# AdwCleaner 7.0.6.0 - Logfile created on Tue Jan 09 09:28:24 2018
# Updated on 2017/21/12 by Malwarebytes 
# Running on Windows 7 Ultimate (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

Deleted: BCUService


***** [ Folders ] *****

Deleted: C:\Users\joe\AppData\Roaming\cacaoweb
Deleted: C:\Program Files (x86)\DeviceVM
Deleted: C:\ProgramData\Logic Cramble
Deleted: C:\ProgramData\Application Data\Logic Cramble
Deleted: C:\Users\All Users\Logic Cramble
Deleted: C:\ProgramData\\tiser
Deleted: C:\Users\joe\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence
Deleted: C:\Program Files (x86)\FastDataX
Deleted: C:\Users\joe\AppData\Local\FastDataX
Deleted: C:\Users\joe\AppData\Local\Programs\SwytShopAlgoadChrome_Pkg3a
Deleted: C:\Users\joe\AppData\Roaming\RHEng
Deleted: C:\Program Files (x86)\ProxyGate
Deleted: C:\ProgramData\Quoteex
Deleted: C:\ProgramData\Application Data\Quoteex
Deleted: C:\Users\All Users\Quoteex
Deleted: C:\ProgramData\Microleaves
Deleted: C:\ProgramData\Application Data\Microleaves
Deleted: C:\Program Files (x86)\Microleaves
Deleted: C:\Users\All Users\Microleaves
Deleted: C:\ProgramData\Quoteexs
Deleted: C:\ProgramData\Application Data\Quoteexs
Deleted: C:\Users\All Users\Quoteexs
Deleted: C:\ProgramData\Quoteex
Deleted: C:\ProgramData\Application Data\Quoteex
Deleted: C:\Users\All Users\Quoteex
Deleted: C:\Program Files\1a718cae5c8caee452a06759d326af29
Deleted: C:\Program Files\33bddae401b030ee34a14e8281973faa
Deleted: C:\ProgramData\bece0272-2365-1
Deleted: C:\ProgramData\bece0272-2391-0


***** [ Files ] *****

Deleted: C:\Users\joe\AppData\Local\Main.dat
Deleted: C:\Users\joe\appdata\local\installationconfiguration.xml
Deleted: C:\Users\joe\AppData\Local\PO.DB


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted: PC-Mechanic Subscription
Deleted: PC-Mechanic Maintenance


***** [ Registry ] *****

Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{6C05075E-BE2E-4AAE-988C-76F49E81D5C6}C:\users\joe\appdata\roaming\cacaoweb\cacaoweb.exe
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{B5ECFA01-842B-4B2B-82FB-F7DB71DEE89C}C:\users\joe\appdata\roaming\cacaoweb\cacaoweb.exe
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{0464482D-8734-44F3-97AE-DC97F547136E}C:\users\joe\appdata\roaming\cacaoweb\cacaoweb.exe
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{11D862EA-E557-4816-A0AD-18870F6C486C}C:\users\joe\appdata\roaming\cacaoweb\cacaoweb.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D793423B-FF18-4A54-B9C9-75B3396BAAC4}
Deleted: [Key] - HKU\S-1-5-21-172831021-3283507413-674538517-1000\Software\cacaoweb
Deleted: [Key] - HKCU\Software\cacaoweb
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{77AA6435-2488-4A94-9FE5-49519DD2ED9B}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|BCU
Deleted: [Value] - HKU\S-1-5-21-172831021-3283507413-674538517-1000\Software\Microsoft\Windows\CurrentVersion\Run|cacaoweb
Deleted: [Value] - HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cacaoweb
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence


***** [ Firefox (and derivatives) ] *****

Plugin deleted: cacaoweb - http://www.cacaoweb.org/


***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [5100 B] - [2018/1/9 9:27:48]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########