# AdwCleaner v6.041 - Logfile created 03/01/2017 at 17:46:20
# Updated on 16/12/2016 by Malwarebytes
# Database : 2017-01-03.1 [Server]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username : Akhlifi Med - AKHLIFIMED-PC
# Running from : C:\Users\Akhlifi Med\Desktop\adwcleaner_6.041.exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

Service Found: GoogleChromeUpService
Service Found: ucdrv
Service Found: SaFiSvc
Service Found: dtldrvhelp


***** [ Folders ] *****

Folder Found: C:\Program Files (x86)\3948BD9C-1483197847-11E1-BCE9-BE15FAC94852
Folder Found: C:\Program Files (x86)\EnjOyCoUpon
Folder Found: C:\Program Files (x86)\ExstraSavinggs
Folder Found: C:\Program Files (x86)\Fun2SAive
Folder Found: C:\Program Files (x86)\FunoDaeals
Folder Found: C:\Program Files (x86)\RegUUlarDeAAls
Folder Found: C:\Program Files (x86)\RoboSavveR
Folder Found: C:\Program Files (x86)\SallePLUs
Folder Found: C:\ProgramData\1a5ab6ac00001d07
Folder Found: C:\ProgramData\21c723c500006a4d
Folder Found: C:\ProgramData\3270fe5e00004fdb
Folder Found: C:\ProgramData\46fd71c80000070b
Folder Found: C:\ProgramData\812a86140000723b
Folder Found: C:\ProgramData\9148724837990743182
Folder Found: C:\ProgramData\bcapdgolamjladpmfhngajdclemfhehe
Folder Found: C:\ProgramData\Application Data\bcapdgolamjladpmfhngajdclemfhehe
Folder Found: C:\ProgramData\c61bbf3000004b4b
Folder Found: C:\ProgramData\d6e0580700004b4c
Folder Found: C:\ProgramData\dd297933000014ba
Folder Found: C:\ProgramData\e884a540000004a2
Folder Found: C:\ProgramData\fe16680800004538
Folder Found: C:\ProgramData\hoippaacopmbaiokjmncjeoinmkhdcel
Folder Found: C:\ProgramData\Application Data\hoippaacopmbaiokjmncjeoinmkhdcel
Folder Found: C:\ProgramData\PC Faster
Folder Found: C:\ProgramData\Application Data\PC Faster
Folder Found: C:\Users\Public\Documents\PC Faster
Folder Found: C:\ProgramData\{01d0ddd7-2064-1}
Folder Found: C:\ProgramData\{049a8d15-6064-0}
Folder Found: C:\ProgramData\{05cc54b8-00c8-0}
Folder Found: C:\ProgramData\{07ee42a8-20c8-0}
Folder Found: C:\ProgramData\{0814074b-50c8-1}
Folder Found: C:\ProgramData\{15877dcd-d3bb-96ff-1587-77dcdd3bf737}
Folder Found: C:\ProgramData\{1c159449-30c8-1}
Folder Found: C:\ProgramData\{3fa6c51b-0bb5-22f9-3fa6-6c51b0bb146c}
Folder Found: C:\ProgramData\{699cb3e5-acc7-589f-699c-cb3e5acccf96}
Folder Found: C:\ProgramData\{d655ee5f-59a2-8e70-d655-5ee5f59ab97d}
Folder Found: C:\Users\Akhlifi Med\AppData\Local\Mail.Ru
Folder Found: C:\Users\Akhlifi Med\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk
Folder Found: C:\Users\Akhlifi Med\AppData\LocalLow\.acestream
Folder Found: C:\Users\Akhlifi Med\AppData\LocalLow\TSearch
Folder Found: C:\Users\Akhlifi Med\AppData\Roaming\.acestream
Folder Found: C:\Users\Akhlifi Med\AppData\Roaming\acestream
Folder Found: C:\Users\Akhlifi Med\AppData\Roaming\Advanced System Protector
Folder Found: C:\Users\Akhlifi Med\AppData\Roaming\sweet-page
Folder Found: C:\Users\Akhlifi Med\AppData\Roaming\Systweak
Folder Found: C:\Users\Akhlifi Med\AppData\Roaming\MailProducts
Folder Found: C:\Users\Akhlifi Med\AppData\Roaming\ContentPush
Folder Found: C:\Users\Akhlifi Med\AppData\Roaming\Kuaizip
Folder Found: C:\Users\Akhlifi Med\AppData\Roaming\LuDaShi
Folder Found: C:\Users\Akhlifi Med\AppData\Roaming\lockhomepage
Folder Found: C:\Users\Akhlifi Med\AppData\Roaming\Softlink
Folder Found: C:\Users\Akhlifi Med\AppData\Roaming\Microleaves
Folder Found: C:\Users\Akhlifi Med\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ace Stream Media
Folder Found: C:\Program Files\Babylon
Folder Found: C:\Program Files\SaFiPlayer
Folder Found: C:\_acestream_cache_
Folder Found: C:\ProgramData\Mail.Ru
Folder Found: C:\ProgramData\pc faster
Folder Found: C:\ProgramData\Registry Helper
Folder Found: C:\ProgramData\WindowsMsg
Folder Found: C:\ProgramData\Microleaves
Folder Found: C:\ProgramData\Application Data\Mail.Ru
Folder Found: C:\ProgramData\Application Data\pc faster
Folder Found: C:\ProgramData\Application Data\Registry Helper
Folder Found: C:\ProgramData\Application Data\WindowsMsg
Folder Found: C:\ProgramData\Application Data\Microleaves
Folder Found: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cain
Folder Found: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SaFiPlayer
Folder Found: C:\Users\Public\Documents\pc faster
Folder Found: C:\Program Files (x86)\Cain
Folder Found: C:\Program Files (x86)\Mail.Ru
Folder Found: C:\Program Files (x86)\ContentPush
Folder Found: C:\Users\Akhlifi Med\AppData\Local\app


***** [ Files ] *****

File Found: C:\Users\Akhlifi Med\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk
File Found: C:\Users\Akhlifi Med\Favorites\Mail.Ru.url
File Found: C:\Users\Akhlifi Med\Favorites\Mail.Ru Агент - используй для общения!.url
File Found: C:\Windows\SysNative\roboot64.exe
File Found: C:\ProgramData\service.exe
File Found: C:\ProgramData\Application Data\service.exe
File Found: C:\Windows\SysWOW64\RegistryHelperLM.ocx
File Found: C:\ProgramData\service.exe
File Found: C:\Users\Akhlifi Med\AppData\Roaming\appdataFr2.bin
File Found: C:\Windows\run.vbs
File Found: C:\ProgramData\igfxDH.dll


***** [ DLL ] *****

No malicious DLLs found.


***** [ WMI ] *****

Key Found: : \root\subscription\\ActiveScriptEventConsumer [ASEC]


***** [ Shortcuts ] *****

Shortcut infected: C:\Users\Public\Desktop\Mozilla Firefox.lnk ( hxxp://kipuu.cn/ )
Shortcut infected: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk ( hxxp://kipuu.cn/ )
Shortcut infected: C:\Users\Akhlifi Med\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( hxxp://kipuu.cn/ )
Shortcut infected: C:\Users\Akhlifi Med\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk ( hxxp://kipuu.cn/ )
Shortcut infected: C:\Users\Akhlifi Med\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WorldofTanks551\WorldofTanks.lnk ( hxxp://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/ )
Shortcut infected: C:\Users\Akhlifi Med\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk ( --load-extension="C:\Users\AKHLIF~1\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://kipuu.cn/
Shortcut infected: C:\Users\Akhlifi Med\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://kipuu.cn/ )
Shortcut infected: C:\Users\Akhlifi Med\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk ( url,FileProtocolHandler "hxxp://www.mail.ru/cnt/20775012?gp=821637" )
Shortcut infected: C:\Users\Akhlifi Med\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WorldofTanks.lnk ( hxxp://kipuu.cn/ )
Shortcut infected: C:\Users\Akhlifi Med\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk ( hxxp://kipuu.cn/ )


***** [ Scheduled Tasks ] *****

Task Found: PC Faster
Task Found: {1014B6F3-325E-0B88-BD18-7EEEFCEDF0F7}
Task Found: {D18E1AEC-2D45-42DA-9BD7-6F477EA06813}
Task Found: Advanced System Protector
Task Found: WOT N
Task Found: WOT T
Task Found: WOT W1
Task Found: WOT W2
Task Found: WOT WFRI1
Task Found: WOT WMON1
Task Found: WOT WTHUR1
Task Found: WOT WTUE1
Task Found: WOT WW1
Task Found: WOT WW2
Task Found: WOT WWED1
Task Found: Superclean
Task Found: osTip
Task Found: SecureUpdater


***** [ Registry ] *****

Key Found: HKLM\SOFTWARE\d51fd3a3-8cd4-5df6-29c6-91b6edef8f7a
Key Found: HKLM\SOFTWARE\Classes\CLSID\{b44f2bf7-0c4a-4e39-b366-3082af73f8a1}
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{b44f2bf7-0c4a-4e39-b366-3082af73f8a1}
Key Found: HKLM\SOFTWARE\Classes\Pb44f2bf7_0c4a_4e39_b366_3082af73f8a1_.Pb44f2bf7_0c4a_4e39_b366_3082af73f8a1_
Key Found: HKLM\SOFTWARE\Classes\Pb44f2bf7_0c4a_4e39_b366_3082af73f8a1_.Pb44f2bf7_0c4a_4e39_b366_3082af73f8a1_.9
Key Found: {832008D4-0A5E-4F74-A62E-7284F91F7681}
Key Found: {EB559340-3A8F-4456-B24D-160098054EF0}
Key Found: {FCE74B5F-13A9-47C3-B69E-5210C1EECBEF}
Key Found: {FD5787DF-EF9A-4DCC-8EA3-43279F7BC560}
Key Found: HKLM\SOFTWARE\Classes\Interface\{0FFA016C-49EA-43E6-A635-773E4A768C34}
Key Found: HKLM\SOFTWARE\Classes\Interface\{1EA56CF8-1B08-4B8B-BAD9-77D0A2F55837}
Key Found: HKLM\SOFTWARE\Classes\Interface\{311AACFA-3DB4-4EEC-B430-E9FFF3C3F4EB}
Key Found: HKLM\SOFTWARE\Classes\Interface\{5C4ECEE2-D00F-4844-92B9-F2699746572C}
Key Found: HKLM\SOFTWARE\Classes\Interface\{8069EEE8-90E1-42E5-82B5-BE7D9D04E78B}
Key Found: HKLM\SOFTWARE\Classes\Interface\{937D76F0-C828-487A-A042-54CA1849F136}
Key Found: HKLM\SOFTWARE\Classes\Interface\{981C4037-A6DF-4B09-BEB9-2B6AFA9E8044}
Key Found: HKLM\SOFTWARE\Classes\Interface\{AFE44F7D-9EB4-426B-AB34-4DAB85ECDF91}
Key Found: HKLM\SOFTWARE\Classes\Interface\{C9B1623E-D1AB-46B1-9D60-12F35E65190B}
Key Found: HKLM\SOFTWARE\Classes\Interface\{D3EE4881-9CA4-46DD-BF2B-033422C7D0D9}
Key Found: HKLM\SOFTWARE\Classes\Interface\{D75E8573-4E73-4642-8517-A6348042151C}
Key Found: HKLM\SOFTWARE\Classes\Interface\{DC00432C-FF74-41C6-BE9E-7F2224FDB437}
Key Found: [x64] HKLM\SOFTWARE\Classes\Interface\{0FFA016C-49EA-43E6-A635-773E4A768C34}
Key Found: [x64] HKLM\SOFTWARE\Classes\Interface\{1EA56CF8-1B08-4B8B-BAD9-77D0A2F55837}
Key Found: [x64] HKLM\SOFTWARE\Classes\Interface\{311AACFA-3DB4-4EEC-B430-E9FFF3C3F4EB}
Key Found: [x64] HKLM\SOFTWARE\Classes\Interface\{5C4ECEE2-D00F-4844-92B9-F2699746572C}
Key Found: [x64] HKLM\SOFTWARE\Classes\Interface\{8069EEE8-90E1-42E5-82B5-BE7D9D04E78B}
Key Found: [x64] HKLM\SOFTWARE\Classes\Interface\{937D76F0-C828-487A-A042-54CA1849F136}
Key Found: [x64] HKLM\SOFTWARE\Classes\Interface\{981C4037-A6DF-4B09-BEB9-2B6AFA9E8044}
Key Found: [x64] HKLM\SOFTWARE\Classes\Interface\{AFE44F7D-9EB4-426B-AB34-4DAB85ECDF91}
Key Found: [x64] HKLM\SOFTWARE\Classes\Interface\{C9B1623E-D1AB-46B1-9D60-12F35E65190B}
Key Found: [x64] HKLM\SOFTWARE\Classes\Interface\{D3EE4881-9CA4-46DD-BF2B-033422C7D0D9}
Key Found: [x64] HKLM\SOFTWARE\Classes\Interface\{D75E8573-4E73-4642-8517-A6348042151C}
Key Found: [x64] HKLM\SOFTWARE\Classes\Interface\{DC00432C-FF74-41C6-BE9E-7F2224FDB437}
Key Found: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Registry Helper Service
Key Found: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Registry Helper Service
Key Found: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\GoogleChromeUpService
Key Found: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\GoogleChromeUpService
Key Found: HKU\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\Classes\.acelive
Key Found: HKU\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\Classes\.acemedia
Key Found: HKU\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\Classes\.acestream
Key Found: HKU\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\Classes\.tslive
Key Found: HKU\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\Classes\acestream
Key Found: HKU\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\Classes\AceStream.CDAudio
Key Found: HKU\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\Classes\AceStream.DVDMovie
Key Found: HKU\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\Classes\AceStream.file
Key Found: HKU\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\Classes\AceStream.OPENFolder
Key Found: HKU\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\Classes\AceStream.SVCDMovie
Key Found: HKU\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\Classes\AceStream.VCDMovie
Key Found: HKCU\Software\Classes\.acelive
Key Found: HKCU\Software\Classes\.acemedia
Key Found: HKCU\Software\Classes\.acestream
Key Found: HKCU\Software\Classes\.tslive
Key Found: HKCU\Software\Classes\acestream
Key Found: HKCU\Software\Classes\AceStream.CDAudio
Key Found: HKCU\Software\Classes\AceStream.DVDMovie
Key Found: HKCU\Software\Classes\AceStream.file
Key Found: HKCU\Software\Classes\AceStream.OPENFolder
Key Found: HKCU\Software\Classes\AceStream.SVCDMovie
Key Found: HKCU\Software\Classes\AceStream.VCDMovie
Key Found: HKLM\SOFTWARE\Classes\.acestream
Key Found: [x64] HKCU\Software\Classes\.acelive
Key Found: [x64] HKCU\Software\Classes\.acemedia
Key Found: [x64] HKCU\Software\Classes\.acestream
Key Found: [x64] HKCU\Software\Classes\.tslive
Key Found: [x64] HKCU\Software\Classes\acestream
Key Found: [x64] HKCU\Software\Classes\AceStream.CDAudio
Key Found: [x64] HKCU\Software\Classes\AceStream.DVDMovie
Key Found: [x64] HKCU\Software\Classes\AceStream.file
Key Found: [x64] HKCU\Software\Classes\AceStream.OPENFolder
Key Found: [x64] HKCU\Software\Classes\AceStream.SVCDMovie
Key Found: [x64] HKCU\Software\Classes\AceStream.VCDMovie
Key Found: [x64] HKLM\SOFTWARE\Classes\.acestream
Key Found: HKU\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\Classes\TypeLib\{157B1AA6-3E5C-404A-9118-C1D91F537040}
Key Found: HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Key Found: HKCU\Software\Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{C379EAD1-CB34-4B09-AF6B-7E587F8BCD80}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{6E727987-C8EA-44DA-8749-310C0FBE3C3E}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{79690976-ED6E-403C-BBBA-F8928B5EDE17}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{8E8F97CD-60B5-456F-A201-73065652D099}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{03AE1B7B-A9E7-4D5A-9D34-89999C31B659}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{DCFCC2EC-3F33-45A8-8ADF-A6C81F11232F}
Key Found: HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Found: HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Found: HKLM\SOFTWARE\Classes\Interface\{357D32FC-F0AE-4B37-B36F-D44AA31496F5}
Key Found: HKLM\SOFTWARE\Classes\Interface\{80B3B43F-7508-4627-BE66-00FB9AE5EE72}
Key Found: HKLM\SOFTWARE\Classes\Interface\{E7BC34A1-BA86-11CF-84B1-CBC2DA68BF6C}
Key Found: HKCU\Software\Classes\TypeLib\{157B1AA6-3E5C-404A-9118-C1D91F537040}
Key Found: HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Found: HKLM\SOFTWARE\Classes\TypeLib\{5A83D7C9-4A14-4000-BC05-389268238753}
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E8F97CD-60B5-456F-A201-73065652D099}
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E727987-C8EA-44DA-8749-310C0FBE3C3E}
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8E8F97CD-60B5-456F-A201-73065652D099}
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8E8F97CD-60B5-456F-A201-73065652D099}
Value Found: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{6E727987-C8EA-44DA-8749-310C0FBE3C3E}]
Key Found: HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Found: HKU\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\AceStream
Key Found: HKU\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\APN PIP
Key Found: HKU\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\cain
Key Found: HKU\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\InstallCore
Key Found: HKU\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\Installer
Key Found: HKU\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\Super Optimizer
Key Found: HKU\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\WEBAPP
Key Found: HKU\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\osTip
Key Found: HKU\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\Mail.Ru
Key Found: HKU\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\Amigo
Key Found: HKU\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\systweak
Key Found: HKU\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\UCBrowserPID
Key Found: HKU\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\AutoTime
Key Found: HKU\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\KuaiZip
Key Found: HKU\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\SNDA
Key Found: HKU\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\KuaiZipSFX
Key Found: HKU\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\Maoha
Key Found: HKU\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\Ludashi
Key Found: HKU\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\SaFiPlayer
Key Found: HKU\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Found: HKU\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\AppDataLow\Software\Mail.Ru
Key Found: HKU\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\AceStream
Key Found: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\webget
Key Found: HKU\S-1-5-18\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Found: HKCU\Software\AceStream
Key Found: HKCU\Software\APN PIP
Key Found: HKCU\Software\cain
Key Found: HKCU\Software\InstallCore
Key Found: HKCU\Software\Installer
Key Found: HKCU\Software\Super Optimizer
Key Found: HKCU\Software\WEBAPP
Key Found: HKCU\Software\osTip
Key Found: HKCU\Software\Mail.Ru
Key Found: HKCU\Software\Amigo
Key Found: HKCU\Software\systweak
Key Found: HKCU\Software\UCBrowserPID
Key Found: HKCU\Software\AutoTime
Key Found: HKCU\Software\KuaiZip
Key Found: HKCU\Software\SNDA
Key Found: HKCU\Software\KuaiZipSFX
Key Found: HKCU\Software\Maoha
Key Found: HKCU\Software\Ludashi
Key Found: HKCU\Software\SaFiPlayer
Key Found: HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Found: HKCU\Software\AppDataLow\Software\Mail.Ru
Key Found: HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Key Found: HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Found: HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found: HKLM\SOFTWARE\Registry Helper
Key Found: HKLM\SOFTWARE\sweet-pageSoftware
Key Found: HKLM\SOFTWARE\Mail.Ru
Key Found: HKLM\SOFTWARE\systweak
Key Found: HKLM\SOFTWARE\UCBrowserPID
Key Found: HKLM\SOFTWARE\Maoha
Key Found: HKLM\SOFTWARE\Microleaves
Key Found: HKLM\SOFTWARE\SaFiPlayer
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AceStream
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2DF3E224-05CD-4113-AA7A-86F2F6607B46}
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{53B21E29-3967-C332-57EB-C02631658584}
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7304C9D1-98AD-55F0-636E-22D8DD57F176}
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9D9BEFAE-9499-F52B-6CC4-94818CCC2AB5}
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A3FC46A0-9B62-0EF3-B475-743B3A2762B1}
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B5DB572D-EA87-D3B0-08F6-4D153EA6A783}
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B696F285-F54E-2524-58B1-E06A70ABE6BE}
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sweet-page uninstaller
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ContentPush
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\webget
Key Found: [x64] HKCU\Software\AceStream
Key Found: [x64] HKCU\Software\APN PIP
Key Found: [x64] HKCU\Software\cain
Key Found: [x64] HKCU\Software\InstallCore
Key Found: [x64] HKCU\Software\Installer
Key Found: [x64] HKCU\Software\Super Optimizer
Key Found: [x64] HKCU\Software\WEBAPP
Key Found: [x64] HKCU\Software\osTip
Key Found: [x64] HKCU\Software\Mail.Ru
Key Found: [x64] HKCU\Software\Amigo
Key Found: [x64] HKCU\Software\systweak
Key Found: [x64] HKCU\Software\UCBrowserPID
Key Found: [x64] HKCU\Software\AutoTime
Key Found: [x64] HKCU\Software\KuaiZip
Key Found: [x64] HKCU\Software\SNDA
Key Found: [x64] HKCU\Software\KuaiZipSFX
Key Found: [x64] HKCU\Software\Maoha
Key Found: [x64] HKCU\Software\Ludashi
Key Found: [x64] HKCU\Software\SaFiPlayer
Key Found: [x64] HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Found: [x64] HKCU\Software\AppDataLow\Software\Mail.Ru
Key Found: [x64] HKLM\SOFTWARE\UCBrowser
Key Found: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AceStream
Data Found: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.sweet-page.com/web/?type=ds&ts=1400413208&from=cor&uid=TOSHIBAXMQ01ABD050_7317S3MQSXX7317S3MQS&q={searchTerms}
Data Found: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.gboxapp.com/
Data Found: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.sweet-page.com/web/?type=ds&ts=1400413208&from=cor&uid=TOSHIBAXMQ01ABD050_7317S3MQSXX7317S3MQS&q={searchTerms}
Data Found: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.sweet-page.com/web/?type=ds&ts=1400413208&from=cor&uid=TOSHIBAXMQ01ABD050_7317S3MQSXX7317S3MQS&q={searchTerms}
Data Found: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.gboxapp.com/
Data Found: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.sweet-page.com/web/?type=ds&ts=1400413208&from=cor&uid=TOSHIBAXMQ01ABD050_7317S3MQSXX7317S3MQS&q={searchTerms}
Key Found: HKU\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found: HKU\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found: HKU\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}
Key Found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}
Key Found: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Data Found: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Key Found: HKCU\Software\Policies\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found: HKCU\Software\Policies\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found: HKCU\Software\Policies\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}
Key Found: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Data Found: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Key Found: [x64] HKCU\Software\Policies\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found: [x64] HKCU\Software\Policies\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found: [x64] HKCU\Software\Policies\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}
Data Found: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon [Userinit] -
Data Found: [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon [Userinit] -
Data Found: HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{623D40B1-D9A5-4757-9CB8-14FD1DBEB16D} [NameServer] - 82.163.142.3 95.211.158.130
Data Found: HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{F11485CC-B4BD-4341-9107-CF26A3CEB67D} [NameServer] - 82.163.142.3 95.211.158.130
Data Found: [x64] HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{623D40B1-D9A5-4757-9CB8-14FD1DBEB16D} [NameServer] - 82.163.142.3 95.211.158.130
Data Found: [x64] HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{F11485CC-B4BD-4341-9107-CF26A3CEB67D} [NameServer] - 82.163.142.3 95.211.158.130
Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\bestpriceninja.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\pstatic.bestpriceninja.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\watch4.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\watch4.de
Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.watch4.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.watch4.de
Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\bestpriceninja.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\calcitapp.info
Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\cmptch.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\eshopcomp.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\gboxapp.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\inst.shoppingate.info
Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\land.pckeeper.software
Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\nps.pastaleads.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pastaleads.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pckeeper.software
Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pricepeep.net
Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pstatic.bestpriceninja.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pstatic.eshopcomp.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\re-markable.net
Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\re-markit.co
Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\reimageplus.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search.gboxapp.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\shoppingate.info
Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\static.cmptch.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\static.pricepeep00.pricepeep.net
Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\static.re-markable00.re-markable.net
Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\static.re-markit00.re-markit.co
Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\staticimgfarm.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\sweet-page.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ttdetect.staticimgfarm.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\utop.it
Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\watch4.de
Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\websearch.calcitapp.info
Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.sweet-page.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.watch4.de
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\bestpriceninja.com
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\pstatic.bestpriceninja.com
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\watch4.com
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\watch4.de
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.watch4.com
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.watch4.de
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\bestpriceninja.com
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\calcitapp.info
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\cmptch.com
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\eshopcomp.com
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\gboxapp.com
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\inst.shoppingate.info
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\land.pckeeper.software
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\nps.pastaleads.com
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pastaleads.com
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pckeeper.software
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pricepeep.net
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pstatic.bestpriceninja.com
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pstatic.eshopcomp.com
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\re-markable.net
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\re-markit.co
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\reimageplus.com
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search.gboxapp.com
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\shoppingate.info
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\static.cmptch.com
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\static.pricepeep00.pricepeep.net
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\static.re-markable00.re-markable.net
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\static.re-markit00.re-markit.co
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\staticimgfarm.com
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\sweet-page.com
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ttdetect.staticimgfarm.com
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\utop.it
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\watch4.de
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\websearch.calcitapp.info
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.sweet-page.com
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.watch4.de
Value Found: HKU\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\Microsoft\Windows\CurrentVersion\Run [apphide]
Value Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Run [apphide]
Value Found: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Run [apphide]
Value Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Registry Helper]
Value Found: HKU\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\Microsoft\Windows\CurrentVersion\Run [osmsg]
Value Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Run [osmsg]
Value Found: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Run [osmsg]
Value Found: HKU\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\Microsoft\Windows\CurrentVersion\Run [msiql]
Value Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Run [msiql]
Value Found: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Run [msiql]
Value Found: HKU\S-1-5-21-2784700871-1142390347-2527291130-1000\Software\Microsoft\Windows\CurrentVersion\Run [svchost0]
Value Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Run [svchost0]
Value Found: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Run [svchost0]
Key Found: HKCU\Software\Classes\Applications\ace_player.exe
Key Found: HKCU\Software\Classes\AudioCD\shell\PlayWithACEStream
Key Found: HKCU\Software\Classes\DVD\shell\PlayWithACEStream
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayCDAudioOnArrival
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayDVDAudioOnArrival
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayDVDMovieOnArrival
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayMusicFilesOnArrival
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlaySVCDMovieOnArrival
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayVCDMovieOnArrival
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayVideoFilesOnArrival
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acelive
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acemedia
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acestream
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tslive
Key Found: HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
Key Found: HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E
Key Found: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acelive
Key Found: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acemedia
Key Found: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acestream
Key Found: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tslive
Key Found: HKCU\SOFTWARE\Classes\Applications\ace_player.exe
Value Found: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [kuaizipupdatesvc]
Key Found: HKLM\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\


KuaiZipShlExt
Key Found: HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\


KuaiZipShlExt
Key Found: HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\


KuaiZipShlExt
Value Found: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ocr@babylon.com]
Value Found: HKCU\Software\Mozilla\Firefox\Extensions [acewebextension_unlisted@acestream.org]
Value Found: [x64] HKCU\Software\Mozilla\Firefox\Extensions [acewebextension_unlisted@acestream.org]
Value Found: HKCU\Software\Mozilla\Firefox\Extensions [acewebextension_unlisted@acestream.org]
Value Found: [x64] HKCU\Software\Mozilla\Firefox\Extensions [acewebextension_unlisted@acestream.org]
Value Found: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ocr@babylon.com]
Value Found: HKCU\Software\Mozilla\Firefox\Extensions [acewebextension_unlisted@acestream.org]
Value Found: [x64] HKCU\Software\Mozilla\Firefox\Extensions [acewebextension_unlisted@acestream.org]
Value Found: HKCU\Software\Mozilla\Firefox\Extensions [acewebextension_unlisted@acestream.org]
Value Found: [x64] HKCU\Software\Mozilla\Firefox\Extensions [acewebextension_unlisted@acestream.org]
Value Found: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ocr@babylon.com]
Value Found: HKCU\Software\Mozilla\Firefox\Extensions [acewebextension_unlisted@acestream.org]
Value Found: [x64] HKCU\Software\Mozilla\Firefox\Extensions [acewebextension_unlisted@acestream.org]
Value Found: HKCU\Software\Mozilla\Firefox\Extensions [acewebextension_unlisted@acestream.org]
Value Found: [x64] HKCU\Software\Mozilla\Firefox\Extensions [acewebextension_unlisted@acestream.org]


***** [ Web browsers ] *****

No malicious Firefox based browser items found.
No malicious Chromium based browser items found.

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [37980 Bytes] - [03/01/2017 17:42:27]
C:\AdwCleaner\AdwCleaner[S1].txt - [37500 Bytes] - [03/01/2017 17:46:20]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [37574 Bytes] ##########