# AdwCleaner 7.0.4.0 - Logfile created on Tue Nov 28 09:17:42 2017
# Updated on 2017/27/10 by Malwarebytes 
# Database: 11-27-2017.1
# Running on Windows 10 Pro (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

Adware.Elex, WinInstallSvc
PUP.Optional.Legacy, OtherSearch
PUP.Optional.ProxyGate, pgt_svc


***** [ Folders ] *****

Adware.Ghokswa, C:\Program Files (x86)\Bookness
Adware.Ghokswa, C:\Users\Megaport\AppData\Local\Bookness
Adware.Ghokswa, C:\Users\Megaport\AppData\Roaming\Bookness
Adware.Ghokswa, C:\Users\Megaport\AppData\Local\Fanlook
Adware.Ghokswa, C:\Users\Megaport\AppData\Roaming\Fanlook
PUP.Optional.Legacy, C:\Users\Megaport\AppData\Roaming\Firefox
PUP.Optional.Legacy, C:\Windows\System32\config\systemprofile\AppData\Roaming\Tencent
PUP.Optional.Legacy, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent
Adware.SwytShop, C:\Users\Megaport\AppData\Local\Programs\SS_FF
PUP.Optional.SwytShop, C:\Users\Megaport\AppData\Local\Programs\SS_FF
PUP.Optional.SwytShop, C:\Users\Megaport\AppData\Local\Programs\SwytShop_Pkg3
PUP.Optional.ProxyGate, C:\Program Files (x86)\ProxyGate
PUP.Optional.FakeChrome, C:\Users\Megaport\AppData\Local\Legass


***** [ Files ] *****

PUP.Optional.Legacy, C:\Users\All Users\Documents\report.dat
PUP.Optional.Legacy, C:\Users\Public\Documents\report.dat
PUP.Optional.Legacy, C:\Users\All Users\Documents\temp.dat
PUP.Optional.Legacy, C:\Users\Public\Documents\temp.dat
PUP.Optional.Legacy, C:\Program Files\Internet Explorer\iexplore.bat
PUP.Optional.Legacy, C:\ProgramData\Apple\Apps\config.dll
PUP.Optional.Legacy, C:\ProgramData\Microsoft\AppV\Setup\Integrator.dll
PUP.Optional.Legacy, C:\END
PUP.Optional.Legacy, C:\Windows\SysNative\drivers\iSafeNetFilter.sys
PUP.Optional.Legacy, C:\Windows\SysNative\log\iSafeKrnlCall.log
PUP.Optional.Legacy, C:\Windows\SysNative\drivers\Lace_wpf_x64.sys
PUP.Optional.Legacy, C:\Users\Megaport\AppData\Roaming\Mozilla\Firefox\Profiles\9ktq9ehp.default\invalidprefs.js


***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

PUP.Optional.Geniv, GEN_Interval


***** [ Registry ] *****

Adware.Elex, [Key] - HKLM\SOFTWARE\Elex-tech
Adware.Elex, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Adware.Elex, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Adware.Ghokswa, [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {B1C85B28-20CB-40D7-9992-772E2F1812DC}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\ompndb
PUP.Optional.Legacy, [Key] - HKU\.DEFAULT\Software\ompndb
PUP.Optional.Legacy, [Key] - HKU\S-1-5-18\Software\ompndb
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\InterSect Alliance
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{BF8946CD-EEBE-436B-8282-B19A021C9EFE}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{D8CB24E3-DDA3-4B7F-8BA3-871DB7D3D986}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{F6DF4318-A699-4E88-BE1D-84F4A009B08A}
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost | ArcherGroupEx
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost | WinSAPSvc
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost | GubZLGroEx
PUP.Optional.Legacy, [Key] - HKLM\SYSTEM\CurrentControlSet\Control\iSafeKrnlBoot
PUP.Optional.SwytShop, [Key] - HKU\S-1-5-21-3964167442-2881545576-257045412-1001\Software\SwytShop
PUP.Optional.SwytShop, [Key] - HKCU\Software\SwytShop
PUP.Optional.SwytShop, [Key] - HKU\S-1-5-21-3964167442-2881545576-257045412-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\SwytShop_Pkg3_is1
PUP.Optional.SwytShop, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SwytShop_Pkg3_is1
PUP.Optional.SoEasySvc, [Key] - HKLM\SOFTWARE\SoEasySvc
PUP.Optional.ProxyGate, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1EC095EE-8CA3-43D6-B9F5-0C55B82ED3D7}}_is1
PUP.Optional.ScreenShot, [Key] - HKLM\SOFTWARE\ScreenShot
PUP.Optional.OtherSearch, [Key] - HKLM\SOFTWARE\OtherSearch
PUP.Optional.OtherSearch, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OtherSearch
PUP.Optional.WinSnare, [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost | WINSNARE


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [15002 B] - [2017/1/24 10:12:0]
C:/AdwCleaner/AdwCleaner[C2].txt - [4933 B] - [2017/2/6 6:51:40]
C:/AdwCleaner/AdwCleaner[S0].txt - [16000 B] - [2017/1/24 10:10:22]
C:/AdwCleaner/AdwCleaner[S1].txt - [6755 B] - [2017/2/6 6:46:35]


########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt ##########