# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build:    09-25-2018
# Database: 2018-11-14.2 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    11-16-2018
# Duration: 00:00:03
# OS:       Windows 10 Pro
# Cleaned:  41
# Failed:   1


***** [ Services ] *****

Deleted       RunBooster

***** [ Folders ] *****

Deleted       C:\Windows\System32\config\systemprofile\AppData\Roaming\CRMSvc

***** [ Files ] *****

Deleted       C:\Users\lenovo\appdata\local\installationconfiguration.xml

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D105DFE2-8DF6-4BA0-ABF1-392716658963}
Deleted       HKLM\System\CurrentControlSet\Services\EventLog\Application\CRMSvc
Deleted       HKLM\Software\MICROSOFT\TechnologyDesktopnew
Deleted       HKLM\SOFTWARE\MICROSOFT\Speedycar
Deleted       HKLM\Software\Wow6432Node\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Quoteex.exe
Deleted       HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs - "_C:\PROGRA~3\Quoteex\Dentoin.dll"
Deleted       HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1655C0CA-7AE7-4012-8502-970C8675E5F8
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|SharePal
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|SharePal Updater
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ShutdownTime
Deleted       HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run|ShutdownTime
Deleted       HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7f6e4c9b}
Deleted       HKCU\Software\Microsoft\BigTime
Deleted       HKLM\Software\Microsoft\DMunversion
Deleted       HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{bd549572-8286-4893-b71f-c9f280cd1037}|DhcpNameServer - "82.163.142.9"
Deleted       HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{775188a2-ab5e-4fdc-946c-d2a5485332ee}|DhcpNameServer - "82.163.142.9"
Deleted       HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{659a795b-4242-4c06-af22-043f48ea46aa}|DhcpNameServer - "82.163.142.9"
Deleted       HKLM\System\CurrentControlSet\Services\Tcpip\Parameters|NameServer - "82.163.142.9"
Deleted       HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{bd549572-8286-4893-b71f-c9f280cd1037}|NameServer - "82.163.142.9,95.211.158.137"
Deleted       HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{775188a2-ab5e-4fdc-946c-d2a5485332ee}|NameServer - "82.163.142.9,95.211.158.137"
Deleted       HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{659a795b-4242-4c06-af22-043f48ea46aa}|NameServer - "82.163.142.9,95.211.158.137"
Deleted       HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{54d06c90-063a-49b6-9119-5d5448328c07}|NameServer - "82.163.142.9,95.211.158.137"
Deleted       HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{425fe0f0-4606-4f80-8cd7-2ee396b16397}|NameServer - "82.163.142.9,95.211.158.137"
Deleted       HKLM\System\CurrentControlSet\Services\Tcpip\Parameters|NameServer - "95.211.158.137"
Deleted       HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main|Start Page
Deleted       HKLM\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes|DefaultScope
Deleted       HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\ielnksrch
Deleted       HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0CE02FFA-A6B0-46F6-BA2F-BD32C3630126}
Deleted       HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Quoteex.exe
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Quoteex.exe
Deleted       HKU\S-1-5-18\Environment|SNP
Deleted       HKU\.DEFAULT\Environment|SNP
Deleted       HKCU\Software\MICROSOFT\wewewe

***** [ Chromium (and derivatives) ] *****

Deleted       Tab Hibernation
Deleted       plimopelmdneikoknbgpopffpbmlhgpa

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

Not Deleted   suggestqueries.google.com


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [5819 octets] - [16/11/2018 14:11:53]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########