# AdwCleaner v6.044 - Logfile created 25/03/2017 at 13:37:43
# Updated on 28/02/2017 by Malwarebytes
# Database : 2017-03-23.2 [Local]
# Operating System : Windows 10 Home  (X64)
# Username : Valentin - ASUS_VALENTIN
# Running from : C:\Users\Valentin\Downloads\adwcleaner_6.044.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****



***** [ Folders ] *****

[-] Folder deleted: C:\Program Files (x86)\Elex-tech
[#] Folder deleted on reboot: C:\Program Files (x86)\FastCompress-Zip
[-] Folder deleted: C:\Program Files (x86)\Viewpoint
[-] Folder deleted: C:\Program Files (x86)\BikaQRss
[-] Folder deleted: C:\Program Files (x86)\Footper
[-] Folder deleted: C:\Program Files (x86)\amulell
[-] Folder deleted: C:\Program Files (x86)\deskapp
[-] Folder deleted: C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\Tencent
[-] Folder deleted: C:\Users\Valentin\AppData\Roaming\Profiles\yzzfdyu4.default
[-] Folder deleted: C:\Program Files (x86)\Firefox
[-] Folder deleted: C:\Users\Valentin\AppData\Roaming\Mozilla\Firefox\naweriweentcofise
[-] Folder deleted: C:\Users\Valentin\AppData\Roaming\Firefox
[-] Folder deleted: C:\Users\Valentin\AppData\Local\Firefox
[-] Folder deleted: C:\Users\Valentin\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\eoebpcbiklhocbchcfjlejdfhfaimfoh
[-] Folder deleted: C:\Users\Valentin\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Local Extension Settings\eoebpcbiklhocbchcfjlejdfhfaimfoh


***** [ Files ] *****

[-] File deleted: C:\WINDOWS\SysNative\log\iSafeKrnlCall.log
[-] File deleted: C:\WINDOWS\SysNative\drivers\iSafeKrnlBoot.sys
[-] File deleted: C:\WINDOWS\SysNative\drivers\iSafeNetFilter.sys
[-] File deleted: C:\Users\Public\Documents\temp.dat
[-] File deleted: C:\Users\Public\Documents\report.dat
[-] File deleted: C:\Users\Valentin\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Local Storage\chrome-extension_eoebpcbiklhocbchcfjlejdfhfaimfoh_0.localstorage


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****

[-] Shortcut disinfected: C:\Users\Valentin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[-] Shortcut disinfected: C:\Users\Valentin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\a9926f0d64fc9854\Google Chrome.lnk


***** [ Scheduled Tasks ] *****

[-] Task deleted: Nmolevuperward
[-] Task deleted: qqbrowser
[-] Task deleted: qqbrowser-exe
[-] Task deleted: Microsoft\Windows\Media Center\VCore
[-] Task deleted: Microsoft\Windows\Multimedia\Manager
[-] Task deleted: Milimili
[-] Task deleted: BikaQ_FetchAndUpgrade_CanBeDel


***** [ Registry ] *****

[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WinSnare
[#] Key deleted on reboot: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WinSnare
[-] Key deleted: HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
[-] Key deleted: HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{9DBB28C1-1925-11D3-A498-00104B6EB52E}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03F998B2-0E00-11D3-A498-00104B6EB52E}
[-] Value deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved [{22BB7841-43C8-451B-1000-000100020000}]
[-] Key deleted: HKU\.DEFAULT\Software\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[-] Key deleted: HKU\.DEFAULT\Software\jhdbca
[-] Key deleted: HKU\S-1-5-21-3706191623-1434985902-2863650259-1002\Software\FastCompress-Zip
[-] Key deleted: HKU\S-1-5-21-3706191623-1434985902-2863650259-1002\Software\Microsoft\Tinstalls
[-] Key deleted: HKU\S-1-5-21-3706191623-1434985902-2863650259-1002\Software\VideoBox
[-] Key deleted: HKU\S-1-5-21-3706191623-1434985902-2863650259-1002\Software\WinSnare
[-] Key deleted: HKU\S-1-5-21-3706191623-1434985902-2863650259-1002\Software\Footper
[-] Key deleted: HKU\S-1-5-21-3706191623-1434985902-2863650259-1002\Software\deskapp
[#] Key deleted on reboot: HKU\S-1-5-18\Software\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[#] Key deleted on reboot: HKU\S-1-5-18\Software\jhdbca
[#] Key deleted on reboot: HKCU\Software\FastCompress-Zip
[#] Key deleted on reboot: HKCU\Software\Microsoft\Tinstalls
[#] Key deleted on reboot: HKCU\Software\VideoBox
[#] Key deleted on reboot: HKCU\Software\WinSnare
[#] Key deleted on reboot: HKCU\Software\Footper
[#] Key deleted on reboot: HKCU\Software\deskapp
[-] Key deleted: HKLM\SOFTWARE\Elex-tech
[-] Key deleted: HKLM\SOFTWARE\FastCompress-Zip
[-] Key deleted: HKLM\SOFTWARE\MetaStream
[-] Key deleted: HKLM\SOFTWARE\Viewpoint
[-] Key deleted: HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154}
[-] Key deleted: HKLM\SOFTWARE\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[-] Key deleted: HKLM\SOFTWARE\trotuxSoftware
[-] Key deleted: HKLM\SOFTWARE\ScreenShot
[-] Key deleted: HKLM\SOFTWARE\jhdbca
[-] Key deleted: HKLM\SOFTWARE\amule-custom
[-] Key deleted: HKLM\SOFTWARE\startpageing123Software
[-] Key deleted: HKLM\SOFTWARE\msServer
[-] Key deleted: HKLM\SOFTWARE\Footper
[-] Key deleted: HKLM\SOFTWARE\{84416237-6490-494D-9AD6-4994DD978971}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FastCompress-Zip
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{59B5A9CD-253D-4C41-A073-B387D4C9672D}
[#] Key deleted on reboot: [x64] HKCU\Software\FastCompress-Zip
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Tinstalls
[#] Key deleted on reboot: [x64] HKCU\Software\VideoBox
[#] Key deleted on reboot: [x64] HKCU\Software\WinSnare
[#] Key deleted on reboot: [x64] HKCU\Software\Footper
[#] Key deleted on reboot: [x64] HKCU\Software\deskapp
[-] Key deleted: [x64] HKLM\SOFTWARE\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2}
[-] Key deleted: [x64] HKLM\SOFTWARE\jhdbca
[-] Key deleted: [x64] HKLM\SOFTWARE\InterSect Alliance
[-] Data restored: HKU\S-1-5-21-3706191623-1434985902-2863650259-1002\Software\Microsoft\Internet Explorer\Main [Start Page] 
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] 
[-] Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] 
[-] Key deleted: HKU\S-1-5-21-3706191623-1434985902-2863650259-1002\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Data restored: HKU\S-1-5-21-3706191623-1434985902-2863650259-1002\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Data restored: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Data restored: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[-] Key deleted: HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\FastCompress-Zip
[-] Key deleted: HKLM\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\FastCompress-Zip
[-] Key deleted: HKLM\SOFTWARE\Classes\Drive\shellex\DragDropHandlers\FastCompress-Zip
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\FM.exe
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\e24b7131-d039-43cb-9e6f-ad4be601ec1f
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\04262113-2a31-48e1-b4bb-3b42174bea0f
[#] Key deleted on reboot: HKLM\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\e24b7131-d039-43cb-9e6f-ad4be601ec1f
[#] Key deleted on reboot: HKLM\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\04262113-2a31-48e1-b4bb-3b42174bea0f
[-] Value deleted: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [WinSAPSvc]
[-] Key deleted: HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\FastCompress-Zip
[-] Key deleted: HKCU\SOFTWARE\Classes\ChromeHTML
[-] Key deleted: HKCU\SOFTWARE\Clients\StartMenuInternet\ChromeHTML


***** [ Web browsers ] *****

[-] [C:\Users\Valentin\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Web data] [Search Provider] Deleted: coldsearch.com
[-] [C:\Users\Valentin\AppData\Local\Google\Chrome\User Data\ChromeDefaultData] [extension] Deleted: eoebpcbiklhocbchcfjlejdfhfaimfoh
[-] [C:\Users\Valentin\AppData\Local\Google\Chrome\User Data\ChromeDefaultData] [homepage] Deleted: hxxp://www.delta-search.com/?affID=121845&tt=gc_150213_lnkry&babsrc=HP_ss&mntrId=B23B1E71D9179498


*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [15253 Bytes] - [11/07/2016 16:14:37]
C:\AdwCleaner\AdwCleaner[C2].txt - [10504 Bytes] - [25/03/2017 13:37:43]
C:\AdwCleaner\AdwCleaner[S1].txt - [15333 Bytes] - [11/07/2016 16:11:11]
C:\AdwCleaner\AdwCleaner[S2].txt - [17422 Bytes] - [19/07/2016 06:19:38]
C:\AdwCleaner\AdwCleaner[S3].txt - [11872 Bytes] - [25/03/2017 09:30:03]
C:\AdwCleaner\AdwCleaner[S4].txt - [11392 Bytes] - [25/03/2017 13:27:45]
C:\AdwCleaner\AdwCleaner[S5].txt - [10615 Bytes] - [25/03/2017 13:35:24]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [10948 Bytes] ##########