# AdwCleaner 7.0.0.0 - Logfile created on Sat Jul 29 20:25:48 2017 # Updated on 2017/17/07 by Malwarebytes # Running on Windows 8.1 (X64) # Mode: clean # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services deleted. ***** [ Folders ] ***** Deleted: C:\Program Files (x86)\LenovoBrowserGuard Deleted: C:\Users\Nicolas\AppData\Local\LenovoBrowserGuard Deleted: C:\Users\Nicolas\AppData\Roaming\acestream Deleted: C:\Users\Nicolas\AppData\LocalLow\.acestream Deleted: C:\Users\Nicolas\AppData\Roaming\.acestream Deleted: C:\_acestream_cache_ Deleted: C:\Users\Nicolas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ace Stream Media Deleted: C:\ProgramData\Pokki Deleted: C:\ProgramData\Application Data\Pokki Deleted: C:\Users\All Users\Pokki Deleted: C:\Users\Default\AppData\Local\Pokki Deleted: C:\Users\Default User\AppData\Local\Pokki Deleted: C:\Users\Nicolas\AppData\Local\Pokki Deleted: C:\Users\Public\Pokki ***** [ Files ] ***** Deleted: C:\END Deleted: C:\Users\Nicolas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks deleted. ***** [ Registry ] ***** Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{61802860-34E0-4693-A1BC-0D6B1EF60CC1}C:\users\nicolas\appdata\roaming\acestream\engine\ace_engine.exe Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{996F141F-4F90-47AA-9359-30BA0E2E90BF}C:\users\nicolas\appdata\roaming\acestream\engine\ace_engine.exe Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{91A075FA-3C04-4055-A95C-213DE2BC4A1D}C:\users\nicolas\appdata\roaming\acestream\engine\ace_engine.exe Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{F980894F-30CC-4840-96B6-64653455F411}C:\users\nicolas\appdata\roaming\acestream\engine\ace_engine.exe Deleted: [Key] - HKU\S-1-5-21-2712448406-2383734764-1046649493-1002\Software\AceStream Deleted: [Key] - HKU\S-1-5-21-2712448406-2383734764-1046649493-1002\Software\Microsoft\Windows\CurrentVersion\Uninstall\AceStream Deleted: [Key] - HKCU\Software\AceStream Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AceStream Deleted: [Key] - HKU\S-1-5-21-2712448406-2383734764-1046649493-1002\Software\Pokki Deleted: [Key] - HKU\S-1-5-21-2712448406-2383734764-1046649493-1002\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki Deleted: [Key] - HKCU\Software\Pokki Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{CB6BF8B6-E12B-42FA-A478-91BCCDE475DC} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F} Deleted: [Key] - HKCU\Software\Classes\CLSID\{79690976-ED6E-403C-BBBA-F8928B5EDE17} Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{79690976-ED6E-403C-BBBA-F8928B5EDE17} Deleted: [Value] - HKU\S-1-5-21-2712448406-2383734764-1046649493-1002\Software\Microsoft\Windows\CurrentVersion\Run|Pokki Deleted: [Value] - HKU\S-1-5-21-2712448406-2383734764-1046649493-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Pokki Deleted: [Value] - HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Pokki Deleted: [Key] - HKCU\Software\Classes\AllFileSystemObjects\shell\pokki Deleted: [Key] - HKCU\Software\Classes\Directory\shell\pokki Deleted: [Key] - HKCU\Software\Classes\Drive\shell\pokki Deleted: [Key] - HKCU\Software\Classes\lnkfile\shell\pokki Deleted: [Key] - HKLM\SOFTWARE\CLASSES\APPID\VISUALDISCOVERY.EXE Deleted: [Key] - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acelive Deleted: [Key] - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acemedia Deleted: [Key] - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acestream Deleted: [Key] - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tslive Deleted: [Key] - HKCU\SOFTWARE\Classes\Applications\ace_player.exe Deleted: [Key] - HKCU\SOFTWARE\Classes\MIME\Database\Content Type\application/x-acestream-plugin Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayCDAudioOnArrival Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayDVDAudioOnArrival Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayDVDMovieOnArrival Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayMusicFilesOnArrival Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlaySVCDMovieOnArrival Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayVCDMovieOnArrival Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayVideoFilesOnArrival Deleted: [Key] - HKCU\Software\Classes\AudioCD\shell\PlayWithACEStream Deleted: [Key] - HKCU\Software\Classes\DVD\shell\PlayWithACEStream Deleted: [Key] - HKCU\Software\Classes\Applications\ace_player.exe Deleted: [Key] - HKCU\Software\Classes\MIME\Database\Content Type\application/x-acestream-plugin Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acelive Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acemedia Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acestream Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tslive Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\VISUALDISCOVERY.EXE Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDWFP Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VisualDiscovery Deleted: [Key] - HKLM\SOFTWARE\LenovoBrowserGuard Deleted: [Key] - HKLM\SOFTWARE\VisualDiscovery Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1 Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_Start_Menu ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries deleted. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries deleted. ************************* ::Tracing keys deleted ::Winsock settings cleared ::Additional Actions: 0 ************************* C:/AdwCleaner/AdwCleaner[S0].txt - [8549 B] - [2017/7/29 20:14:11] C:/AdwCleaner/AdwCleaner[S1].txt - [8617 B] - [2017/7/29 20:17:21] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########