Publicité
Publicité
Format du document : text/plain
Prévisualisation
# AdwCleaner 7.0.6.0 - Logfile created on Fri Dec 29 09:05:21 2017
# Updated on 2017/21/12 by Malwarebytes
# Running on Windows 7 Professional (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
Deleted: AppleNotificationsSrv
Deleted: glory
Deleted: CSHMDR
Deleted: iSafeService
Deleted: TMService
Deleted: TMCheckVersion
Deleted: pgt_svc
Deleted: NetUtils2016srv
Deleted: BIT
Deleted: Kitty
Deleted: 727e14596581e16b053daf7e98d13948
Deleted: 98ac82ef4517b63d3a7b9d6c55ea5fda
Deleted: b22c74fadda839ed00548ea83840e1b7
***** [ Folders ] *****
Deleted: C:\Program Files (x86)\Default Company Name
Deleted: C:\Program Files (x86)\Elex-tech
Deleted: C:\Users\BOB\AppData\Roaming\Elex-tech
Deleted: C:\Reimward
Deleted: C:\Users\BOB\AppData\Roaming\SNARER
Deleted: C:\Users\BOB\AppData\Local\SNAREA
Deleted: C:\Users\BOB\AppData\Local\terana
Deleted: C:\Users\BOB\AppData\Local\VNASRE
Deleted: C:\Pipisy
Deleted: C:\Users\BOB\AppData\Local\NPASRE
Deleted: C:\Reerdition
Deleted: C:\Users\BOB\AppData\Local\CWASRE
Deleted: C:\Users\BOB\AppData\Local\CSHMDR
Deleted: C:\Users\BOB\AppData\Local\snare
Deleted: C:\Program Files (x86)\Fanlook
Deleted: C:\Users\BOB\AppData\Local\Fanlook
Deleted: C:\ProgramData\BSD\DriverHive
Deleted: C:\ProgramData\Application Data\BSD\DriverHive
Deleted: C:\Windows\System32\\SSL
Deleted: C:\Windows\SysWOW64\\SSL
Deleted: C:\Users\BOB\AppData\Roaming\\Firefox
Deleted: C:\Windows\System32\\sstmp
Deleted: C:\Windows\SysWOW64\\sstmp
Deleted: C:\Users\BOB\AppData\Roaming\cacaoweb
Deleted: C:\Users\BOB\AppData\Roaming\GoldenGate
Deleted: C:\Users\BOB\AppData\Roaming\imminent
Deleted: C:\ProgramData\lavasoft\web companion
Deleted: C:\ProgramData\Application Data\lavasoft\web companion
Deleted: C:\Windows\System32\config\systemprofile\AppData\Roaming\Tencent
Deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent
Deleted: C:\ProgramData\BSD\DriverHiveEngine
Deleted: C:\ProgramData\Application Data\BSD\DriverHiveEngine
Deleted: C:\Users\BOB\AppData\Roaming\aMule
Deleted: C:\ProgramData\vCore
Deleted: C:\ProgramData\Application Data\vCore
Deleted: C:\Users\BOB\AppData\Local\AdvinstAnalytics
Deleted: C:\Users\BOB\AppData\Local\MicrosoftHelper
Deleted: C:\Users\BOB\AppData\Local\MicrosoftUpdater
Deleted: C:\Users\BOB\AppData\Local\WANARE
Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\WindowsTM
Deleted: C:\Program Files (x86)\WindowsTM
Deleted: C:\Users\Public\Documents\XMUpdate
Deleted: C:\Program Files (x86)\AlphaGo
Deleted: C:\Terward
Deleted: C:\ProgramData\Plusdax
Deleted: C:\ProgramData\Application Data\Plusdax
Deleted: C:\ProgramData\Logic Cramble
Deleted: C:\ProgramData\Application Data\Logic Cramble
Deleted: C:\ProgramData\PrefsSecure
Deleted: C:\ProgramData\Application Data\PrefsSecure
Deleted: C:\ProgramData\Plusdax
Deleted: C:\ProgramData\Application Data\Plusdax
Deleted: C:\Users\BOB\AppData\Local\AppTrailers
Deleted: C:\Program Files\jetstrmedia
Deleted: C:\Program Files (x86)\OneSystemCare
Deleted: C:\Users\BOB\AppData\Roaming\BROWSERMODULE
Deleted: C:\Program Files (x86)\ProxyGate
Deleted: C:\Program Files (x86)\Eastness
Deleted: C:\Users\BOB\AppData\Local\Eastness
Deleted: C:\Users\BOB\AppData\Roaming\WinSAPSvc
Deleted: C:\ProgramData\Microleaves
Deleted: C:\ProgramData\Application Data\Microleaves
Deleted: C:\Program Files (x86)\Microleaves
Deleted: C:\Insist
Deleted: C:\Users\BOB\Documents\PROPCCleaner
Deleted: C:\Users\BOB\AppData\Roaming\PRO PC Cleaner
Deleted: C:\Users\BOB\AppData\Local\PRO_PC_Cleaner
Deleted: C:\Windows\SysNative\Tasks\Y2Go
Deleted: C:\Users\BOB\AppData\Roaming\Interstatnogui
Deleted: C:\Program Files (x86)\BikaQRss
Deleted: C:\Users\BOB\AppData\Local\SNAREA
Deleted: C:\ProgramData\Plusdax
Deleted: C:\ProgramData\Application Data\Plusdax
Deleted: C:\Program Files (x86)\Universal Driver Updater
Deleted: C:\ProgramData\PCVARK
Deleted: C:\ProgramData\Application Data\PCVARK
Deleted: C:\\Users\Public\Documents\XMUpdate
Deleted: C:\Program Files\acbfa4650af99dfd75de9e6b9233a85d
Deleted: C:\Program Files\2d42beed8f38fb637224dbdd237fab25
Deleted: C:\Program Files (x86)\789363110d14746060626a5494772ff1
Deleted: C:\ProgramData\62d13578-0037-1
Deleted: C:\ProgramData\62d13578-0127-1
Deleted: C:\ProgramData\62d13578-0233-1
Deleted: C:\ProgramData\62d13578-0385-1
Deleted: C:\ProgramData\62d13578-0393-1
Deleted: C:\ProgramData\62d13578-05e5-1
Deleted: C:\ProgramData\62d13578-05e7-1
Deleted: C:\ProgramData\62d13578-0681-1
Deleted: C:\ProgramData\62d13578-0775-1
Deleted: C:\ProgramData\62d13578-0a37-1
Deleted: C:\ProgramData\62d13578-0ac7-1
Deleted: C:\ProgramData\62d13578-0af1-1
Deleted: C:\ProgramData\62d13578-0c03-0
Deleted: C:\ProgramData\62d13578-0dc7-1
Deleted: C:\ProgramData\62d13578-0f51-1
Deleted: C:\ProgramData\62d13578-0fc3-1
Deleted: C:\ProgramData\62d13578-1171-1
Deleted: C:\ProgramData\62d13578-1177-1
Deleted: C:\ProgramData\62d13578-11b7-1
Deleted: C:\ProgramData\62d13578-11e7-0
Deleted: C:\ProgramData\62d13578-11f3-1
Deleted: C:\ProgramData\62d13578-1317-0
Deleted: C:\ProgramData\62d13578-1361-1
Deleted: C:\ProgramData\62d13578-13d5-1
Deleted: C:\ProgramData\62d13578-1473-1
Deleted: C:\ProgramData\62d13578-14a7-1
Deleted: C:\ProgramData\62d13578-14c3-1
Deleted: C:\ProgramData\62d13578-1603-1
Deleted: C:\ProgramData\62d13578-1637-1
Deleted: C:\ProgramData\62d13578-1911-1
Deleted: C:\ProgramData\62d13578-1921-1
Deleted: C:\ProgramData\62d13578-1c91-1
Deleted: C:\ProgramData\62d13578-2017-1
Deleted: C:\ProgramData\62d13578-2047-1
Deleted: C:\ProgramData\62d13578-2065-1
Deleted: C:\ProgramData\62d13578-21b5-1
Deleted: C:\ProgramData\62d13578-2241-1
Deleted: C:\ProgramData\62d13578-2243-0
Deleted: C:\ProgramData\62d13578-2243-1
Deleted: C:\ProgramData\62d13578-2307-1
Deleted: C:\ProgramData\62d13578-2413-1
Deleted: C:\ProgramData\62d13578-2461-1
Deleted: C:\ProgramData\62d13578-2525-1
Deleted: C:\ProgramData\62d13578-2617-0
Deleted: C:\ProgramData\62d13578-27d7-0
Deleted: C:\ProgramData\62d13578-27e7-1
Deleted: C:\ProgramData\62d13578-27f5-1
Deleted: C:\ProgramData\62d13578-2825-0
Deleted: C:\ProgramData\62d13578-2843-1
Deleted: C:\ProgramData\62d13578-28b5-1
Deleted: C:\ProgramData\62d13578-2901-1
Deleted: C:\ProgramData\62d13578-2911-1
Deleted: C:\ProgramData\62d13578-2941-0
Deleted: C:\ProgramData\62d13578-2977-1
Deleted: C:\ProgramData\62d13578-2a35-1
Deleted: C:\ProgramData\62d13578-2ba3-1
Deleted: C:\ProgramData\62d13578-2be5-1
Deleted: C:\ProgramData\62d13578-2c95-1
Deleted: C:\ProgramData\62d13578-2e55-1
Deleted: C:\ProgramData\62d13578-2fa1-0
Deleted: C:\ProgramData\62d13578-30e1-1
Deleted: C:\ProgramData\62d13578-3297-1
Deleted: C:\ProgramData\62d13578-3367-1
Deleted: C:\ProgramData\62d13578-3411-1
Deleted: C:\ProgramData\62d13578-34b3-0
Deleted: C:\ProgramData\62d13578-34d1-1
Deleted: C:\ProgramData\62d13578-35d7-1
Deleted: C:\ProgramData\62d13578-3693-1
Deleted: C:\ProgramData\62d13578-36f1-1
Deleted: C:\ProgramData\62d13578-3705-1
Deleted: C:\ProgramData\62d13578-38e1-1
Deleted: C:\ProgramData\62d13578-3977-0
Deleted: C:\ProgramData\62d13578-3c75-1
Deleted: C:\ProgramData\62d13578-3c95-1
Deleted: C:\ProgramData\62d13578-3eb1-1
Deleted: C:\ProgramData\62d13578-3f75-1
Deleted: C:\ProgramData\62d13578-3fa5-1
Deleted: C:\ProgramData\62d13578-3fc5-1
Deleted: C:\ProgramData\62d13578-41c1-0
Deleted: C:\ProgramData\62d13578-4273-1
Deleted: C:\ProgramData\62d13578-42c3-1
Deleted: C:\ProgramData\62d13578-42d3-1
Deleted: C:\ProgramData\62d13578-4311-1
Deleted: C:\ProgramData\62d13578-4501-1
Deleted: C:\ProgramData\62d13578-4577-1
Deleted: C:\ProgramData\62d13578-45b5-0
Deleted: C:\ProgramData\62d13578-4717-0
Deleted: C:\ProgramData\62d13578-4891-1
Deleted: C:\ProgramData\62d13578-4943-1
Deleted: C:\ProgramData\62d13578-49e7-0
Deleted: C:\ProgramData\62d13578-4a53-1
Deleted: C:\ProgramData\62d13578-4a83-1
Deleted: C:\ProgramData\62d13578-4c03-0
Deleted: C:\ProgramData\62d13578-4da3-1
Deleted: C:\ProgramData\62d13578-4dd5-1
Deleted: C:\ProgramData\62d13578-4e51-1
Deleted: C:\ProgramData\62d13578-4f31-1
Deleted: C:\ProgramData\62d13578-5001-1
Deleted: C:\ProgramData\62d13578-5051-0
Deleted: C:\ProgramData\62d13578-5095-1
Deleted: C:\ProgramData\62d13578-50d3-1
Deleted: C:\ProgramData\62d13578-51f1-1
Deleted: C:\ProgramData\62d13578-5205-1
Deleted: C:\ProgramData\62d13578-5351-0
Deleted: C:\ProgramData\62d13578-53b1-1
Deleted: C:\ProgramData\62d13578-5471-1
Deleted: C:\ProgramData\62d13578-5485-1
Deleted: C:\ProgramData\62d13578-5673-1
Deleted: C:\ProgramData\62d13578-5693-1
Deleted: C:\ProgramData\62d13578-58d5-1
Deleted: C:\ProgramData\62d13578-5c91-1
Deleted: C:\ProgramData\62d13578-5cb7-1
Deleted: C:\ProgramData\62d13578-5d23-1
Deleted: C:\ProgramData\62d13578-5d27-1
Deleted: C:\ProgramData\62d13578-5d37-1
Deleted: C:\ProgramData\62d13578-5f95-1
Deleted: C:\ProgramData\62d13578-60b1-1
Deleted: C:\ProgramData\62d13578-6165-1
Deleted: C:\ProgramData\62d13578-61b7-0
Deleted: C:\ProgramData\62d13578-6211-0
Deleted: C:\ProgramData\62d13578-6241-1
Deleted: C:\ProgramData\62d13578-6263-1
Deleted: C:\ProgramData\62d13578-62a3-1
Deleted: C:\ProgramData\62d13578-62b7-1
Deleted: C:\ProgramData\62d13578-63e3-1
Deleted: C:\ProgramData\62d13578-63f5-0
Deleted: C:\ProgramData\62d13578-64d1-1
Deleted: C:\ProgramData\62d13578-6625-1
Deleted: C:\ProgramData\62d13578-67f1-1
Deleted: C:\ProgramData\62d13578-6865-0
Deleted: C:\ProgramData\62d13578-6893-0
Deleted: C:\ProgramData\62d13578-6921-1
Deleted: C:\ProgramData\62d13578-6947-1
Deleted: C:\ProgramData\62d13578-6a05-0
Deleted: C:\ProgramData\62d13578-6a27-1
Deleted: C:\ProgramData\62d13578-6a65-1
Deleted: C:\ProgramData\62d13578-6a71-1
Deleted: C:\ProgramData\62d13578-6ac5-0
Deleted: C:\ProgramData\62d13578-6c73-1
Deleted: C:\ProgramData\62d13578-6cc5-1
Deleted: C:\ProgramData\62d13578-6e47-0
Deleted: C:\ProgramData\62d13578-6e73-1
Deleted: C:\ProgramData\62d13578-6ed3-1
Deleted: C:\ProgramData\62d13578-6f07-1
Deleted: C:\ProgramData\62d13578-6f51-1
Deleted: C:\ProgramData\62d13578-71a1-1
Deleted: C:\ProgramData\62d13578-7255-1
Deleted: C:\ProgramData\62d13578-7311-1
Deleted: C:\ProgramData\62d13578-7355-1
Deleted: C:\ProgramData\62d13578-7565-1
Deleted: C:\ProgramData\62d13578-76f1-1
Deleted: C:\ProgramData\62d13578-7761-1
Deleted: C:\ProgramData\62d13578-7831-1
Deleted: C:\ProgramData\62d13578-7865-0
Deleted: C:\ProgramData\62d13578-7ad3-1
Deleted: C:\ProgramData\62d13578-7b23-1
Deleted: C:\ProgramData\62d13578-7c63-1
Deleted: C:\ProgramData\62d13578-7ce1-1
Deleted: C:\ProgramData\62d13578-7d21-1
Deleted: C:\ProgramData\62d13578-7d51-0
Deleted: C:\ProgramData\62d13578-7db5-1
Deleted: C:\ProgramData\62d13578-7fd1-1
Deleted: C:\ProgramData\62d13578-7fe5-1
Deleted: C:\ProgramData\a1bd8073-3ff7-1
Deleted: C:\ProgramData\a1bd8073-7607-0
Deleted: C:\ProgramData\bfa51af5
Deleted: C:\ProgramData\{027e25d8-012c-1}
Deleted: C:\ProgramData\{189f6d86-112c-0}
Deleted: C:\ProgramData\{1b274f6a-112c-0}
Deleted: C:\ProgramData\{20d70a2d-012c-1}
Deleted: C:\ProgramData\{26d87c85-412c-0}
Deleted: C:\ProgramData\{2cab7e2a-512c-1}
Deleted: C:\ProgramData\{2cfa6180-212c-0}
Deleted: C:\ProgramData\{34405b56-012c-1}
Deleted: C:\ProgramData\{34c3137f-512c-0}
Deleted: C:\ProgramData\{3aa0385d-212c-1}
Deleted: C:\ProgramData\{40980772-212c-0}
Deleted: C:\ProgramData\{4bb86e3f-612c-0}
Deleted: C:\ProgramData\{4cca2d19-512c-1}
Deleted: C:\ProgramData\{57615a64-512c-0}
Deleted: C:\ProgramData\{64ea00fd-312c-1}
Deleted: C:\ProgramData\{66b13b47-212c-0}
Deleted: C:\ProgramData\{72c06dc8-112c-1}
Deleted: C:\ProgramData\{7dce680e-612c-0}
***** [ Files ] *****
Deleted: C:\Users\BOB\AppData\Roaming\\agent.dat
Deleted: C:\Users\BOB\AppData\Roaming\Main.dat
Deleted: C:\Users\BOB\AppData\Roaming\\InstallationConfiguration.xml
Deleted: C:\Users\BOB\AppData\Roaming\\Installer.dat
Deleted: C:\Users\BOB\AppData\Roaming\\noah.dat
Deleted: C:\Users\BOB\AppData\Roaming\\Config.xml
Deleted: C:\Users\BOB\AppData\Roaming\\md.xml
Deleted: C:\Users\Public\Documents\\report.dat
Deleted: C:\Users\Public\Documents\\temp.dat
Deleted: C:\ProgramData\Software\Apple\Apps\\Notification.dll
Deleted: C:\Windows\SysNative\wsusnative64.exe
Deleted: C:\END
Deleted: C:\Windows\SysNative\drivers\iSafeKrnlBoot.sys
Deleted: C:\Windows\SysNative\drivers\iSafeNetFilter.sys
Deleted: C:\Windows\SysNative\log\iSafeKrnlCall.log
Deleted: C:\appverifier.txt
Deleted: C:\Users\BOB\AppData\Local\Temp\big_bang_empire.lnk
Deleted: C:\Windows\SysNative\drivers\lanmamaster.sys
Deleted: C:\Windows\SysNative\lanmamasterHelp.dll
Deleted: C:\Windows\System32\TMhardware.dll
Deleted: C:\Windows\SysWOW64\TMhardware.dll
Deleted: C:\Windows\SysNative\drivers\TMhardware.sys
Deleted: C:\Windows\SysNative\NetUtils2016.dll
Deleted: C:\Windows\System32\NetUtils2016.exe
Deleted: C:\Windows\SysWOW64\NetUtils2016.exe
Deleted: C:\Windows\SysNative\drivers\NetUtils2016.sys
Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
Deleted: C:\Users\BOB\AppData\Local\uninstallce.exe
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted: Milimili
Deleted: Windows-PG
Deleted: Y2Go\Updater\Y2GoUpdater
Deleted: Online Application V2G1
Deleted: Online Application V2G3
Deleted: Y2Go\Y2Go\Y2Go
Deleted: Online Application V2G2
Deleted: Universal
Deleted: System\SystemCheck
Deleted: WinZip Malware Protector_startup
Deleted: Start Registry Reviver Update
Deleted: Start Registry Reviver Schedule
Deleted: Microsoft\Windows\Media Center\VCore
Deleted: Updater_Online_Application
Deleted: Start Registry Reviver for SWAGCOMPUTER9@BOB(logon)
Deleted: Start Registry Reviver( SR ) for SWAGCOMPUTER9@BOB at logon
Deleted: Start Registry Reviver( SR ) for SWAGCOMPUTER9@BOB
Deleted: acbfa4650af99dfd75de9e6b9233a85d
Deleted: Start Registry Reviver for SWAGCOMPUTER9@BOB(logon)
Deleted: Start Registry Reviver Schedule
Deleted: Start Registry Reviver Update
Deleted: Start Registry Reviver( SR ) for SWAGCOMPUTER9@BOB
Deleted: Start Registry Reviver( SR ) for SWAGCOMPUTER9@BOB at logon
***** [ Registry ] *****
Deleted: [Key] - HKLM\SOFTWARE\Elex-tech
Deleted: [Key] - HKLM\SOFTWARE\jhdbca
Deleted: [Key] - HKU\.DEFAULT\Software\jhdbca
Deleted: [Key] - HKU\S-1-5-18\Software\jhdbca
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\WinSnare
Deleted: [Key] - HKCU\Software\WinSnare
Deleted: [Key] - HKLM\SOFTWARE\{84416237-6490-494D-9AD6-4994DD978971}
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\deskapp
Deleted: [Key] - HKCU\Software\deskapp
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost|NPASRE
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|SNARE
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{5CE7A480-D564-45FF-B4B3-1188EFD3622C}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{484E81DD-3F21-4D04-9A9B-94D8D61DFB1D}C:\users\bob\appdata\roaming\cacaoweb\cacaoweb.exe
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{E2C7948E-D591-4DAB-9CD8-EFFB0601F6B3}C:\users\bob\appdata\roaming\cacaoweb\cacaoweb.exe
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{46E470C1-78C4-41B3-B67C-A6F8C5605E08}C:\users\bob\appdata\roaming\cacaoweb\cacaoweb.exe
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{35F58424-DADC-4AE2-8B50-96597A37FCAC}C:\users\bob\appdata\roaming\cacaoweb\cacaoweb.exe
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{8EE79310-B14E-4011-B3BF-575925B81DCE}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{0EFD97E3-229F-44F4-9887-F69B2172BB34}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{2DD5F29E-425B-4C75-BADB-D1017825E499}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{F266FA27-D576-4848-B4AA-2BDD90E52586}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{076B1C6B-150D-4A8F-AD5F-0C720984A93B}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{B0625169-92DD-4C0B-9970-0019571E3EFB}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{FB2562AA-86AA-46D2-94E0-7B66CD529D84}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{F7133DA9-AC20-49D3-A6F5-21451C524C9E}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{6D8B3EB3-AC43-4E60-BD4F-78663FD136B2}C:\users\bob\desktop\cacaoweb.exe
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{11A37612-116E-46BE-9EF4-D4B1DC080420}C:\users\bob\desktop\cacaoweb.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\cacaoweb
Deleted: [Key] - HKCU\Software\cacaoweb
Deleted: [Key] - HKLM\SOFTWARE\registry Reviver
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\registry Reviver
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\GoldenGate
Deleted: [Key] - HKCU\Software\GoldenGate
Deleted: [Key] - HKLM\SOFTWARE\Lavasoft\Web Companion
Deleted: [Key] - HKLM\SOFTWARE\youndooSoftware
Deleted: [Key] - HKLM\SOFTWARE\trotuxSoftware
Deleted: [Key] - HKLM\SOFTWARE\b`nl{y
Deleted: [Key] - HKU\.DEFAULT\Software\b`nl{y
Deleted: [Key] - HKU\S-1-5-18\Software\b`nl{y
Deleted: [Key] - HKLM\SOFTWARE\ompndb
Deleted: [Key] - HKU\.DEFAULT\Software\ompndb
Deleted: [Key] - HKU\S-1-5-18\Software\ompndb
Deleted: [Key] - HKLM\SOFTWARE\amule-custom
Deleted: [Key] - HKLM\SOFTWARE\pcv-var
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\VideoBox
Deleted: [Key] - HKCU\Software\VideoBox
Deleted: [Key] - HKLM\SOFTWARE\InterSect Alliance
Deleted: [Key] - HKLM\SOFTWARE\msServer
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{59B5A9CD-253D-4C41-A073-B387D4C9672D}
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\C84E
Deleted: [Key] - HKCU\Software\C84E
Deleted: [Key] - HKLM\SOFTWARE\Speedownloader0099
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsTM
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{118B6258-BF13-47C9-8D46-B2A349196B5D}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B7CB7055-EFAE-4CD2-928A-15DB5F4FF7C7}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{51639FCA-678F-4D71-8044-E16E3D49187F}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2C652C0A-EC71-4797-8077-F67649177AB0}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{97D2FBF4-72CF-4DD6-8DA8-26710BC7BE71}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\DMunversion
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{0757C9D8-D8A3-33F5-CEE2-11D09918BA8F}
Deleted: [Value] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\Microsoft\Windows\CurrentVersion\Run|cacaoweb
Deleted: [Value] - HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cacaoweb
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\iSafeSvc2.exe
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|WinSAPSvc
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|SNARER
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|Kitty
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|WANARE
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|SNAREA
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|BIT
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|3DM
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|VNASRE
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|CWASRE
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|CSHMDR
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|terana
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|glory
Deleted: [Key] - HKCU\Software\Classes\Applications\interstatnogui.exe
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Control\iSafeKrnlBoot
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0187837F-FA61-437D-9647-EE1E86233276}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CBB7A1EB-D3C4-45A9-A5C9-EFB40A22BF7E}
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\WajIEnhance
Deleted: [Key] - HKCU\Software\WajIEnhance
Deleted: [Key] - HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9
Deleted: [Key] - HKLM\SOFTWARE\BSD
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\BSD
Deleted: [Key] - HKCU\Software\BSD
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\AppDataLow\Software\AppTrailers
Deleted: [Key] - HKCU\Software\AppDataLow\Software\AppTrailers
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\win
Deleted: [Key] - HKCU\Software\win
Deleted: [Key] - HKU\.DEFAULT\Software\ByteFence
Deleted: [Key] - HKU\S-1-5-18\Software\ByteFence
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|ByteFence.exe
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\One System Care
Deleted: [Key] - HKCU\Software\One System Care
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SOFTWARE\BSD
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\BSD
Deleted: [Key] - HKCU\Software\BSD
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\System Healer
Deleted: [Key] - HKCU\Software\System Healer
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\SwytShop
Deleted: [Key] - HKCU\Software\SwytShop
Deleted: [Key] - HKLM\SOFTWARE\ourluckysitesSoftware
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1EC095EE-8CA3-43D6-B9F5-0C55B82ED3D7}}_is1
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\MICROSOFT\wewewe
Deleted: [Key] - HKCU\Software\MICROSOFT\wewewe
Deleted: [Key] - HKLM\SOFTWARE\ScreenShot
Deleted: [Key] - HKLM\SOFTWARE\Socia2Se Browser Enhancer
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SOFTWARE\Microleaves
Deleted: [Key] - HKLM\SOFTWARE\AppApcVerifier
Deleted: [Key] - HKLM\SOFTWARE\OtherSearch
Deleted: [Key] - HKLM\SOFTWARE\startpageing123Software
Deleted: [Key] - HKLM\SOFTWARE\ourluckysitesSoftware
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\PROPCCleanerLanguage
Deleted: [Key] - HKCU\Software\PROPCCleanerLanguage
Deleted: [Key] - HKLM\SOFTWARE\PRO PC Cleaner
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{FB2562AA-86AA-46D2-94E0-7B66CD529D84}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{F7133DA9-AC20-49D3-A6F5-21451C524C9E}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Y2Go
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\Y2Go
Deleted: [Key] - HKCU\Software\Y2Go
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\Interstatnogui
Deleted: [Key] - HKCU\Software\Interstatnogui
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|WINSNARE
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
Deleted: [Key] - HKLM\SOFTWARE\HDWallpaper
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\Genius
Deleted: [Key] - HKCU\Software\Genius
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}
Deleted: [Key] - HKCU\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SOFTWARE\Soci2Sear Browser Enhancer
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\csastats
Deleted: [Key] - HKCU\Software\csastats
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\PRODUCTSETUP
Deleted: [Key] - HKCU\Software\PRODUCTSETUP
Deleted: [Key] - HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\SpeeDownloader
Deleted: [Key] - HKCU\Software\SpeeDownloader
Deleted: [Key] - HKLM\SOFTWARE\mtPlusdax
Deleted: [Key] - HKLM\SOFTWARE\PCVARK
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\PCVARK
Deleted: [Key] - HKCU\Software\PCVARK
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Features\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Products\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Program Files (x86)\Microleaves\Online Application\
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Program Files (x86)\Microleaves\
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
Plugin deleted: MSN Homepage & Bing Search Engine -
Plugin deleted: Search Manager -
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [36685 B] - [2017/12/29 8:55:4]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
# Updated on 2017/21/12 by Malwarebytes
# Running on Windows 7 Professional (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
Deleted: AppleNotificationsSrv
Deleted: glory
Deleted: CSHMDR
Deleted: iSafeService
Deleted: TMService
Deleted: TMCheckVersion
Deleted: pgt_svc
Deleted: NetUtils2016srv
Deleted: BIT
Deleted: Kitty
Deleted: 727e14596581e16b053daf7e98d13948
Deleted: 98ac82ef4517b63d3a7b9d6c55ea5fda
Deleted: b22c74fadda839ed00548ea83840e1b7
***** [ Folders ] *****
Deleted: C:\Program Files (x86)\Default Company Name
Deleted: C:\Program Files (x86)\Elex-tech
Deleted: C:\Users\BOB\AppData\Roaming\Elex-tech
Deleted: C:\Reimward
Deleted: C:\Users\BOB\AppData\Roaming\SNARER
Deleted: C:\Users\BOB\AppData\Local\SNAREA
Deleted: C:\Users\BOB\AppData\Local\terana
Deleted: C:\Users\BOB\AppData\Local\VNASRE
Deleted: C:\Pipisy
Deleted: C:\Users\BOB\AppData\Local\NPASRE
Deleted: C:\Reerdition
Deleted: C:\Users\BOB\AppData\Local\CWASRE
Deleted: C:\Users\BOB\AppData\Local\CSHMDR
Deleted: C:\Users\BOB\AppData\Local\snare
Deleted: C:\Program Files (x86)\Fanlook
Deleted: C:\Users\BOB\AppData\Local\Fanlook
Deleted: C:\ProgramData\BSD\DriverHive
Deleted: C:\ProgramData\Application Data\BSD\DriverHive
Deleted: C:\Windows\System32\\SSL
Deleted: C:\Windows\SysWOW64\\SSL
Deleted: C:\Users\BOB\AppData\Roaming\\Firefox
Deleted: C:\Windows\System32\\sstmp
Deleted: C:\Windows\SysWOW64\\sstmp
Deleted: C:\Users\BOB\AppData\Roaming\cacaoweb
Deleted: C:\Users\BOB\AppData\Roaming\GoldenGate
Deleted: C:\Users\BOB\AppData\Roaming\imminent
Deleted: C:\ProgramData\lavasoft\web companion
Deleted: C:\ProgramData\Application Data\lavasoft\web companion
Deleted: C:\Windows\System32\config\systemprofile\AppData\Roaming\Tencent
Deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent
Deleted: C:\ProgramData\BSD\DriverHiveEngine
Deleted: C:\ProgramData\Application Data\BSD\DriverHiveEngine
Deleted: C:\Users\BOB\AppData\Roaming\aMule
Deleted: C:\ProgramData\vCore
Deleted: C:\ProgramData\Application Data\vCore
Deleted: C:\Users\BOB\AppData\Local\AdvinstAnalytics
Deleted: C:\Users\BOB\AppData\Local\MicrosoftHelper
Deleted: C:\Users\BOB\AppData\Local\MicrosoftUpdater
Deleted: C:\Users\BOB\AppData\Local\WANARE
Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\WindowsTM
Deleted: C:\Program Files (x86)\WindowsTM
Deleted: C:\Users\Public\Documents\XMUpdate
Deleted: C:\Program Files (x86)\AlphaGo
Deleted: C:\Terward
Deleted: C:\ProgramData\Plusdax
Deleted: C:\ProgramData\Application Data\Plusdax
Deleted: C:\ProgramData\Logic Cramble
Deleted: C:\ProgramData\Application Data\Logic Cramble
Deleted: C:\ProgramData\PrefsSecure
Deleted: C:\ProgramData\Application Data\PrefsSecure
Deleted: C:\ProgramData\Plusdax
Deleted: C:\ProgramData\Application Data\Plusdax
Deleted: C:\Users\BOB\AppData\Local\AppTrailers
Deleted: C:\Program Files\jetstrmedia
Deleted: C:\Program Files (x86)\OneSystemCare
Deleted: C:\Users\BOB\AppData\Roaming\BROWSERMODULE
Deleted: C:\Program Files (x86)\ProxyGate
Deleted: C:\Program Files (x86)\Eastness
Deleted: C:\Users\BOB\AppData\Local\Eastness
Deleted: C:\Users\BOB\AppData\Roaming\WinSAPSvc
Deleted: C:\ProgramData\Microleaves
Deleted: C:\ProgramData\Application Data\Microleaves
Deleted: C:\Program Files (x86)\Microleaves
Deleted: C:\Insist
Deleted: C:\Users\BOB\Documents\PROPCCleaner
Deleted: C:\Users\BOB\AppData\Roaming\PRO PC Cleaner
Deleted: C:\Users\BOB\AppData\Local\PRO_PC_Cleaner
Deleted: C:\Windows\SysNative\Tasks\Y2Go
Deleted: C:\Users\BOB\AppData\Roaming\Interstatnogui
Deleted: C:\Program Files (x86)\BikaQRss
Deleted: C:\Users\BOB\AppData\Local\SNAREA
Deleted: C:\ProgramData\Plusdax
Deleted: C:\ProgramData\Application Data\Plusdax
Deleted: C:\Program Files (x86)\Universal Driver Updater
Deleted: C:\ProgramData\PCVARK
Deleted: C:\ProgramData\Application Data\PCVARK
Deleted: C:\\Users\Public\Documents\XMUpdate
Deleted: C:\Program Files\acbfa4650af99dfd75de9e6b9233a85d
Deleted: C:\Program Files\2d42beed8f38fb637224dbdd237fab25
Deleted: C:\Program Files (x86)\789363110d14746060626a5494772ff1
Deleted: C:\ProgramData\62d13578-0037-1
Deleted: C:\ProgramData\62d13578-0127-1
Deleted: C:\ProgramData\62d13578-0233-1
Deleted: C:\ProgramData\62d13578-0385-1
Deleted: C:\ProgramData\62d13578-0393-1
Deleted: C:\ProgramData\62d13578-05e5-1
Deleted: C:\ProgramData\62d13578-05e7-1
Deleted: C:\ProgramData\62d13578-0681-1
Deleted: C:\ProgramData\62d13578-0775-1
Deleted: C:\ProgramData\62d13578-0a37-1
Deleted: C:\ProgramData\62d13578-0ac7-1
Deleted: C:\ProgramData\62d13578-0af1-1
Deleted: C:\ProgramData\62d13578-0c03-0
Deleted: C:\ProgramData\62d13578-0dc7-1
Deleted: C:\ProgramData\62d13578-0f51-1
Deleted: C:\ProgramData\62d13578-0fc3-1
Deleted: C:\ProgramData\62d13578-1171-1
Deleted: C:\ProgramData\62d13578-1177-1
Deleted: C:\ProgramData\62d13578-11b7-1
Deleted: C:\ProgramData\62d13578-11e7-0
Deleted: C:\ProgramData\62d13578-11f3-1
Deleted: C:\ProgramData\62d13578-1317-0
Deleted: C:\ProgramData\62d13578-1361-1
Deleted: C:\ProgramData\62d13578-13d5-1
Deleted: C:\ProgramData\62d13578-1473-1
Deleted: C:\ProgramData\62d13578-14a7-1
Deleted: C:\ProgramData\62d13578-14c3-1
Deleted: C:\ProgramData\62d13578-1603-1
Deleted: C:\ProgramData\62d13578-1637-1
Deleted: C:\ProgramData\62d13578-1911-1
Deleted: C:\ProgramData\62d13578-1921-1
Deleted: C:\ProgramData\62d13578-1c91-1
Deleted: C:\ProgramData\62d13578-2017-1
Deleted: C:\ProgramData\62d13578-2047-1
Deleted: C:\ProgramData\62d13578-2065-1
Deleted: C:\ProgramData\62d13578-21b5-1
Deleted: C:\ProgramData\62d13578-2241-1
Deleted: C:\ProgramData\62d13578-2243-0
Deleted: C:\ProgramData\62d13578-2243-1
Deleted: C:\ProgramData\62d13578-2307-1
Deleted: C:\ProgramData\62d13578-2413-1
Deleted: C:\ProgramData\62d13578-2461-1
Deleted: C:\ProgramData\62d13578-2525-1
Deleted: C:\ProgramData\62d13578-2617-0
Deleted: C:\ProgramData\62d13578-27d7-0
Deleted: C:\ProgramData\62d13578-27e7-1
Deleted: C:\ProgramData\62d13578-27f5-1
Deleted: C:\ProgramData\62d13578-2825-0
Deleted: C:\ProgramData\62d13578-2843-1
Deleted: C:\ProgramData\62d13578-28b5-1
Deleted: C:\ProgramData\62d13578-2901-1
Deleted: C:\ProgramData\62d13578-2911-1
Deleted: C:\ProgramData\62d13578-2941-0
Deleted: C:\ProgramData\62d13578-2977-1
Deleted: C:\ProgramData\62d13578-2a35-1
Deleted: C:\ProgramData\62d13578-2ba3-1
Deleted: C:\ProgramData\62d13578-2be5-1
Deleted: C:\ProgramData\62d13578-2c95-1
Deleted: C:\ProgramData\62d13578-2e55-1
Deleted: C:\ProgramData\62d13578-2fa1-0
Deleted: C:\ProgramData\62d13578-30e1-1
Deleted: C:\ProgramData\62d13578-3297-1
Deleted: C:\ProgramData\62d13578-3367-1
Deleted: C:\ProgramData\62d13578-3411-1
Deleted: C:\ProgramData\62d13578-34b3-0
Deleted: C:\ProgramData\62d13578-34d1-1
Deleted: C:\ProgramData\62d13578-35d7-1
Deleted: C:\ProgramData\62d13578-3693-1
Deleted: C:\ProgramData\62d13578-36f1-1
Deleted: C:\ProgramData\62d13578-3705-1
Deleted: C:\ProgramData\62d13578-38e1-1
Deleted: C:\ProgramData\62d13578-3977-0
Deleted: C:\ProgramData\62d13578-3c75-1
Deleted: C:\ProgramData\62d13578-3c95-1
Deleted: C:\ProgramData\62d13578-3eb1-1
Deleted: C:\ProgramData\62d13578-3f75-1
Deleted: C:\ProgramData\62d13578-3fa5-1
Deleted: C:\ProgramData\62d13578-3fc5-1
Deleted: C:\ProgramData\62d13578-41c1-0
Deleted: C:\ProgramData\62d13578-4273-1
Deleted: C:\ProgramData\62d13578-42c3-1
Deleted: C:\ProgramData\62d13578-42d3-1
Deleted: C:\ProgramData\62d13578-4311-1
Deleted: C:\ProgramData\62d13578-4501-1
Deleted: C:\ProgramData\62d13578-4577-1
Deleted: C:\ProgramData\62d13578-45b5-0
Deleted: C:\ProgramData\62d13578-4717-0
Deleted: C:\ProgramData\62d13578-4891-1
Deleted: C:\ProgramData\62d13578-4943-1
Deleted: C:\ProgramData\62d13578-49e7-0
Deleted: C:\ProgramData\62d13578-4a53-1
Deleted: C:\ProgramData\62d13578-4a83-1
Deleted: C:\ProgramData\62d13578-4c03-0
Deleted: C:\ProgramData\62d13578-4da3-1
Deleted: C:\ProgramData\62d13578-4dd5-1
Deleted: C:\ProgramData\62d13578-4e51-1
Deleted: C:\ProgramData\62d13578-4f31-1
Deleted: C:\ProgramData\62d13578-5001-1
Deleted: C:\ProgramData\62d13578-5051-0
Deleted: C:\ProgramData\62d13578-5095-1
Deleted: C:\ProgramData\62d13578-50d3-1
Deleted: C:\ProgramData\62d13578-51f1-1
Deleted: C:\ProgramData\62d13578-5205-1
Deleted: C:\ProgramData\62d13578-5351-0
Deleted: C:\ProgramData\62d13578-53b1-1
Deleted: C:\ProgramData\62d13578-5471-1
Deleted: C:\ProgramData\62d13578-5485-1
Deleted: C:\ProgramData\62d13578-5673-1
Deleted: C:\ProgramData\62d13578-5693-1
Deleted: C:\ProgramData\62d13578-58d5-1
Deleted: C:\ProgramData\62d13578-5c91-1
Deleted: C:\ProgramData\62d13578-5cb7-1
Deleted: C:\ProgramData\62d13578-5d23-1
Deleted: C:\ProgramData\62d13578-5d27-1
Deleted: C:\ProgramData\62d13578-5d37-1
Deleted: C:\ProgramData\62d13578-5f95-1
Deleted: C:\ProgramData\62d13578-60b1-1
Deleted: C:\ProgramData\62d13578-6165-1
Deleted: C:\ProgramData\62d13578-61b7-0
Deleted: C:\ProgramData\62d13578-6211-0
Deleted: C:\ProgramData\62d13578-6241-1
Deleted: C:\ProgramData\62d13578-6263-1
Deleted: C:\ProgramData\62d13578-62a3-1
Deleted: C:\ProgramData\62d13578-62b7-1
Deleted: C:\ProgramData\62d13578-63e3-1
Deleted: C:\ProgramData\62d13578-63f5-0
Deleted: C:\ProgramData\62d13578-64d1-1
Deleted: C:\ProgramData\62d13578-6625-1
Deleted: C:\ProgramData\62d13578-67f1-1
Deleted: C:\ProgramData\62d13578-6865-0
Deleted: C:\ProgramData\62d13578-6893-0
Deleted: C:\ProgramData\62d13578-6921-1
Deleted: C:\ProgramData\62d13578-6947-1
Deleted: C:\ProgramData\62d13578-6a05-0
Deleted: C:\ProgramData\62d13578-6a27-1
Deleted: C:\ProgramData\62d13578-6a65-1
Deleted: C:\ProgramData\62d13578-6a71-1
Deleted: C:\ProgramData\62d13578-6ac5-0
Deleted: C:\ProgramData\62d13578-6c73-1
Deleted: C:\ProgramData\62d13578-6cc5-1
Deleted: C:\ProgramData\62d13578-6e47-0
Deleted: C:\ProgramData\62d13578-6e73-1
Deleted: C:\ProgramData\62d13578-6ed3-1
Deleted: C:\ProgramData\62d13578-6f07-1
Deleted: C:\ProgramData\62d13578-6f51-1
Deleted: C:\ProgramData\62d13578-71a1-1
Deleted: C:\ProgramData\62d13578-7255-1
Deleted: C:\ProgramData\62d13578-7311-1
Deleted: C:\ProgramData\62d13578-7355-1
Deleted: C:\ProgramData\62d13578-7565-1
Deleted: C:\ProgramData\62d13578-76f1-1
Deleted: C:\ProgramData\62d13578-7761-1
Deleted: C:\ProgramData\62d13578-7831-1
Deleted: C:\ProgramData\62d13578-7865-0
Deleted: C:\ProgramData\62d13578-7ad3-1
Deleted: C:\ProgramData\62d13578-7b23-1
Deleted: C:\ProgramData\62d13578-7c63-1
Deleted: C:\ProgramData\62d13578-7ce1-1
Deleted: C:\ProgramData\62d13578-7d21-1
Deleted: C:\ProgramData\62d13578-7d51-0
Deleted: C:\ProgramData\62d13578-7db5-1
Deleted: C:\ProgramData\62d13578-7fd1-1
Deleted: C:\ProgramData\62d13578-7fe5-1
Deleted: C:\ProgramData\a1bd8073-3ff7-1
Deleted: C:\ProgramData\a1bd8073-7607-0
Deleted: C:\ProgramData\bfa51af5
Deleted: C:\ProgramData\{027e25d8-012c-1}
Deleted: C:\ProgramData\{189f6d86-112c-0}
Deleted: C:\ProgramData\{1b274f6a-112c-0}
Deleted: C:\ProgramData\{20d70a2d-012c-1}
Deleted: C:\ProgramData\{26d87c85-412c-0}
Deleted: C:\ProgramData\{2cab7e2a-512c-1}
Deleted: C:\ProgramData\{2cfa6180-212c-0}
Deleted: C:\ProgramData\{34405b56-012c-1}
Deleted: C:\ProgramData\{34c3137f-512c-0}
Deleted: C:\ProgramData\{3aa0385d-212c-1}
Deleted: C:\ProgramData\{40980772-212c-0}
Deleted: C:\ProgramData\{4bb86e3f-612c-0}
Deleted: C:\ProgramData\{4cca2d19-512c-1}
Deleted: C:\ProgramData\{57615a64-512c-0}
Deleted: C:\ProgramData\{64ea00fd-312c-1}
Deleted: C:\ProgramData\{66b13b47-212c-0}
Deleted: C:\ProgramData\{72c06dc8-112c-1}
Deleted: C:\ProgramData\{7dce680e-612c-0}
***** [ Files ] *****
Deleted: C:\Users\BOB\AppData\Roaming\\agent.dat
Deleted: C:\Users\BOB\AppData\Roaming\Main.dat
Deleted: C:\Users\BOB\AppData\Roaming\\InstallationConfiguration.xml
Deleted: C:\Users\BOB\AppData\Roaming\\Installer.dat
Deleted: C:\Users\BOB\AppData\Roaming\\noah.dat
Deleted: C:\Users\BOB\AppData\Roaming\\Config.xml
Deleted: C:\Users\BOB\AppData\Roaming\\md.xml
Deleted: C:\Users\Public\Documents\\report.dat
Deleted: C:\Users\Public\Documents\\temp.dat
Deleted: C:\ProgramData\Software\Apple\Apps\\Notification.dll
Deleted: C:\Windows\SysNative\wsusnative64.exe
Deleted: C:\END
Deleted: C:\Windows\SysNative\drivers\iSafeKrnlBoot.sys
Deleted: C:\Windows\SysNative\drivers\iSafeNetFilter.sys
Deleted: C:\Windows\SysNative\log\iSafeKrnlCall.log
Deleted: C:\appverifier.txt
Deleted: C:\Users\BOB\AppData\Local\Temp\big_bang_empire.lnk
Deleted: C:\Windows\SysNative\drivers\lanmamaster.sys
Deleted: C:\Windows\SysNative\lanmamasterHelp.dll
Deleted: C:\Windows\System32\TMhardware.dll
Deleted: C:\Windows\SysWOW64\TMhardware.dll
Deleted: C:\Windows\SysNative\drivers\TMhardware.sys
Deleted: C:\Windows\SysNative\NetUtils2016.dll
Deleted: C:\Windows\System32\NetUtils2016.exe
Deleted: C:\Windows\SysWOW64\NetUtils2016.exe
Deleted: C:\Windows\SysNative\drivers\NetUtils2016.sys
Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
Deleted: C:\Users\BOB\AppData\Local\uninstallce.exe
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted: Milimili
Deleted: Windows-PG
Deleted: Y2Go\Updater\Y2GoUpdater
Deleted: Online Application V2G1
Deleted: Online Application V2G3
Deleted: Y2Go\Y2Go\Y2Go
Deleted: Online Application V2G2
Deleted: Universal
Deleted: System\SystemCheck
Deleted: WinZip Malware Protector_startup
Deleted: Start Registry Reviver Update
Deleted: Start Registry Reviver Schedule
Deleted: Microsoft\Windows\Media Center\VCore
Deleted: Updater_Online_Application
Deleted: Start Registry Reviver for SWAGCOMPUTER9@BOB(logon)
Deleted: Start Registry Reviver( SR ) for SWAGCOMPUTER9@BOB at logon
Deleted: Start Registry Reviver( SR ) for SWAGCOMPUTER9@BOB
Deleted: acbfa4650af99dfd75de9e6b9233a85d
Deleted: Start Registry Reviver for SWAGCOMPUTER9@BOB(logon)
Deleted: Start Registry Reviver Schedule
Deleted: Start Registry Reviver Update
Deleted: Start Registry Reviver( SR ) for SWAGCOMPUTER9@BOB
Deleted: Start Registry Reviver( SR ) for SWAGCOMPUTER9@BOB at logon
***** [ Registry ] *****
Deleted: [Key] - HKLM\SOFTWARE\Elex-tech
Deleted: [Key] - HKLM\SOFTWARE\jhdbca
Deleted: [Key] - HKU\.DEFAULT\Software\jhdbca
Deleted: [Key] - HKU\S-1-5-18\Software\jhdbca
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\WinSnare
Deleted: [Key] - HKCU\Software\WinSnare
Deleted: [Key] - HKLM\SOFTWARE\{84416237-6490-494D-9AD6-4994DD978971}
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\deskapp
Deleted: [Key] - HKCU\Software\deskapp
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost|NPASRE
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|SNARE
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{5CE7A480-D564-45FF-B4B3-1188EFD3622C}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{484E81DD-3F21-4D04-9A9B-94D8D61DFB1D}C:\users\bob\appdata\roaming\cacaoweb\cacaoweb.exe
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{E2C7948E-D591-4DAB-9CD8-EFFB0601F6B3}C:\users\bob\appdata\roaming\cacaoweb\cacaoweb.exe
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{46E470C1-78C4-41B3-B67C-A6F8C5605E08}C:\users\bob\appdata\roaming\cacaoweb\cacaoweb.exe
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{35F58424-DADC-4AE2-8B50-96597A37FCAC}C:\users\bob\appdata\roaming\cacaoweb\cacaoweb.exe
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{8EE79310-B14E-4011-B3BF-575925B81DCE}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{0EFD97E3-229F-44F4-9887-F69B2172BB34}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{2DD5F29E-425B-4C75-BADB-D1017825E499}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{F266FA27-D576-4848-B4AA-2BDD90E52586}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{076B1C6B-150D-4A8F-AD5F-0C720984A93B}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{B0625169-92DD-4C0B-9970-0019571E3EFB}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{FB2562AA-86AA-46D2-94E0-7B66CD529D84}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{F7133DA9-AC20-49D3-A6F5-21451C524C9E}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{6D8B3EB3-AC43-4E60-BD4F-78663FD136B2}C:\users\bob\desktop\cacaoweb.exe
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{11A37612-116E-46BE-9EF4-D4B1DC080420}C:\users\bob\desktop\cacaoweb.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\cacaoweb
Deleted: [Key] - HKCU\Software\cacaoweb
Deleted: [Key] - HKLM\SOFTWARE\registry Reviver
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\registry Reviver
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\GoldenGate
Deleted: [Key] - HKCU\Software\GoldenGate
Deleted: [Key] - HKLM\SOFTWARE\Lavasoft\Web Companion
Deleted: [Key] - HKLM\SOFTWARE\youndooSoftware
Deleted: [Key] - HKLM\SOFTWARE\trotuxSoftware
Deleted: [Key] - HKLM\SOFTWARE\b`nl{y
Deleted: [Key] - HKU\.DEFAULT\Software\b`nl{y
Deleted: [Key] - HKU\S-1-5-18\Software\b`nl{y
Deleted: [Key] - HKLM\SOFTWARE\ompndb
Deleted: [Key] - HKU\.DEFAULT\Software\ompndb
Deleted: [Key] - HKU\S-1-5-18\Software\ompndb
Deleted: [Key] - HKLM\SOFTWARE\amule-custom
Deleted: [Key] - HKLM\SOFTWARE\pcv-var
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\VideoBox
Deleted: [Key] - HKCU\Software\VideoBox
Deleted: [Key] - HKLM\SOFTWARE\InterSect Alliance
Deleted: [Key] - HKLM\SOFTWARE\msServer
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{59B5A9CD-253D-4C41-A073-B387D4C9672D}
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\C84E
Deleted: [Key] - HKCU\Software\C84E
Deleted: [Key] - HKLM\SOFTWARE\Speedownloader0099
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsTM
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{118B6258-BF13-47C9-8D46-B2A349196B5D}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B7CB7055-EFAE-4CD2-928A-15DB5F4FF7C7}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{51639FCA-678F-4D71-8044-E16E3D49187F}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2C652C0A-EC71-4797-8077-F67649177AB0}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{97D2FBF4-72CF-4DD6-8DA8-26710BC7BE71}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\DMunversion
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{0757C9D8-D8A3-33F5-CEE2-11D09918BA8F}
Deleted: [Value] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\Microsoft\Windows\CurrentVersion\Run|cacaoweb
Deleted: [Value] - HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cacaoweb
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\iSafeSvc2.exe
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|WinSAPSvc
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|SNARER
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|Kitty
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|WANARE
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|SNAREA
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|BIT
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|3DM
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|VNASRE
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|CWASRE
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|CSHMDR
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|terana
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|glory
Deleted: [Key] - HKCU\Software\Classes\Applications\interstatnogui.exe
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Control\iSafeKrnlBoot
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0187837F-FA61-437D-9647-EE1E86233276}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CBB7A1EB-D3C4-45A9-A5C9-EFB40A22BF7E}
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\WajIEnhance
Deleted: [Key] - HKCU\Software\WajIEnhance
Deleted: [Key] - HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9
Deleted: [Key] - HKLM\SOFTWARE\BSD
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\BSD
Deleted: [Key] - HKCU\Software\BSD
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\AppDataLow\Software\AppTrailers
Deleted: [Key] - HKCU\Software\AppDataLow\Software\AppTrailers
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\win
Deleted: [Key] - HKCU\Software\win
Deleted: [Key] - HKU\.DEFAULT\Software\ByteFence
Deleted: [Key] - HKU\S-1-5-18\Software\ByteFence
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|ByteFence.exe
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\One System Care
Deleted: [Key] - HKCU\Software\One System Care
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SOFTWARE\BSD
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\BSD
Deleted: [Key] - HKCU\Software\BSD
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\System Healer
Deleted: [Key] - HKCU\Software\System Healer
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\SwytShop
Deleted: [Key] - HKCU\Software\SwytShop
Deleted: [Key] - HKLM\SOFTWARE\ourluckysitesSoftware
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1EC095EE-8CA3-43D6-B9F5-0C55B82ED3D7}}_is1
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\MICROSOFT\wewewe
Deleted: [Key] - HKCU\Software\MICROSOFT\wewewe
Deleted: [Key] - HKLM\SOFTWARE\ScreenShot
Deleted: [Key] - HKLM\SOFTWARE\Socia2Se Browser Enhancer
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SOFTWARE\Microleaves
Deleted: [Key] - HKLM\SOFTWARE\AppApcVerifier
Deleted: [Key] - HKLM\SOFTWARE\OtherSearch
Deleted: [Key] - HKLM\SOFTWARE\startpageing123Software
Deleted: [Key] - HKLM\SOFTWARE\ourluckysitesSoftware
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\PROPCCleanerLanguage
Deleted: [Key] - HKCU\Software\PROPCCleanerLanguage
Deleted: [Key] - HKLM\SOFTWARE\PRO PC Cleaner
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{FB2562AA-86AA-46D2-94E0-7B66CD529D84}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{F7133DA9-AC20-49D3-A6F5-21451C524C9E}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Y2Go
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\Y2Go
Deleted: [Key] - HKCU\Software\Y2Go
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\Interstatnogui
Deleted: [Key] - HKCU\Software\Interstatnogui
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|WINSNARE
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
Deleted: [Key] - HKLM\SOFTWARE\HDWallpaper
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\Genius
Deleted: [Key] - HKCU\Software\Genius
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}
Deleted: [Key] - HKCU\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SOFTWARE\Soci2Sear Browser Enhancer
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\csastats
Deleted: [Key] - HKCU\Software\csastats
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\PRODUCTSETUP
Deleted: [Key] - HKCU\Software\PRODUCTSETUP
Deleted: [Key] - HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\SpeeDownloader
Deleted: [Key] - HKCU\Software\SpeeDownloader
Deleted: [Key] - HKLM\SOFTWARE\mtPlusdax
Deleted: [Key] - HKLM\SOFTWARE\PCVARK
Deleted: [Key] - HKU\S-1-5-21-4197031219-1917498957-2016370213-1000\Software\PCVARK
Deleted: [Key] - HKCU\Software\PCVARK
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Features\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Products\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Program Files (x86)\Microleaves\Online Application\
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Program Files (x86)\Microleaves\
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
Plugin deleted: MSN Homepage & Bing Search Engine -
Plugin deleted: Search Manager -
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [36685 B] - [2017/12/29 8:55:4]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########