# AdwCleaner 7.0.8.0 - Logfile created on Mon Feb 26 16:15:46 2018 # Updated on 2018/08/02 by Malwarebytes # Running on Windows 10 Home (X64) # Mode: clean # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services deleted. ***** [ Folders ] ***** Deleted: C:\Users\eliot\AppData\Roaming\cacaoweb Deleted: C:\Program Files\minergate Deleted: C:\Users\eliot\AppData\Local\minergate Deleted: C:\Users\eliot\AppData\Roaming\PRO PC Cleaner Deleted: C:\Users\eliot\AppData\Local\PRO_PC_Cleaner ***** [ Files ] ***** Deleted: C:\Users\eliot\Downloads\cacaoweb.exe Deleted: C:\Users\eliot\Desktop\cacaoweb.exe Deleted: C:\END Deleted: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonAssistant.lnk Deleted: C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonAssistant.lnk ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks deleted. ***** [ Registry ] ***** Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\amazonbrowserapp.com Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\analytics.app.amazonbrowserapp.com Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{8F782E5B-628F-400E-8BD2-E317400C8E38}C:\users\eliot\appdata\roaming\cacaoweb\cacaoweb.exe Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{7A403022-D760-4514-8DDA-54B20EF3F983}C:\users\eliot\appdata\roaming\cacaoweb\cacaoweb.exe Deleted: [Key] - HKU\S-1-5-21-2859240256-1174380967-1921194399-1001\Software\distromatic Deleted: [Key] - HKCU\Software\distromatic Deleted: [Key] - HKU\S-1-5-21-2859240256-1174380967-1921194399-1001\Software\cacaoweb Deleted: [Key] - HKCU\Software\cacaoweb Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474} Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE} Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450} Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769} Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C Deleted: [Value] - HKU\S-1-5-21-2859240256-1174380967-1921194399-1001\Software\Microsoft\Windows\CurrentVersion\Run|cacaoweb Deleted: [Value] - HKU\S-1-5-21-2859240256-1174380967-1921194399-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cacaoweb Deleted: [Value] - HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cacaoweb Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\Amazon1ButtonBrowserHelper.dll Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|Amazon1ButtonTaskbarApp.exe Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|c:\Program Files (x86)\Amazon\Amazon1ButtonApp\ Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|ByteFence.exe Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence Deleted: [Key] - HKU\S-1-5-21-2859240256-1174380967-1921194399-1001\Software\PROPCCleanerLanguage Deleted: [Key] - HKCU\Software\PROPCCleanerLanguage Deleted: [Key] - HKLM\SOFTWARE\PRO PC Cleaner Deleted: [Key] - HKU\S-1-5-21-2859240256-1174380967-1921194399-1001\Software\csastats Deleted: [Key] - HKCU\Software\csastats Deleted: [Key] - HKU\S-1-5-21-2859240256-1174380967-1921194399-1001\Software\PRODUCTSETUP Deleted: [Key] - HKCU\Software\PRODUCTSETUP Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ddcea2a-7b00-4349-8acb-af7ba6da251f} Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application ***** [ Firefox (and derivatives) ] ***** Plugin deleted: cacaoweb - http://www.cacaoweb.org/ ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries deleted. ************************* ::Tracing keys deleted ::Winsock settings cleared ::Additional Actions: 0 ************************* C:/AdwCleaner/AdwCleaner[S0].txt - [5187 B] - [2018/2/26 16:14:43] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########