# AdwCleaner 7.0.1.0 - Logfile created on Sun Aug 27 20:39:37 2017 # Updated on 2017/05/08 by Malwarebytes # Running on Windows 10 Pro (X64) # Mode: clean # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** Deleted: 8dc1faeb571ad5f98eb705f1714e45ac Deleted: cbdee81ba5c5beeece6fbda4029933f2 ***** [ Folders ] ***** Deleted: C:\Windows\System32\\SSL Deleted: C:\Windows\SysWOW64\\SSL Deleted: C:\Program Files\Common Files\Noobzo Deleted: C:\Users\toma\AppData\Local\AppTrailers Deleted: C:\Users\toma\AppData\Roaming\AppTrailers Deleted: C:\Program Files (x86)\thzXuJvjU Deleted: C:\Program Files (x86)\QYERbvxRHIE Deleted: C:\Program Files (x86)\GXZiGyYLSHyU2 Deleted: C:\Program Files (x86)\dCHHaxjOpqUn Deleted: C:\Program Files (x86)\Microleaves Deleted: C:\Users\toma\AppData\Local\Programs\SwytShopAlgoadChrome_Pkg3a Deleted: C:\Users\toma\AppData\Local\TubeTime Deleted: C:\Users\toma\AppData\Roaming\TubeTime Deleted: C:\Program Files (x86)\ProxyGate Deleted: C:\Program Files\cbdee81ba5c5beeece6fbda4029933f2 Deleted: C:\Program Files\468cd0a3790577fda68a3202c96e7da4 Deleted: C:\Program Files\a88a3f2f282eeee7a7e1804c4bc89f29 Deleted: C:\Program Files\e4ab15547a0b8e8d1eb702b0507c7ac2 ***** [ Files ] ***** Deleted: C:\Windows\\rsrcs.dll Deleted: C:\Windows\SysNative\drivers\Lace_wpf_x64.sys Deleted: C:\Users\toma\appdata\local\installationconfiguration.xml Deleted: C:\Users\toma\AppData\Local\PO.DB Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BeansPlayer.lnk ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** Cleaned: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk[http:\\www%2dsearching.com\?prd=set_epc&s=H8Rzamobl20544AU,d593b0f1-216c-4746-ac86-c4ae3b19de4e, --disable-quic] ***** [ Tasks ] ***** Deleted: Online Application V2G1 Deleted: Online Application V2G3 Deleted: Online Application V2G2 Deleted: SoftUpgrade Deleted: Updater_Online_Application Deleted: SMW_UpdateTask_Time_3338303936353439302d5737325a786c5a3237344541 ***** [ Registry ] ***** Deleted: [Key] - HKU\S-1-5-21-3056306664-1213150153-3816368855-1001\Software\C84E Deleted: [Key] - HKCU\Software\C84E Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Control\Class\{0C95ABFE-4FB6-49DB-B22F-0E1F5FC4BEEC} Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Control\Class\{EEEFACB3-729F-4484-B66D-E7A7917BBFC1} Deleted: [Key] - HKCU\Software\Classes\Applications\interstatnogui.exe Deleted: [Key] - HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9 Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564 Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\E3605470-291B-44EB-8648-745EE356599A Deleted: [Key] - HKU\S-1-5-21-3056306664-1213150153-3816368855-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\119 Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\119 Deleted: [Key] - HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b Deleted: [Key] - HKU\S-1-5-21-3056306664-1213150153-3816368855-1001\Software\Genius Deleted: [Key] - HKCU\Software\Genius Deleted: [Key] - HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries deleted. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries deleted. ************************* ::Tracing keys deleted ::Winsock settings cleared ::Additional Actions: 0 ************************* C:/AdwCleaner/AdwCleaner[S0].txt - [4429 B] - [2017/8/27 20:38:39] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########