adwcleaner[r0].txt
![Download AdwCleaner[R0].txt](https://vdocuments.mx/public/t1/desktop/images/cloud_download_icon2.png)
If you can't read please download the document
TRANSCRIPT
# AdwCleaner v4.205 - Logfile created 23/05/2015 at 13:03:35# Updated 21/05/2015 by Xplode# Database : 2015-05-21.2 [Server]# Operating system : Windows 8.1 (x64)# Username : Elliot - ELLIOT# Running from : C:\Users\Elliot\Downloads\adwcleaner_4.205.exe# Option : Scan***** [ Services ] *****Service Found : ssnfdService Found : {c1d34112-ccf7-4f13-826c-4764055c111d}Gw64Service Found : {f5d136d7-adc2-4c84-85b2-e564334ab0bc}Gw64Service Found : 00977a63Service Found : be0fb33b***** [ Files / Folders ] *****File Found : C:\ENDFile Found : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xmlFile Found : C:\Program Files (x86)\mozilla firefox\dbghelp.dllFile Found : C:\Program Files (x86)\prefs.jsFile Found : C:\Program Files\Common Files\System\SysMenu.dllFile Found : C:\Program Files\Common Files\System\SysMenu64.dllFile Found : C:\Users\Elliot\AppData\Local\Temp\ReimageRepair.exeFile Found : C:\Users\Elliot\AppData\Roaming\Mozilla\Firefox\Profiles\lgxvty25.default\invalidprefs.jsFile Found : C:\Users\Elliot\AppData\Roaming\Mozilla\Firefox\Profiles\lgxvty25.default\searchplugins\astromenda.xmlFile Found : C:\Users\Elliot\AppData\Roaming\Mozilla\Firefox\Profiles\lgxvty25.default\searchplugins\default-search.xmlFile Found : C:\Users\Elliot\AppData\Roaming\Mozilla\Firefox\Profiles\lgxvty25.default\searchplugins\trovi-search.xmlFile Found : C:\Users\Elliot\AppData\Roaming\Mozilla\Firefox\Profiles\lgxvty25.default\searchplugins\yahoo_ff.xmlFile Found : C:\Users\Elliot\AppData\Roaming\Mozilla\Firefox\Profiles\lgxvty25.default\user.jsFile Found : C:\WINDOWS\patsearch.binFile Found : C:\WINDOWS\Reimage.iniFile Found : C:\WINDOWS\System32\drivers\{c1d34112-ccf7-4f13-826c-4764055c111d}Gw64.sysFile Found : C:\WINDOWS\System32\drivers\{f5d136d7-adc2-4c84-85b2-e564334ab0bc}Gw64.sysFile Found : C:\WINDOWS\System32\drivers\Msft_Kernel_webTinstMKTN_01009.WdfFile Found : C:\WINDOWS\System32\roboot64.exeFolder Found : C:\Program Files (x86)\app_setupFolder Found : C:\Program Files (x86)\CloudScout Parental ControlFolder Found : C:\Program Files (x86)\daiilypruiizeFolder Found : C:\Program Files (x86)\EuXsTraCeoUpouneFolder Found : C:\Program Files (x86)\globalUpdateFolder Found : C:\Program Files (x86)\LighterInitFolder Found : C:\Program Files (x86)\Portable BoosterFolder Found : C:\Program Files (x86)\predmFolder Found : C:\Program Files (x86)\PricelessFolder Found : C:\Program Files (x86)\PRiCeLLessFolder Found : C:\Program Files (x86)\PriiceLessFolder Found : C:\Program Files (x86)\SafeGuardFolder Found : C:\Program Files (x86)\SalePluuSFolder Found : C:\Program Files (x86)\SaveNewaApppzFolder Found : C:\Program Files (x86)\SnowFolder Found : C:\Program Files (x86)\supporterFolder Found : C:\Program Files (x86)\unisalEEsFolder Found : C:\Program Files\Common Files\GoobzoFolder Found : C:\Program Files\Common Files\pastaleadsFolder Found : C:\Program Files\ReimageFolder Found : C:\ProgramData\{c5bbbd71-6826-68dc-c5bb-bbd71682f5c5}Folder Found : C:\ProgramData\e2a2e4bc00004623Folder Found : C:\ProgramData\ea659074f9375cb7Folder Found : C:\ProgramData\LolliScanFolder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP4 PlayerFolder Found : C:\ProgramData\PastaLeadsAgentFolder Found : C:\ProgramData\SearchModuleFolder Found : C:\ProgramData\SearchModulePlusFolder Found : C:\ProgramData\The AdBlockerFolder Found : C:\reiFolder Found : C:\Users\Administrator\AppData\Local\Chromatic BrowserFolder Found : C:\Users\Administrator\AppData\Local\CrossbrowseFolder Found : C:\Users\Administrator\AppData\Local\torchFolder Found : C:\Users\Elliot\AppData\Local\5C01EC50-1428797024-81E3-29CC-6002922620B1Folder Found : C:\Users\Elliot\AppData\Local\BrowserHelperFolder Found : C:\Users\Elliot\AppData\Local\Chromatic BrowserFolder Found : C:\Users\Elliot\AppData\Local\CrossbrowseFolder Found : C:\Users\Elliot\AppData\Local\globalUpdateFolder Found : C:\Users\Elliot\AppData\Local\Obrona Block AdsFolder Found : C:\Users\Elliot\AppData\Local\PriceFountainFolder Found : C:\Users\Elliot\AppData\Local\Temp\AdvanceEliteFolder Found : C:\Users\Elliot\AppData\Local\Temp\neurowiseFolder Found : C:\Users\Elliot\AppData\Local\torchFolder Found : C:\Users\Elliot\AppData\Roaming\AnyProtectExFolder Found : C:\Users\Elliot\AppData\Roaming\FirefoxToolbarFolder Found : C:\Users\Elliot\AppData\Roaming\WebExtendFolder Found : C:\Users\Guest\AppData\Local\Chromatic BrowserFolder Found : C:\Users\Guest\AppData\Local\CrossbrowseFolder Found : C:\Users\Guest\AppData\Local\torchFolder Found : C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\BrowserHelperFolder Found : C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\SafeGuardFolder Found : C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\AnyProtectEx***** [ Scheduled tasks ] *****Task Found : APSnotifierPP1Task Found : APSnotifierPP2Task Found : APSnotifierPP3Task Found : SMupdate1Task Found : LaunchPreSignupTask Found : Microsoft\Windows\Multimedia\SMupdate3Task Found : Microsoft\Windows\Maintenance\SMupdate2Task Found : amiupdaterExdTask Found : amiupdaterExi***** [ Shortcuts ] *****Shortcut Infected : C:\Users\Public\Desktop\Mozilla Firefox.lnkShortcut Infected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnkShortcut Infected : C:\Users\Elliot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnkShortcut Infected : C:\Users\Elliot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnkShortcut Infected : C:\Users\Elliot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnkShortcut Infected : C:\Users\Elliot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk***** [ Registry ] *****Key Found : HKCU\Software\AnyProtectKey Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}Key Found : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}Key Found : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}Key Found : HKCU\Software\AppDataLow\Software\CheckMeUpKey Found : HKCU\Software\AppDataLow\Software\CrossriderKey Found : HKCU\Software\ArenaHDKey Found : HKCU\Software\BrothersoftKey Found : HKCU\Software\ClientConnectKey Found : HKCU\Software\Conduit_Search_ProtectKey Found : HKCU\Software\CrossbrowseKey Found : HKCU\Software\GAMESDESKTOPKey Found : HKCU\Software\GlobalUpdateKey Found : HKCU\Software\Google\Chrome\Extensions\kfecnpmgnlnbmipaogfhoacoioifjgkoKey Found : HKCU\Software\HighDefActionKey Found : HKCU\Software\InstallCoreKey Found : HKCU\Software\LinkeyKey Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www-searching.comKey Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0FBCE097-7BF0-45DC-90D0-0B1532E6A047}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1}Key Found : HKCU\Software\Optimizer ProKey Found : HKCU\Software\Red SkyKey Found : HKCU\Software\SafeGuardAppKey Found : HKCU\Software\SoftonicKey Found : HKCU\Software\Super OptimizerKey Found : HKCU\Software\systweakKey Found : HKCU\Software\YorkNewCinKey Found : [x64] HKCU\Software\AnyProtectKey Found : [x64] HKCU\Software\ArenaHDKey Found : [x64] HKCU\Software\BrothersoftKey Found : [x64] HKCU\Software\ClientConnectKey Found : [x64] HKCU\Software\Conduit_Search_ProtectKey Found : [x64] HKCU\Software\CrossbrowseKey Found : [x64] HKCU\Software\GAMESDESKTOPKey Found : [x64] HKCU\Software\GlobalUpdateKey Found : [x64] HKCU\Software\HighDefActionKey Found : [x64] HKCU\Software\InstallCoreKey Found : [x64] HKCU\Software\LinkeyKey Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0FBCE097-7BF0-45DC-90D0-0B1532E6A047}Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458E-AE16-1C1D8255C28A}Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}Key Found : [x64] HKCU\Software\Optimizer ProKey Found : [x64] HKCU\Software\Red SkyKey Found : [x64] HKCU\Software\SafeGuardAppKey Found : [x64] HKCU\Software\SoftonicKey Found : [x64] HKCU\Software\Super OptimizerKey Found : [x64] HKCU\Software\systweakKey Found : [x64] HKCU\Software\YorkNewCinKey Found : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}Key Found : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}Key Found : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}Key Found : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}Key Found : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}Key Found : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}Key Found : HKLM\SOFTWARE\96f1d427-b5ee-3f42-b596-624b865b5027Key Found : HKLM\SOFTWARE\ArenaHDKey Found : HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\SysMenuExtKey Found : HKLM\SOFTWARE\Classes\AppID\{4D6A5312-AB4D-41AA-8BED-0E019B87CA11}Key Found : HKLM\SOFTWARE\Classes\AppID\{D813D5BB-EBC7-45F9-B8A4-36A305168069}Key Found : HKLM\SOFTWARE\Classes\AppID\SysMenu.DLLKey Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}Key Found : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}Key Found : HKLM\SOFTWARE\Classes\TypeLib\{046B74D1-7337-45AC-B266-A6625FBDDA47}Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3E52324B-66BF-44AE-A8C5-2DB48E90E729}Key Found : HKLM\SOFTWARE\Classes\TypeLib\{96BB8E60-6EF9-47E0-9ED8-4AD477ECF427}Key Found : HKLM\SOFTWARE\Classes\TypeLib\{999A70CB-7657-4A48-A92A-BE29FF9D5443}Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EB559340-3A8F-4456-B24D-160098054EF0}Key Found : HKLM\SOFTWARE\CompeteIncKey Found : HKLM\SOFTWARE\CrossbrowseKey Found : HKLM\SOFTWARE\GlobalUpdateKey Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedhKey Found : HKLM\SOFTWARE\Google\Chrome\Extensions\kfecnpmgnlnbmipaogfhoacoioifjgkoKey Found : HKLM\SOFTWARE\HighDefActionKey Found : HKLM\SOFTWARE\LolliScanKey Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{977a63}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{977a63}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{be0fb33b}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4CEE92A3-9F0C-51AB-ADC0-34EC24AD7B7E}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4CEE92A3-9F0C-51AB-ADC0-34EC24AD7B7E}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5A1D3F9E-73B5-95EC-1233-6646E1358965}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{75F9BF4A-AF67-A478-A37B-31D73186D3F3}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B696F285-F54E-2524-58B1-E06A70ABE6BE}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackageKey Found : HKLM\SOFTWARE\SafeGuardAppKey Found : HKLM\SOFTWARE\SiteSeeKey Found : HKLM\SOFTWARE\SmdmFKey Found : HKLM\SOFTWARE\systweakKey Found : HKLM\SOFTWARE\TutorialsKey Found : HKLM\SOFTWARE\WebProtectorKey Found : HKLM\SOFTWARE\YorkNewCinKey Found : [x64] HKLM\SOFTWARE\ArenaHDKey Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486}Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}Key Found : [x64] HKLM\SOFTWARE\HighDefActionKey Found : [x64] HKLM\SOFTWARE\LolliScanKey Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0FBCE097-7BF0-45DC-90D0-0B1532E6A047}Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458E-AE16-1C1D8255C28A}Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BubbleSoundKey Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Reimage RepairKey Found : [x64] HKLM\SOFTWARE\ReimageKey Found : [x64] HKLM\SOFTWARE\ShopperProKey Found : [x64] HKLM\SOFTWARE\YorkNewCinKey Found : [x64] HKLM\SOFTWARE\YTDownloaderKey Found : HKU\.DEFAULT\Software\AnyProtectValue Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Itibiti.exe]Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Obrona Block Ads]Value Found : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]***** [ Web browsers ] *****-\\ Internet Explorer v11.0.9600.17416Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://searchy.easylifeapp.com/Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://searchy.easylifeapp.com/-\\ Mozilla Firefox v34.0.5 (x86 en-US)[lgxvty25.default] - Line Found : user_pref("browser.search.hiddenOneOffs", "default-search.net");[lgxvty25.default] - Line Found : user_pref("browser.search.order.1", "default-search.net");[lgxvty25.default] - Line Found : user_pref("extensions.0mpefGZdup1hBtrn.scode", "(function(){try{if(window.location.href.indexOf(\"rjaErjC5pjY5rTk4pja6rdgFrTk\")>-1){return;}}catch(e){}try{var d=[[\"trianglecash.com\",\"acebook\",\"f[...][lgxvty25.default] - Line Found : user_pref("extensions.WYXdNbFDwzsln9X5.scode", "(function(){try{if(window.location.href.indexOf(\"rjaErjC5pjY5rTk4pja6rdgFrTk\")>-1){return;}}catch(e){}try{var d=[[\"trianglecash.com\",\"acebook\",\"f[...][lgxvty25.default] - Line Found : user_pref("extensions.astrmndasr.hmpgUrl", "hxxp://astromenda.com/?f=1&a=ast_ir_14_43_ie&cd=2XzuyEtN2Y1L1QzuyCtDtDtBzytBtByCtBtD0BtCzyzz0B0DtN0D0Tzu0StCtDtByBtN1L2XzutAtFyDtFtCtFyEtN1L1CzutCyEtBzytDyD[...][lgxvty25.default] - Line Found : user_pref("extensions.astrmndasr.newTabUrl", "hxxp://astromenda.com/?f=2&a=ast_ir_14_43_ie&cd=2XzuyEtN2Y1L1QzuyCtDtDtBzytBtByCtBtD0BtCzyzz0B0DtN0D0Tzu0StCtDtByBtN1L2XzutAtFyDtFtCtFyEtN1L1CzutCyEtBzytD[...][lgxvty25.default] - Line Found : user_pref("extensions.astrmndasr.prtnrId", "WSE_Astromenda");[lgxvty25.default] - Line Found : user_pref("extensions.astrmndasr.srchPrvdr", "Astromenda");[lgxvty25.default] - Line Found : user_pref("extensions.astrmndasr.tlbrSrchUrl", "hxxp://astromenda.com/?f=3&a=ast_ir_14_43_ie&cd=2XzuyEtN2Y1L1QzuyCtDtDtBzytBtByCtBtD0BtCzyzz0B0DtN0D0Tzu0StCtDtByBtN1L2XzutAtFyDtFtCtFyEtN1L1CzutCyEtBzy[...][lgxvty25.default] - Line Found : user_pref("extensions.bivQuPlMK5nn0ULm.scode", "(function(){try{if(window.location.href.indexOf(\"rjaErjC5pjY5rTk4pja6rdgFrTk\")>-1){return;}}catch(e){}try{var d=[[\"trianglecash.com\",\"acebook\",\"f[...][lgxvty25.default] - Line Found : user_pref("extensions.kXOa0xRbnQz64xFT.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.index[...][lgxvty25.default] - Line Found : user_pref("extensions.wmrhjLv5qa4wfEUs.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.index[...][lgxvty25.default] - Line Found : user_pref("extensions.yS2e4LjfcqIRv7iV.scode", "(function(){try{if(window.location.href.indexOf(\"rjaErjC5pjY5rTk4pja6rdgFrTk\")>-1){return;}}catch(e){}try{var d=[[\"www.viracure.com\",\"onesystemcare[...][lgxvty25.default] - Line Found : user_pref("extensions.zFTic99O1kh7mWT1.scode", "(function(){try{if(window.location.href.indexOf(\"rjaErjC5pjY5rTk4pja6rdgFrTk\")>-1){return;}}catch(e){}try{var d=[[\"www.viracure.com\",\"onesystemcare[...][lgxvty25.default] - Line Found : user_pref("keyword.URL", "hxxp://www-searching.com/search.aspx?s=F4Cztutdk0004,23738b36-0a35-450d-bb42-0de09fbfd007,&q=");-\\ Google Chrome v-\\ Comodo Dragon v-\\ Chrome Canary v*************************AdwCleaner[R0].txt - [17175 bytes] - [23/05/2015 13:03:35]########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [17235 bytes] ##########