# AdwCleaner v6.

030 - Logfile created 01/12/2016 at 01:46:39

# Updated on 19/10/2016 by Malwarebytes
# Database : 2016-11-29.1 [Server]
# Operating System : Windows 7 Ultimate Service Pack 1 (X64)
# Username : Renno Underscore - RENNOUNDERSCORE
# Running from : C:\Users\Renno Underscore\Pictures\adwcleaner_6.030.exe
# Mode: Clean
# Support : hxxps://www.malwarebytes.com/support

***** [ Services ] *****

[-] Service deleted: iSafeKrnlMon

[-] Service deleted: UCBrowserSvc
[-] Service deleted: WinSAPSvc
[-] Service deleted: Archer
[-] Service deleted: ed2kidle
[-] Service deleted: UvConv

***** [ Folders ] *****

[-] Folder deleted: C:\Users\Renno Underscore\AppData\Local\VirtualStore\Program

Files\GeniusBox
[#] Folder deleted on reboot: C:\Users\Renno Underscore\AppData\Roaming\Elex-tech
[-] Folder deleted: C:\Users\Renno
Underscore\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\amuleC
[-] Folder deleted: C:\Program Files\GeniusBox
[-] Folder deleted: C:\ProgramData\ChelfNotify
[-] Folder deleted: C:\ProgramData\Thunder Network
[-] Folder deleted: C:\ProgramData\WinSAPSvc
[#] Folder deleted on reboot: C:\ProgramData\thunder network
[#] Folder deleted on reboot: C:\ProgramData\Application Data\ChelfNotify
[#] Folder deleted on reboot: C:\ProgramData\Application Data\Thunder Network
[#] Folder deleted on reboot: C:\ProgramData\Application Data\WinSAPSvc
[#] Folder deleted on reboot: C:\ProgramData\Application Data\thunder network
[#] Folder deleted on reboot: C:\Program Files (x86)\Elex-tech
[-] Folder deleted: C:\Program Files (x86)\WebShield
[-] Folder deleted: C:\Program Files (x86)\WinArcher
[-] Folder deleted: C:\Program Files (x86)\UvConverter
[-] Folder deleted: C:\ProgramData\Microsoft\Network\Dsq

***** [ Files ] *****

[-] File deleted: C:\Windows\SysNative\log\iSafeKrnlCall.log

[-] File deleted: C:\Windows\SysNative\drivers\iSafeKrnlBoot.sys
[-] File deleted: C:\Windows\SysNative\drivers\iSafeNetFilter.sys

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

[!] Shortcut not deleted: C:\Users\Public\Desktop\Google Chrome.lnk

[-] Shortcut disinfected: C:\ProgramData\Microsoft\Windows\Start
Menu\Programs\Avast SafeZone Browser.lnk
[-] Shortcut disinfected: C:\ProgramData\Microsoft\Windows\Start
Menu\Programs\Google Chrome.lnk
[-] Shortcut disinfected: C:\Users\Renno
Underscore\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet
Explorer Browser.lnk
[-] Shortcut disinfected: C:\Users\Renno
Underscore\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User
Pinned\TaskBar\Google Chrome.lnk
[-] Shortcut disinfected: C:\Users\Renno
Underscore\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User
Pinned\StartMenu\Google Chrome.lnk

***** [ Scheduled Tasks ] *****

***** [ Registry ] *****

[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\services\iSafeKrnl

[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\services\iSafeKrnlBoot
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\services\iSafeKrnlKit
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\services\iSafeKrnlR3
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\services\iSafeNetFilter
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\services\iSafeService
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{3E0DB45B-9FCC-4064-B48C-080BD03A99A4}
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{C81BED3B-31BD-491F-813D-78EFC2638CE1}
[-] Key deleted: HKU\.DEFAULT\Software\UCBrowser
[-] Key deleted: HKU\.DEFAULT\Software\ompndb
[-] Key deleted: HKU\S-1-5-21-2477263743-4060048676-798255805-
1000\Software\UCBrowser
[-] Key deleted: HKU\S-1-5-21-2477263743-4060048676-798255805-
1000\Software\UCBrowserPID
[#] Key deleted on reboot: HKU\S-1-5-18\Software\UCBrowser
[#] Key deleted on reboot: HKU\S-1-5-18\Software\ompndb
[#] Key deleted on reboot: HKCU\Software\UCBrowser
[#] Key deleted on reboot: HKCU\Software\UCBrowserPID
[-] Key deleted: HKLM\SOFTWARE\Elex-tech
[-] Key deleted: HKLM\SOFTWARE\UCBrowser
[-] Key deleted: HKLM\SOFTWARE\UCBrowserPID
[-] Key deleted: HKLM\SOFTWARE\SkypeUpdateEx
[-] Key deleted: HKLM\SOFTWARE\ScreenShot
[-] Key deleted: HKLM\SOFTWARE\ompndb
[-] Key deleted: HKLM\SOFTWARE\WinArcher
[-] Key deleted: HKLM\SOFTWARE\amule-custom
[-] Key deleted: HKLM\SOFTWARE\HPReyos
[-] Key deleted: HKLM\SOFTWARE\amisitesSoftware
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\UCBrowser
[#] Key deleted on reboot: [x64] HKCU\Software\UCBrowser
[#] Key deleted on reboot: [x64] HKCU\Software\UCBrowserPID
[-] Key deleted: [x64] HKLM\SOFTWARE\ompndb
[-] Key deleted: [x64] HKLM\SOFTWARE\mweshield
[-] Key deleted:
HKLM\SOFTWARE\Classes\Installer\Features\F39E5917C417B4041A46F88010121C6E
[-] Key deleted:
HKLM\SOFTWARE\Classes\Installer\Products\F39E5917C417B4041A46F88010121C6E
[-] Key deleted: [x64]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-
18\Products\F39E5917C417B4041A46F88010121C6E
[#] Key deleted on reboot: [x64]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-
18\Products\F39E5917C417B4041A46F88010121C6E
[#] Key deleted on reboot: [x64]
HKLM\SOFTWARE\Classes\Installer\Features\F39E5917C417B4041A46F88010121C6E
[#] Key deleted on reboot: [x64]
HKLM\SOFTWARE\Classes\Installer\Products\F39E5917C417B4041A46F88010121C6E
[#] Data restored on reboot: HKU\S-1-5-21-2477263743-4060048676-798255805-
1000\Software\Microsoft\Internet Explorer\Main [Start Page]
[#] Data restored on reboot: HKU\S-1-5-21-2477263743-4060048676-798255805-
1000\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[#] Data restored on reboot: HKCU\Software\Microsoft\Internet Explorer\Main [Start
Page]
[#] Data restored on reboot: HKCU\Software\Microsoft\Internet Explorer\Main
[Default_Page_URL]
[-] Data restored: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main
[Default_Search_URL]
[#] Data restored on reboot: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main
[Default_Page_URL]
[#] Data restored on reboot: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start
Page]
[-] Data restored: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[#] Data restored on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\Main
[Start Page]
[#] Data restored on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\Main
[Default_Page_URL]
[-] Data restored: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main
[Default_Search_URL]
[#] Data restored on reboot: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main
[Default_Page_URL]
[#] Data restored on reboot: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main
[Start Page]
[-] Data restored: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search
Page]
[-] Key deleted: HKU\S-1-5-21-2477263743-4060048676-798255805-
1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-
49120163DE86}
[#] Data restored on reboot: HKU\S-1-5-21-2477263743-4060048676-798255805-
1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-
D776-472f-A0FF-E1416B8B2E3A}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-
99AF-4226-BDF6-49120163DE86}
[#] Data restored on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes
[DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-
99AF-4226-BDF6-49120163DE86}
[#] Data restored on reboot: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
[DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Key deleted: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\
{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[#] Data restored on reboot: [x64] HKCU\Software\Microsoft\Internet
Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\
{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[#] Data restored on reboot: [x64] HKLM\SOFTWARE\Microsoft\Internet
Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Key deleted: HKLM\SOFTWARE\Clients\StartMenuInternet\UCBrowser
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App
Paths\UCBrowser.exe
[-] Value deleted: HKLM\SOFTWARE\RegisteredApplications [UCBrowser]
[-] Key deleted:
HKLM\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\UCBrowser.exe
[-] Value deleted: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost
[WinSAPSvc]
[-] Value deleted: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost
[ArcherGroupEx]

***** [ Web browsers ] *****

*************************

:: "Tracing" keys deleted

:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [8830 Bytes] - [01/12/2016 01:46:39]

C:\AdwCleaner\AdwCleaner[S0].txt - [10417 Bytes] - [01/12/2016 01:27:41]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [8977 Bytes] ##########