Users\Yondaime\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108 Folder Found : C:\Users\Yondaime\AppData\Local\VirtualStore\Program Files\tencent Folder Found : C:\Users\Yondaime\AppData\Local\VirtualStore\Program Files\Trymedia Folder Found : C:\Users\Yondaime\AppData\Roaming\eCyber Folder Found : C:\Users\Yondaime\AppData\Roaming\WinZiper Folder Found : C:\Users\Yondaime\AppData\Roaming\vnlgp Folder Found : C:\Users\Yondaime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件 Folder Found : C:\Users\Yondaime\AppData\Roaming\Opera Software\Opera Stable\Extensions\akaelkiagnbfcccfnmbimdbplecgbikh Folder Found : C:\Users\Yondaime\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi Folder Found : C:\Users\Yondaime\AppData\Roaming\Opera Software\Opera Stable\Extensions\akaelkiagnbfcccfnmbimdbplecgbikh Folder Found : C:\Users\Yondaime\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi Folder Found : C:\Users\Public\Documents\dmp ***** [ Files ] ***** File Found : C:\Windows\system32\tssk.sys File Found : C:\Windows\system32\drivers\TS888.sys File Found : C:\Users\Yondaime\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_lkadffjmnaiokkdncgdlecdegajoiemi_0.localstorage File Found : C:\Users\Yondaime\AppData\Roaming\Opera Software\Opera Stable\databases\chrome-extension_lkadffjmnaiokkdncgdlecdegajoiemi_0 File Found : C:\Users\Yondaime\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\lkadffjmnaiokkdncgdlecdegajoiemi File Found : C:\Users\Yondaime\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_lkadffjmnaiokkdncgdlecdegajoiemi_0.localstorage File Found : C:\Users\Yondaime\AppData\Roaming\Opera Software\Opera Stable\databases\chrome-extension_lkadffjmnaiokkdncgdlecdegajoiemi_0 File Found : C:\Users\Yondaime\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\lkadffjmnaiokkdncgdlecdegajoiemi ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled tasks ] ***** Task Found : Browser Updater Task(Core) Task Found : Begoch Builder ***** [ Registry ] ***** Key Found : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE Key Found : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL Key Found : HKCU\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF} Key Found : HKLM\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF} Key Found : HKCU\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Tencent Key Found : HKEY_CLASSES_ROOT\.qmgc Key Found : HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd Key Found : HKLM\SOFTWARE\Classes\qmgcfiles Key Found : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1} Key Found : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD} Key Found : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4} Key Found : HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64} Key Found : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B} Key Found : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} Key Found : HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814} Key Found : HKLM\SOFTWARE\Classes\CLSID\{920D873D-05AB-4574-AD3A-872DD173658A} Key Found : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93} Key Found : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C} Key Found : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B} Key Found : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982} Key Found : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377} Key Found : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785} Key Found : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{81CA8FCD-1420-4A07-B47D-B30F3DDA79E1} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{29B6CFD5-0064-411A-8C42-9890C83F9921} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D64016F6-4D8E-4B35-AB22-9B2060800112} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10921475-03CE-4E04-90CE-E2E7EF20C814} Key Found : HKCU\Software\IM Key Found : HKLM\SOFTWARE\hdcode Key Found : HKLM\SOFTWARE\hohosearchSoftware Key Found : HKU\.DEFAULT\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678} Key Found : HKU\.DEFAULT\Software\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83} Key Found : HKU\S-1-5-21-4099662633-3521346365-417894702-1000\Software\IM Key Found : HKU\S-1-5-18\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678} Key Found : HKU\S-1-5-18\Software\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83} Data Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.attirerpage.com/?type=hp&ts=1467033751&z=26862cd77e66322c03aecb0gfzcq7m9edc3c7m3zdq&from=ihpm0627&uid=3219913727_67237_EA8FD84D Data Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.attirerpage.com/?type=hp&ts=1467033751&z=26862cd77e66322c03aecb0gfzcq7m9edc3c7m3zdq&from=ihpm0627&uid=3219913727_67237_EA8FD84D Data Found : HKU\S-1-5-21-4099662633-3521346365-417894702-1000\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.attirerpage.com/?type=hp&ts=1467033751&z=26862cd77e66322c03aecb0gfzcq7m9edc3c7m3zdq&from=ihpm0627&uid=3219913727_67237_EA8FD84D Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{1D2628D0-69FC-4B19-8F7E-516AAC9BC1D9}] Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{0F13E60A-6C6A-417C-89C9-BB36713C40A8}] Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{388830FE-B219-4B50-85B9-7D52EC345537}] Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{2CB8A74A-89D3-4119-BB71-33CAF177C9F7}] Key Found : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc Key Found : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService ***** [ Web browsers ] ***** ************************* C:\AdwCleaner\AdwCleaner[S1].txt - [8209 bytes] - [30/06/2016 23:04:47] ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [8282 bytes] ##########