2017-04-12 18:17:21 : [main] - Saving current options to the configuration file 2017-04-12 18:17:22 : [main.gui] - Scan requested 2017-04-12 18:17:22 : [scan] - Running from: C:\AdwCleaner 2017-04-12 18:17:22 : [scan] - Progress: 0% 2017-04-12 18:17:22 : [database] - Checking for database updates 2017-04-12 18:17:22 : [main.network] - Requesting the latest database release number 2017-04-12 18:17:29 : [main.network] - Latest definitions: ce5e6b43ed0df5889c92044333ba91a9 2017-04-12 18:17:29 : [main.network] - Updating definitions 2017-04-12 18:18:38 : INFO [main] - >>>> STARTING <<<< 2017-04-12 18:18:38 : INFO [main] - Version: 6.045 2017-04-12 18:18:38 : INFO [main] - RAM Usage: 57 2017-04-12 18:18:38 : INFO [main] - OS: WIN_10 X86 2017-04-12 18:18:38 : [main.language] - Checking the language 2017-04-12 18:18:38 : [main.language] - Language found: en 2017-04-12 18:18:38 : [main.network] - Checking the network connectivity 2017-04-12 18:18:38 : [main.network] - Network connectivity status: True 2017-04-12 18:18:38 : [main.eula] - Checking for EULA agreement 2017-04-12 18:18:38 : [main.network] - Check for updates 2017-04-12 18:18:38 : [main.network] - Requesting the last release number 2017-04-12 18:18:42 : [main.network] - The current version is up-to-date 2017-04-12 18:18:42 : [main.gui] - GUI setup 2017-04-12 18:18:42 : [main.gui] - Languages setup 2017-04-12 18:18:42 : [main] - Chrome is installed: True 2017-04-12 18:18:42 : [main] - Firefox is installed: True 2017-04-12 18:18:42 : [main.gui] - Showing the gui 2017-04-12 18:19:01 : [main.gui] - Showing Options window 2017-04-12 18:19:30 : [main] - Saving current options to the configuration file 2017-04-12 18:19:51 : [main.gui] - Scan requested 2017-04-12 18:19:51 : [scan] - Running from: C:\AdwCleaner 2017-04-12 18:19:51 : [scan] - Progress: 0% 2017-04-12 18:19:51 : [database] - Checking for database updates 2017-04-12 18:19:51 : [main.network] - Requesting the latest database release number 2017-04-12 18:19:56 : [main.network] - Latest definitions: ce5e6b43ed0df5889c92044333ba91a9 2017-04-12 18:19:56 : [main.network] - Updating definitions 2017-04-12 18:20:07 : [main.network] - Saving the updated definitions 2017-04-12 18:20:07 : [database] - Database successfully updated: CE5E6B43ED0DF5889C92044333BA91A9 2017-04-12 18:20:07 : [scan] - Progress: 5% 2017-04-12 18:20:07 : [database] - Initialize the database 2017-04-12 18:20:07 : [database] - Loading sqlite3.dll 2017-04-12 18:20:07 : [database] - Opening the database 2017-04-12 18:20:07 : [database] - Querying database's version 2017-04-12 18:20:07 : [database] - Loading internal data 2017-04-12 18:20:07 : [database] - Loading detections 2017-04-12 18:20:12 : [database] - Loading generics 2017-04-12 18:20:12 : [database] - Closing the database 2017-04-12 18:20:12 : [database] - Closing database 2017-04-12 18:20:12 : [database] - Unloading sqlite3.dll 2017-04-12 18:20:12 : [scan] - Progress: 15% 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [1] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [2] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [3] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [4] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [5] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [6] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [7] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [8] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [9] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [10] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [11] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [12] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [13] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [14] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [15] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [16] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [17] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [18] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [19] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [20] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [21] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [22] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [23] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [24] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [25] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [26] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [27] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [28] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [29] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [30] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [31] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [32] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [33] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [34] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [35] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [36] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [37] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [38] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [39] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [40] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [41] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [42] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [43] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [44] 2017-04-12 18:20:12 : [scan.generic] - Generating generic detections [45] 2017-04-12 18:20:12 : [scan.generic] - Generic detections generated 2017-04-12 18:20:12 : [scan] - Progress: 20% 2017-04-12 18:20:12 : [scan.generic] - Starting generic analysis 2017-04-12 18:20:34 : [scan.generic] - Found HKLM\SOFTWARE\5b952a37-ebad-c0b3-e5d4-92d30f6ce1bc 2017-04-12 18:20:34 : [scan.generic] - Found Tafewardkinerpy 2017-04-12 18:20:48 : [scan] - Progress: 30% 2017-04-12 18:20:48 : [scan.services] - Starting services scan [1] 2017-04-12 18:20:48 : [scan.registry] - Found WindowsMangerProtect 2017-04-12 18:20:48 : [scan.registry] - Found GoogleChromeUpService 2017-04-12 18:20:48 : [scan.registry] - Found FirefoxU 2017-04-12 18:20:48 : [scan.registry] - Found WinSnare 2017-04-12 18:20:48 : [scan.registry] - Found windowsmangerprotect 2017-04-12 18:20:48 : [scan.registry] - Found googlechromeupservice 2017-04-12 18:20:48 : [scan.registry] - Found SNARER 2017-04-12 18:20:48 : [scan.services] - Stopping services scan [1] 2017-04-12 18:20:48 : [scan.services] - Starting services scan [2] 2017-04-12 18:20:49 : [scan.services] - Found AMD 2017-04-12 18:20:49 : [scan.services] - Stopping services scan [2] 2017-04-12 18:20:49 : [scan.services] - 1 malicious services found 2017-04-12 18:20:49 : [scan] - Progress: 40% 2017-04-12 18:20:49 : [scan.folders] - Starting folders scan 2017-04-12 18:21:37 : [scan.folders] - Found C:\Users\Vaishnavi\AppData\Roaming\Firefox 2017-04-12 18:21:37 : [scan.folders] - Found C:\Users\Vaishnavi\AppData\Local\Firefox 2017-04-12 18:21:37 : [scan.folders] - Stopping folders scan 2017-04-12 18:21:37 : [scan.folders] - 2 malicious folders found 2017-04-12 18:21:37 : [scan] - Progress: 50% 2017-04-12 18:21:37 : [scan.files] - Starting files scan 2017-04-12 18:21:42 : [scan.files] - Found C:\Users\Vaishnavi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet-Explorer Browser.lnk 2017-04-12 18:21:43 : [scan.files] - Found C:\Users\Vaishnavi\AppData\Roaming\Microsoft\Windows\Start Menu\¿ìѹ.lnk 2017-04-12 18:21:49 : [scan.files] - Found C:\WINDOWS\system32\findit.xml 2017-04-12 18:21:50 : [scan.files] - Found C:\WINDOWS\system32\drivers\iSafeKrnlBoot.sys 2017-04-12 18:21:50 : [scan.files] - Found C:\WINDOWS\system32\drivers\KuaiZipDrive.sys 2017-04-12 18:21:51 : [scan.files] - Found C:\WINDOWS\rsrcs.dll 2017-04-12 18:21:51 : [scan.files] - Found C:\Program Files\settings.dat 2017-04-12 18:21:51 : [scan.files] - Found C:\Users\Public\Documents\temp.dat 2017-04-12 18:21:51 : [scan.files] - Found C:\Users\Public\Documents\report.dat 2017-04-12 18:21:51 : [scan.files] - Stopping files scan 2017-04-12 18:21:51 : [scan.files] - 9 malicious files found 2017-04-12 18:21:51 : [scan] - Progress: 55% 2017-04-12 18:21:51 : [scan.dll] - Starting DLL scan 2017-04-12 18:21:51 : [scan.dll] - Stopping DLL scan 2017-04-12 18:21:51 : [scan.dll] - 0 malicious DLL found 2017-04-12 18:21:51 : [scan] - Progress: 60% 2017-04-12 18:21:51 : [scan.wmi] - Starting WMI scan 2017-04-12 18:21:51 : [scan.wmi] - Found \root\subscription 2017-04-12 18:21:51 : [scan.wmi] - Stopping WMI scan 2017-04-12 18:21:51 : [scan.wmi] - 1 malicious WMI found 2017-04-12 18:21:51 : [scan] - Progress: 65% 2017-04-12 18:21:51 : [scan.shortcuts] - Starting shortcuts scan 2017-04-12 18:21:57 : [scan.shortcuts] - Cannot scan C:\Users\Vaishnavi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet-Explorer Browser.lnk 2017-04-12 18:22:00 : [scan.shortcuts] - Stopping shortcuts scan 2017-04-12 18:22:00 : [scan.shortcuts] - 0 malicious shortcuts found 2017-04-12 18:22:00 : [scan] - Progress: 70% 2017-04-12 18:22:00 : [scan.tasks] - Starting tasks scan 2017-04-12 18:22:01 : [scan.tasks] - Found Milimili 2017-04-12 18:22:01 : [scan.tasks] - Found iorrt 2017-04-12 18:22:01 : [scan.tasks] - Found Windows-PG 2017-04-12 18:22:01 : [scan.tasks] - Stopping tasks scan 2017-04-12 18:22:01 : [scan.tasks] - 4 malicious tasks found 2017-04-12 18:22:01 : [scan] - Progress: 75% 2017-04-12 18:22:01 : [scan.registry] - Starting registry scan [1] 2017-04-12 18:22:02 : [scan.registry] - Found Fishjanesc 2017-04-12 18:22:02 : [scan.registry] - Found QZipShell.ContextMenuExt 2017-04-12 18:22:02 : [scan.registry] - Found QZipShell.ContextMenuExt.1 2017-04-12 18:22:02 : [scan.registry] - Found QZipShell.DragDropMenu 2017-04-12 18:22:02 : [scan.registry] - Found QZipShell.DragDropMenu.1 2017-04-12 18:22:02 : [scan.registry] - Found QZipShell.KYDropHandler 2017-04-12 18:22:02 : [scan.registry] - Found QZipShell.KYDropHandler.1 2017-04-12 18:22:02 : [scan.registry] - Found QZipShell.KzShlobj 2017-04-12 18:22:02 : [scan.registry] - Found QZipShell.KzShlobj.1 2017-04-12 18:22:02 : [scan.registry] - Found QZipShell.PropertyExt 2017-04-12 18:22:02 : [scan.registry] - Found QZipShell.PropertyExt.1 2017-04-12 18:22:03 : [scan.registry] - Stopping registry scan [1] 2017-04-12 18:22:03 : [scan.registry] - Starting registry scan [2] 2017-04-12 18:22:05 : [scan.registry] - Found {9CC34070-3A38-4C7A-89CB-EF8177EF07A1} 2017-04-12 18:22:05 : [scan.registry] - Found {2FB831EA-DA68-4A66-8E31-A2D976A6296C} 2017-04-12 18:22:05 : [scan.registry] - Found {3DCCD550-7586-40D2-A51D-D2F98EC06B3C} 2017-04-12 18:22:05 : [scan.registry] - Found {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} 2017-04-12 18:22:05 : [scan.registry] - Found {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} 2017-04-12 18:22:05 : [scan.registry] - Found {C9487131-EF4C-40D9-BA70-E85356CAF67E} 2017-04-12 18:22:06 : [scan.registry] - Found {86C4C3BA-4EA4-4CF8-98B9-6B07B477B835} 2017-04-12 18:22:07 : [scan.registry] - Found {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} 2017-04-12 18:22:10 : [scan.registry] - Stopping registry scan [2] 2017-04-12 18:22:10 : [scan.registry] - Starting registry scan [3] 2017-04-12 18:22:10 : [scan.registry] - Found KuaiZip 2017-04-12 18:22:10 : [scan.registry] - Found UpgSvr 2017-04-12 18:22:10 : [scan.registry] - Found xvb`lj 2017-04-12 18:22:10 : [scan.registry] - Found {12DA0E6F-5543-440C-BAA2-28BF01070AFA} 2017-04-12 18:22:11 : [scan.registry] - Found APN PIP 2017-04-12 18:22:11 : [scan.registry] - Found AskPartnerNetwork 2017-04-12 18:22:11 : [scan.registry] - Found HomeTab 2017-04-12 18:22:11 : [scan.registry] - Found Kromtech 2017-04-12 18:22:11 : [scan.registry] - Found Mozilla\Extends 2017-04-12 18:22:11 : [scan.registry] - Found PIP 2017-04-12 18:22:11 : [scan.registry] - Found PRODUCTSETUP 2017-04-12 18:22:11 : [scan.registry] - Found SearchProtectWS 2017-04-12 18:22:11 : [scan.registry] - Found simplytech 2017-04-12 18:22:11 : [scan.registry] - Found Simplytech\HomeTab 2017-04-12 18:22:11 : [scan.registry] - Found TNT2 2017-04-12 18:22:11 : [scan.registry] - Found csastats 2017-04-12 18:22:11 : [scan.registry] - Found SIMPLYTECH 2017-04-12 18:22:11 : [scan.registry] - Found KuaiZip 2017-04-12 18:22:11 : [scan.registry] - Found mtUtatity 2017-04-12 18:22:11 : [scan.registry] - Found WinSnare 2017-04-12 18:22:11 : [scan.registry] - Found Fishjane 2017-04-12 18:22:11 : [scan.registry] - Found deskapp 2017-04-12 18:22:11 : [scan.registry] - Found {12DA0E6F-5543-440C-BAA2-28BF01070AFA} 2017-04-12 18:22:11 : [scan.registry] - Found {4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9} 2017-04-12 18:22:11 : [scan.registry] - Found {D01A33E2-0A34-4659-82AA-8A90C51C0D21} 2017-04-12 18:22:11 : [scan.registry] - Found IMBoosterARP 2017-04-12 18:22:11 : [scan.registry] - Found IminentToolbar 2017-04-12 18:22:11 : [scan.registry] - Found SearchProtect 2017-04-12 18:22:11 : [scan.registry] - Found Vosteran.com 2017-04-12 18:22:11 : [scan.registry] - Found WajIntEnhance 2017-04-12 18:22:11 : [scan.registry] - Found SEARCHPROTECT 2017-04-12 18:22:12 : [scan.registry] - Found {12DA0E6F-5543-440C-BAA2-28BF01070AFA} 2017-04-12 18:22:13 : [scan.registry] - Found Installer 2017-04-12 18:22:13 : [scan.registry] - Found AutoTime 2017-04-12 18:22:13 : [scan.registry] - Found SNDA 2017-04-12 18:22:13 : [scan.registry] - Found mtUtatity 2017-04-12 18:22:13 : [scan.registry] - Found MICROSOFT\wewewe 2017-04-12 18:22:13 : [scan.registry] - Found WinSnare 2017-04-12 18:22:13 : [scan.registry] - Found dlr 2017-04-12 18:22:13 : [scan.registry] - Found PopWnd 2017-04-12 18:22:13 : [scan.registry] - Found UpgSvr 2017-04-12 18:22:13 : [scan.registry] - Found deskapp 2017-04-12 18:22:13 : [scan.registry] - Found {12DA0E6F-5543-440C-BAA2-28BF01070AFA} 2017-04-12 18:22:14 : [scan.registry] - Found AppTrailers 2017-04-12 18:22:14 : [scan.registry] - Found KuaiZip 2017-04-12 18:22:14 : [scan.registry] - Found UpgSvr 2017-04-12 18:22:14 : [scan.registry] - Found xvb`lj 2017-04-12 18:22:14 : [scan.registry] - Found {12DA0E6F-5543-440C-BAA2-28BF01070AFA} 2017-04-12 18:22:15 : [scan.registry] - Found Installer 2017-04-12 18:22:15 : [scan.registry] - Found AutoTime 2017-04-12 18:22:15 : [scan.registry] - Found SNDA 2017-04-12 18:22:15 : [scan.registry] - Found mtUtatity 2017-04-12 18:22:15 : [scan.registry] - Found MICROSOFT\wewewe 2017-04-12 18:22:15 : [scan.registry] - Found WinSnare 2017-04-12 18:22:15 : [scan.registry] - Found dlr 2017-04-12 18:22:15 : [scan.registry] - Found PopWnd 2017-04-12 18:22:15 : [scan.registry] - Found UpgSvr 2017-04-12 18:22:15 : [scan.registry] - Found deskapp 2017-04-12 18:22:15 : [scan.registry] - Found {12DA0E6F-5543-440C-BAA2-28BF01070AFA} 2017-04-12 18:22:15 : [scan.registry] - Found AppTrailers 2017-04-12 18:22:15 : [scan.registry] - Found {12A61307-94CD-4F8E-94BC-918E511FAA81} 2017-04-12 18:22:15 : [scan.registry] - Found {12DA0E6F-5543-440C-BAA2-28BF01070AFA} 2017-04-12 18:22:15 : [scan.registry] - Found {3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} 2017-04-12 18:22:15 : [scan.registry] - Found {4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9} 2017-04-12 18:22:15 : [scan.registry] - Found AIM Toolbar 2017-04-12 18:22:15 : [scan.registry] - Found AskPartnerNetwork 2017-04-12 18:22:15 : [scan.registry] - Found Conduit 2017-04-12 18:22:15 : [scan.registry] - Found FFPluginHp 2017-04-12 18:22:15 : [scan.registry] - Found Iminent 2017-04-12 18:22:15 : [scan.registry] - Found istartsurfSoftware 2017-04-12 18:22:15 : [scan.registry] - Found SearchModule 2017-04-12 18:22:15 : [scan.registry] - Found SearchProtect 2017-04-12 18:22:15 : [scan.registry] - Found searchult 2017-04-12 18:22:15 : [scan.registry] - Found SpeedBit 2017-04-12 18:22:15 : [scan.registry] - Found SEARCHPROTECT 2017-04-12 18:22:15 : [scan.registry] - Found youndooSoftware 2017-04-12 18:22:15 : [scan.registry] - Found OtherSearch 2017-04-12 18:22:15 : [scan.registry] - Found amule-custom 2017-04-12 18:22:15 : [scan.registry] - Found mtUtatity 2017-04-12 18:22:15 : [scan.registry] - Found InterSect Alliance 2017-04-12 18:22:15 : [scan.registry] - Found startpageing123Software 2017-04-12 18:22:15 : [scan.registry] - Found Fishjane 2017-04-12 18:22:15 : [scan.registry] - Found xvb`lj 2017-04-12 18:22:15 : [scan.registry] - Found msServer 2017-04-12 18:22:15 : [scan.registry] - Found {84416237-6490-494D-9AD6-4994DD978971} 2017-04-12 18:22:15 : [scan.registry] - Found {D01A33E2-0A34-4659-82AA-8A90C51C0D21} 2017-04-12 18:22:15 : [scan.registry] - Found IMBoosterARP 2017-04-12 18:22:15 : [scan.registry] - Found IminentToolbar 2017-04-12 18:22:15 : [scan.registry] - Found Linkey 2017-04-12 18:22:15 : [scan.registry] - Found SearchProtect 2017-04-12 18:22:15 : [scan.registry] - Found Vosteran.com 2017-04-12 18:22:16 : [scan.registry] - Found WajIntEnhance 2017-04-12 18:22:16 : [scan.registry] - Found SEARCHPROTECT 2017-04-12 18:22:16 : [scan.registry] - Found {59B5A9CD-253D-4C41-A073-B387D4C9672D} 2017-04-12 18:22:16 : [scan.registry] - Found {13D7C2E9-08E7-4889-94FF-87E707184E53} 2017-04-12 18:22:16 : [scan.registry] - Stopping registry scan [3] 2017-04-12 18:22:16 : [scan] - Progress: 80% 2017-04-12 18:22:16 : [scan.registry] - Starting registry scan [4] 2017-04-12 18:22:16 : [scan.registry] - Stopping registry scan [4] 2017-04-12 18:22:16 : [scan.registry] - Starting registry scan [5] 2017-04-12 18:22:16 : [scan.registry] - Stopping registry scan [5] 2017-04-12 18:22:16 : [scan] - Progress: 82% 2017-04-12 18:22:16 : [scan.registry] - Starting registry scan [6] 2017-04-12 18:22:16 : [scan.registry] - Stopping registry scan [6] 2017-04-12 18:22:16 : [scan.registry] - Starting registry scan [7] 2017-04-12 18:22:16 : [scan.registry] - Stopping registry scan [7] 2017-04-12 18:22:16 : [scan.registry] - Starting registry scan [8] 2017-04-12 18:22:16 : [scan.registry] - Stopping registry scan [8] 2017-04-12 18:22:16 : [scan] - Progress: 84% 2017-04-12 18:22:16 : [scan.registry] - Starting registry scan [9] 2017-04-12 18:22:16 : [scan.registry] - Stopping registry scan [9] 2017-04-12 18:22:16 : [scan.registry] - Starting registry scan [10] 2017-04-12 18:22:16 : [scan.registry] - Stopping registry scan [10] 2017-04-12 18:22:16 : [scan.registry] - Starting registry scan [11] 2017-04-12 18:22:16 : [scan.registry] - Found C:\ProgramData\Utatity\TransLax.dll 2017-04-12 18:22:16 : [scan.registry] - Stopping registry scan [11] 2017-04-12 18:22:16 : [scan.registry] - Starting registry scan [12] 2017-04-12 18:22:16 : [scan.registry] - Stopping registry scan [12] 2017-04-12 18:22:16 : [scan.registry] - Starting registry scan [13] 2017-04-12 18:22:16 : [scan.registry] - Stopping registry scan [13] 2017-04-12 18:22:16 : [scan.registry] - Starting registry scan [14] 2017-04-12 18:22:16 : [scan.registry] - Stopping registry scan [14] 2017-04-12 18:22:16 : [scan.registry] - Starting registry scan [15] 2017-04-12 18:22:16 : [scan.registry] - Stopping registry scan [15] 2017-04-12 18:22:16 : [scan.registry] - Starting registry scan [16] 2017-04-12 18:22:17 : [scan.registry] - Stopping registry scan [16] 2017-04-12 18:22:17 : [scan.registry] - Starting registry scan [17] 2017-04-12 18:22:17 : [scan.registry] - Stopping registry scan [17] 2017-04-12 18:22:17 : [scan.registry] - Starting registry scan [18] 2017-04-12 18:22:17 : [scan.registry] - Found msiql 2017-04-12 18:22:17 : [scan.registry] - Found DiskPower 2017-04-12 18:22:17 : [scan.registry] - Found AppTrailers 2017-04-12 18:22:17 : [scan.registry] - Stopping registry scan [18] 2017-04-12 18:22:17 : [scan] - Progress: 86% 2017-04-12 18:22:17 : [scan.registry] - Starting registry scan [19] 2017-04-12 18:22:17 : [scan.registry] - Found HKLM\SOFTWARE\Microsoft\Internet Explorer\SEARCHSCOPES\IELNKSRCH 2017-04-12 18:22:17 : [scan.registry] - Found HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\iSafeSvc2.exe 2017-04-12 18:22:17 : [scan.registry] - Found HKCU\Environment SNF 2017-04-12 18:22:17 : [scan.registry] - Found HKCU\Environment SNP 2017-04-12 18:22:17 : [scan.registry] - Found HKLM\SYSTEM\CurrentControlSet\Control\Class\{0C95ABFE-4FB6-49DB-B22F-0E1F5FC4BEEC} 2017-04-12 18:22:17 : [scan.registry] - Found HKLM\SYSTEM\CurrentControlSet\Control\Class\{EEEFACB3-729F-4484-B66D-E7A7917BBFC1} 2017-04-12 18:22:17 : [scan.registry] - Found HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\IELNKSRCH 2017-04-12 18:22:17 : [scan.registry] - Found HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved KuaiZip Shell Extension 2017-04-12 18:22:17 : [scan.registry] - Found HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost kuaizipupdatesvc 2017-04-12 18:22:17 : [scan.registry] - Found HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\KzShlobj 2017-04-12 18:22:17 : [scan.registry] - Found HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9 2017-04-12 18:22:17 : [scan.registry] - Found HKLM\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\KuaiZipShlExt 2017-04-12 18:22:17 : [scan.registry] - Found HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\KuaiZipShlExt 2017-04-12 18:22:17 : [scan.registry] - Found HKLM\SOFTWARE\Classes\AppID\QZipShell.DLL 2017-04-12 18:22:17 : [scan.registry] - Found HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost WinSAPSvc 2017-04-12 18:22:17 : [scan.registry] - Found HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\KuaiZipShlExt 2017-04-12 18:22:17 : [scan.registry] - Found HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SilentProcessExit\Utatity.exe 2017-04-12 18:22:17 : [scan.registry] - Found HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Utatity.exe 2017-04-12 18:22:17 : [scan.registry] - Found HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost WinSnare 2017-04-12 18:22:17 : [scan.registry] - Found HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost WinSnare 2017-04-12 18:22:17 : [scan.registry] - Found HKCU\SOFTWARE\Classes\ChromeHTML 2017-04-12 18:22:17 : [scan.registry] - Found HKCU\SOFTWARE\Clients\StartMenuInternet\ChromeHTML 2017-04-12 18:22:17 : [scan.registry] - Found HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost WINSNARE 2017-04-12 18:22:17 : [scan.registry] - Found HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost SNARER 2017-04-12 18:22:17 : [scan.registry] - Stopping registry scan [19] 2017-04-12 18:22:17 : [scan] - Progress: 88% 2017-04-12 18:22:17 : [scan.registry] - 150 malicious registry element found 2017-04-12 18:22:17 : [scan] - Progress: 90% 2017-04-12 18:22:17 : [main] - Firefox is installed: True 2017-04-12 18:22:17 : [scan.firefox] - Starting Firefox based browsers scan [1] 2017-04-12 18:22:21 : [scan.firefox] - Found HKLM\SOFTWARE\Mozilla\Firefox\Extensions [searchffv2@gmail.com] 2017-04-12 18:22:21 : [scan.firefox] - Found HKLM\SOFTWARE\Mozilla\Firefox\Extensions [sweetsearch@gmail.com] 2017-04-12 18:22:24 : [scan.firefox] - Found HKLM\SOFTWARE\Mozilla\Firefox\Extensions [searchffv2@gmail.com] 2017-04-12 18:22:25 : [scan.firefox] - Found HKLM\SOFTWARE\Mozilla\Firefox\Extensions [sweetsearch@gmail.com] 2017-04-12 18:22:27 : [scan.firefox] - Found HKLM\SOFTWARE\Mozilla\Firefox\Extensions [searchffv2@gmail.com] 2017-04-12 18:22:27 : [scan.firefox] - Found HKLM\SOFTWARE\Mozilla\Firefox\Extensions [sweetsearch@gmail.com] 2017-04-12 18:22:28 : [scan.firefox] - Stopping Firefox based browsers scan [1] 2017-04-12 18:22:28 : [scan.firefox] - Starting Firefox based browsers scan [2] 2017-04-12 18:22:28 : [scan.firefox] - Found C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\a4ycc3sr.default\searchplugins\startpageing123.xml 2017-04-12 18:22:29 : [scan.firefox] - Stopping Firefox based browsers scan [2] 2017-04-12 18:22:29 : [scan] - Progress: 92% 2017-04-12 18:22:29 : [scan.firefox] - Starting Firefox based browsers scan [3] 2017-04-12 18:22:29 : [scan.firefox] - Reading C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\a4ycc3sr.default\prefs.js 2017-04-12 18:22:29 : [scan.firefox] - Reading C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\a4ycc3sr.default\user.js 2017-04-12 18:22:29 : [scan.firefox] - Reading C:\Users\Vaishnavi\AppData\Roaming\Mozilla\Firefox\Profiles\al4wjjbd.default-1467199780811\prefs.js 2017-04-12 18:22:30 : [scan.firefox] - Reading C:\Users\Vaishnavi\AppData\Roaming\Mozilla\Firefox\Profiles\al4wjjbd.default-1467199780811\user.js 2017-04-12 18:22:30 : [scan.firefox] - Reading C:\Users\Vaishnavi\AppData\Roaming\Mozilla\Firefox\Profiles\oz7itdg9.default-1491669357601\prefs.js 2017-04-12 18:22:30 : [scan.firefox] - Reading C:\Users\Vaishnavi\AppData\Roaming\Mozilla\Firefox\Profiles\oz7itdg9.default-1491669357601\user.js 2017-04-12 18:22:30 : [scan.firefox] - Reading C:\Users\Varun\AppData\Roaming\Mozilla\Firefox\Profiles\rmbrwe3s.default\prefs.js 2017-04-12 18:22:30 : [scan.firefox] - Reading C:\Users\Varun\AppData\Roaming\Mozilla\Firefox\Profiles\rmbrwe3s.default\user.js 2017-04-12 18:22:30 : [scan.firefox] - No profile to scan, skipping 2017-04-12 18:22:30 : [scan.firefox] - No profile to scan, skipping 2017-04-12 18:22:30 : [scan.firefox] - No profile to scan, skipping 2017-04-12 18:22:30 : [scan] - Progress: 94% 2017-04-12 18:22:30 : [scan.firefox] - Stopping Firefox based browsers scan [3] 2017-04-12 18:22:30 : [scan.firefox] - 0 malicious Firefox preferences found 2017-04-12 18:22:30 : [scan] - Progress: 95% 2017-04-12 18:22:30 : [main] - Chrome is installed: True 2017-04-12 18:22:30 : [scan.chromium] - Starting Chromium based browsers scan [1] 2017-04-12 18:22:38 : [scan.chromium] - Found HKCU\Software\Google\Chrome\Extensions\jlcgehabolcakkjhgmgpkagpolbjlhfa 2017-04-12 18:22:39 : [scan.chromium] - Found C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej 2017-04-12 18:22:39 : [scan.chromium] - Found C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pilplloabdedfmialnfchjomjmpjcoej_0.localstorage 2017-04-12 18:22:39 : [scan.chromium] - Found C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pilplloabdedfmialnfchjomjmpjcoej_0.localstorage-journal 2017-04-12 18:22:39 : [scan.chromium] - Found C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_pilplloabdedfmialnfchjomjmpjcoej_0.localstorage 2017-04-12 18:22:39 : [scan.chromium] - Found HKLM\SOFTWARE\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej 2017-04-12 18:22:41 : [scan.chromium] - Stopping Chromium based browsers scan [1] 2017-04-12 18:22:41 : [scan] - Progress: 97% 2017-04-12 18:22:41 : [scan.chromium] - Starting Chromium based browsers scan [2] 2017-04-12 18:22:41 : [scan.chromium] - No profile to scan, skipping 2017-04-12 18:22:41 : [scan.chromium] - Opening C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data 2017-04-12 18:22:41 : [scan.chromium] - Closing C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data 2017-04-12 18:22:41 : [scan.chromium] - Opening C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences 2017-04-12 18:22:46 : [scan.chromium] - Found C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extensions] pilplloabdedfmialnfchjomjmpjcoej 2017-04-12 18:22:46 : [scan.chromium] - Opening C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data 2017-04-12 18:22:46 : [scan.chromium] - Closing C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data 2017-04-12 18:22:46 : [scan.chromium] - Opening C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Secure Preferences 2017-04-12 18:22:48 : [scan.chromium] - Opening C:\Users\Vaishnavi\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data 2017-04-12 18:22:48 : [scan.chromium] - Closing C:\Users\Vaishnavi\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data 2017-04-12 18:22:48 : [scan.chromium] - Opening C:\Users\Vaishnavi\AppData\Local\Google\Chrome\User Data\Profile 1\Secure Preferences 2017-04-12 18:22:50 : [scan.chromium] - Opening C:\Users\Vaishnavi\AppData\Local\Google\Chrome\User Data\Profile 2\Web Data 2017-04-12 18:22:50 : [scan.chromium] - Closing C:\Users\Vaishnavi\AppData\Local\Google\Chrome\User Data\Profile 2\Web Data 2017-04-12 18:22:50 : [scan.chromium] - Opening C:\Users\Vaishnavi\AppData\Local\Google\Chrome\User Data\Profile 2\Secure Preferences 2017-04-12 18:22:52 : [scan.chromium] - Opening C:\Users\Vaishnavi\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Web Data 2017-04-12 18:22:52 : [scan.chromium] - Closing C:\Users\Vaishnavi\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Web Data 2017-04-12 18:22:52 : [scan.chromium] - Opening C:\Users\Vaishnavi\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Secure Preferences 2017-04-12 18:23:09 : [scan.chromium] - Found C:\Users\Vaishnavi\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Secure Preferences] [Extensions] jlcgehabolcakkjhgmgpkagpolbjlhfa 2017-04-12 18:23:09 : [scan.chromium] - Found C:\Users\Vaishnavi\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Secure Preferences] [Extensions] pilplloabdedfmialnfchjomjmpjcoej 2017-04-12 18:23:09 : [scan.chromium] - Opening C:\Users\Varun\AppData\Local\Google\Chrome\User Data\Default\Web Data 2017-04-12 18:23:09 : [scan.chromium] - Closing C:\Users\Varun\AppData\Local\Google\Chrome\User Data\Default\Web Data 2017-04-12 18:23:09 : [scan.chromium] - Opening C:\Users\Varun\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences 2017-04-12 18:23:20 : [scan.chromium] - Found C:\Users\Varun\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extensions] cknghehebaconkajgiobncfleofebcog 2017-04-12 18:23:21 : [scan.chromium] - No profile to scan, skipping 2017-04-12 18:23:21 : [scan.chromium] - No profile to scan, skipping 2017-04-12 18:23:21 : [scan.chromium] - No profile to scan, skipping 2017-04-12 18:23:21 : [scan.chromium] - No profile to scan, skipping 2017-04-12 18:23:21 : [scan.chromium] - No profile to scan, skipping 2017-04-12 18:23:21 : [scan.chromium] - Stopping Chromium based browsers scan [2] 2017-04-12 18:23:21 : [scan] - Progress: 99% 2017-04-12 18:23:21 : [scan.chromium] - Starting Chromium based browsers scan [3] 2017-04-12 18:23:21 : [scan.chromium] - Stopping Chromium based browsers scan [3] 2017-04-12 18:23:21 : [scan.chromium] - 4 malicious Chromium preferences elements found 2017-04-12 18:23:21 : [scan] - Progress: 100% 2017-04-12 18:23:21 : [scan] - Stopping scan 2017-04-12 18:23:36 : [main.gui] - Clean requested 2017-04-12 18:23:41 : [main.gui] - Killing all processes 2017-04-12 18:23:41 : [main] - Killing [System Process](0) 2017-04-12 18:23:41 : [main] - Killing System(4) 2017-04-12 18:23:41 : [main] - smss.exe - (4) not killed - whitelisted 2017-04-12 18:23:41 : [main] - csrss.exe - (4) not killed - whitelisted 2017-04-12 18:23:41 : [main] - wininit.exe - (4) not killed - whitelisted 2017-04-12 18:23:41 : [main] - services.exe - (4) not killed - whitelisted 2017-04-12 18:23:41 : [main] - lsass.exe - (4) not killed - whitelisted 2017-04-12 18:23:41 : [main] - svchost.exe - (4) not killed - whitelisted 2017-04-12 18:23:41 : [main] - svchost.exe - (4) not killed - whitelisted 2017-04-12 18:23:41 : [main] - svchost.exe - (4) not killed - whitelisted 2017-04-12 18:23:41 : [main] - svchost.exe - (4) not killed - whitelisted 2017-04-12 18:23:41 : [main] - svchost.exe - (4) not killed - whitelisted 2017-04-12 18:23:41 : [main] - svchost.exe - (4) not killed - whitelisted 2017-04-12 18:23:41 : [main] - svchost.exe - (4) not killed - whitelisted 2017-04-12 18:23:41 : [main] - dasHost.exe - (4) not killed - whitelisted 2017-04-12 18:23:41 : [main] - svchost.exe - (4) not killed - whitelisted 2017-04-12 18:23:41 : [main] - svchost.exe - (4) not killed - whitelisted 2017-04-12 18:23:41 : [main] - svchost.exe - (4) not killed - whitelisted 2017-04-12 18:23:41 : [main] - svchost.exe - (4) not killed - whitelisted 2017-04-12 18:23:41 : [main] - Killing afwServ.exe(2320) 2017-04-12 18:23:41 : [main] - svchost.exe - (2320) not killed - whitelisted 2017-04-12 18:23:41 : [main] - svchost.exe - (2320) not killed - whitelisted 2017-04-12 18:23:41 : [main] - TeamViewer_Service.exe - (2320) not killed - whitelisted 2017-04-12 18:23:41 : [main] - svchost.exe - (2320) not killed - whitelisted 2017-04-12 18:23:41 : [main] - Killing Memory Compression(2844) 2017-04-12 18:23:41 : [main] - DMAgent.exe - (2844) not killed - whitelisted 2017-04-12 18:23:41 : [main] - WmiPrvSE.exe - (2844) not killed - whitelisted 2017-04-12 18:23:41 : [main] - svchost.exe - (2844) not killed - whitelisted 2017-04-12 18:23:41 : [main] - svchost.exe - (2844) not killed - whitelisted 2017-04-12 18:23:41 : [main] - svchost.exe - (2844) not killed - whitelisted 2017-04-12 18:23:41 : [main] - Killing AvastSvc.exe(9788) 2017-04-12 18:23:41 : [main] - Killing spoolsv.exe(6100) 2017-04-12 18:23:41 : [main] - Killing SearchIndexer.exe(4904) 2017-04-12 18:23:41 : [main] - Killing AppSrv.exe(892) 2017-04-12 18:23:41 : [main] - Killing btwdins.exe(9008) 2017-04-12 18:23:41 : [main] - Killing CsrBtService.exe(3580) 2017-04-12 18:23:41 : [main] - Killing OSPPSVC.EXE(4680) 2017-04-12 18:23:41 : [main] - csrss.exe - (4680) not killed - whitelisted 2017-04-12 18:23:41 : [main] - winlogon.exe - (4680) not killed - whitelisted 2017-04-12 18:23:41 : [main] - dwm.exe - (4680) not killed - whitelisted 2017-04-12 18:23:41 : [main] - sihost.exe - (4680) not killed - whitelisted 2017-04-12 18:23:41 : [main] - svchost.exe - (4680) not killed - whitelisted 2017-04-12 18:23:41 : [main] - Killing taskhostw.exe(2868) 2017-04-12 18:23:41 : [main] - Killing RuntimeBroker.exe(9872) 2017-04-12 18:23:41 : [main] - explorer.exe - (9872) not killed - whitelisted 2017-04-12 18:23:41 : [main] - Killing ShellExperienceHost.exe(5960) 2017-04-12 18:23:42 : [main] - SearchUI.exe - (5960) not killed - whitelisted 2017-04-12 18:23:42 : [main] - Killing SkypeHost.exe(3708) 2017-04-12 18:23:42 : [main] - Killing AsusTPLoader.exe(9368) 2017-04-12 18:23:42 : [main] - Killing AvastUI.exe(6160) 2017-04-12 18:23:42 : [main] - Killing SynTPEnh.exe(5072) 2017-04-12 18:23:42 : [main] - Killing SynTPHelper.exe(5276) 2017-04-12 18:23:42 : [main] - Killing jusched.exe(7576) 2017-04-12 18:23:43 : [main] - Killing igfxtray.exe(260) 2017-04-12 18:23:43 : [main] - hkcmd.exe - (260) not killed - whitelisted 2017-04-12 18:23:43 : [main] - Killing YCMMirage.exe(5520) 2017-04-12 18:23:43 : [main] - Killing igfxpers.exe(9600) 2017-04-12 18:23:43 : [main] - Killing HarmonyUserStartup.exe(6096) 2017-04-12 18:23:43 : [main] - Killing vksts.exe(4988) 2017-04-12 18:23:43 : [main] - Killing TrayApplication.exe(8904) 2017-04-12 18:23:43 : [main] - Killing CsrBtOBEXService.exe(9148) 2017-04-12 18:23:43 : [main] - Killing AsusTPCenter.exe(6504) 2017-04-12 18:23:43 : [main] - Killing AsusSGPlusBTServer.exe(9944) 2017-04-12 18:23:43 : [main] - Killing AsusSmartGestureDetector.exe(4180) 2017-04-12 18:23:43 : [main] - Killing AsusTPHelper.exe(9464) 2017-04-12 18:23:43 : [main] - Killing RemindersServer.exe(7632) 2017-04-12 18:23:43 : [main] - fontdrvhost.exe - (7632) not killed - whitelisted 2017-04-12 18:23:43 : [main] - Killing SettingSyncHost.exe(6404) 2017-04-12 18:23:43 : [main] - InstallAgent.exe - (6404) not killed - whitelisted 2017-04-12 18:23:43 : [main] - Killing CompatTelRunner.exe(6236) 2017-04-12 18:23:43 : [main] - conhost.exe - (6236) not killed - whitelisted 2017-04-12 18:23:43 : [main] - Killing CompatTelRunner.exe(7692) 2017-04-12 18:23:44 : [main] - Killing InstallAgentUserBroker.exe(4944) 2017-04-12 18:23:44 : [main] - svchost.exe - (4944) not killed - whitelisted 2017-04-12 18:23:44 : [main] - Killing SearchProtocolHost.exe(0) 2017-04-12 18:23:44 : [main] - Killing dllhost.exe(4124) 2017-04-12 18:23:44 : [main] - Killing ctfmon.exe(8120) 2017-04-12 18:23:44 : [main] - adwcleaner_6.045(1).exe - (8120) not killed - whitelisted 2017-04-12 18:23:44 : [main] - Killing SystemSettingsBroker.exe(0) 2017-04-12 18:23:44 : [main] - Killing SearchFilterHost.exe(0) 2017-04-12 18:23:44 : [main] - Killing audiodg.exe(5192) 2017-04-12 18:23:44 : [main] - Killing backgroundTaskHost.exe(6944) 2017-04-12 18:23:44 : [main] - Killing backgroundTaskHost.exe(6548) 2017-04-12 18:23:44 : [main] - Killing backgroundTaskHost.exe(0) 2017-04-12 18:23:44 : [quarantine] - Quarantine database successfully opened 2017-04-12 18:23:44 : [clean] - Progress: 0% 2017-04-12 18:23:44 : [clean.services] - Starting services clean 2017-04-12 18:23:44 : [clean.services] - Stopping services clean 2017-04-12 18:23:44 : [clean] - Progress: 10% 2017-04-12 18:23:44 : [clean.folders] - Starting folders clean 2017-04-12 18:40:15 : INFO [main] - >>>> STARTING <<<< 2017-04-12 18:40:15 : INFO [main] - Version: 6.045 2017-04-12 18:40:15 : INFO [main] - RAM Usage: 53 2017-04-12 18:40:15 : INFO [main] - OS: WIN_10 X86 2017-04-12 18:40:15 : [main.language] - Checking the language 2017-04-12 18:40:15 : [main.language] - Language found: en 2017-04-12 18:40:15 : [main.network] - Checking the network connectivity 2017-04-12 18:40:15 : [main.network] - Network connectivity status: True 2017-04-12 18:40:15 : [main.eula] - Checking for EULA agreement 2017-04-12 18:40:15 : [main.network] - Check for updates 2017-04-12 18:40:15 : [main.network] - Requesting the last release number 2017-04-12 18:40:17 : [main.network] - The current version is up-to-date 2017-04-12 18:40:17 : [main.gui] - GUI setup 2017-04-12 18:40:17 : [main.gui] - Languages setup 2017-04-12 18:40:17 : [main] - Chrome is installed: True 2017-04-12 18:40:17 : [main] - Firefox is installed: True 2017-04-12 18:40:17 : [main.gui] - Showing the gui 2017-04-12 18:40:19 : [main.gui] - Scan requested 2017-04-12 18:40:19 : [scan] - Running from: C:\AdwCleaner 2017-04-12 18:40:19 : [scan] - Progress: 0% 2017-04-12 18:40:19 : [database] - Checking for database updates 2017-04-12 18:40:19 : [main.network] - Requesting the latest database release number 2017-04-12 18:40:21 : [main.network] - Latest definitions: ce5e6b43ed0df5889c92044333ba91a9 2017-04-12 18:40:21 : [database] - Database already up-to-date: CE5E6B43ED0DF5889C92044333BA91A9 2017-04-12 18:40:21 : [scan] - Progress: 5% 2017-04-12 18:40:21 : [database] - Initialize the database 2017-04-12 18:40:21 : [database] - Loading sqlite3.dll 2017-04-12 18:40:21 : [database] - Opening the database 2017-04-12 18:40:21 : [database] - Querying database's version 2017-04-12 18:40:22 : [database] - Loading internal data 2017-04-12 18:40:22 : [database] - Loading detections 2017-04-12 18:40:26 : [database] - Loading generics 2017-04-12 18:40:26 : [database] - Closing the database 2017-04-12 18:40:26 : [database] - Closing database 2017-04-12 18:40:26 : [database] - Unloading sqlite3.dll 2017-04-12 18:40:26 : [scan] - Progress: 15% 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [1] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [2] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [3] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [4] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [5] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [6] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [7] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [8] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [9] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [10] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [11] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [12] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [13] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [14] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [15] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [16] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [17] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [18] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [19] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [20] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [21] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [22] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [23] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [24] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [25] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [26] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [27] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [28] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [29] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [30] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [31] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [32] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [33] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [34] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [35] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [36] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [37] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [38] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [39] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [40] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [41] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [42] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [43] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [44] 2017-04-12 18:40:26 : [scan.generic] - Generating generic detections [45] 2017-04-12 18:40:26 : [scan.generic] - Generic detections generated 2017-04-12 18:40:26 : [scan] - Progress: 20% 2017-04-12 18:40:26 : [scan.generic] - Starting generic analysis 2017-04-12 18:40:28 : [scan.generic] - Found HKLM\SOFTWARE\5b952a37-ebad-c0b3-e5d4-92d30f6ce1bc 2017-04-12 18:40:28 : [scan.generic] - Found Tafewardkinerpy 2017-04-12 18:40:31 : [scan] - Progress: 30% 2017-04-12 18:40:31 : [scan.services] - Starting services scan [1] 2017-04-12 18:40:31 : [scan.registry] - Found WindowsMangerProtect 2017-04-12 18:40:31 : [scan.registry] - Found GoogleChromeUpService 2017-04-12 18:40:31 : [scan.registry] - Found FirefoxU 2017-04-12 18:40:31 : [scan.registry] - Found WinSnare 2017-04-12 18:40:31 : [scan.registry] - Found windowsmangerprotect 2017-04-12 18:40:31 : [scan.registry] - Found googlechromeupservice 2017-04-12 18:40:31 : [scan.registry] - Found SNARER 2017-04-12 18:40:31 : [scan.services] - Stopping services scan [1] 2017-04-12 18:40:31 : [scan.services] - Starting services scan [2] 2017-04-12 18:40:32 : [scan.services] - Stopping services scan [2] 2017-04-12 18:40:32 : [scan.services] - 0 malicious services found 2017-04-12 18:40:32 : [scan] - Progress: 40% 2017-04-12 18:40:32 : [scan.folders] - Starting folders scan 2017-04-12 18:41:15 : [scan.folders] - Found C:\Users\Vaishnavi\AppData\Roaming\Firefox 2017-04-12 18:41:15 : [scan.folders] - Found C:\Users\Vaishnavi\AppData\Local\Firefox 2017-04-12 18:41:15 : [scan.folders] - Stopping folders scan 2017-04-12 18:41:15 : [scan.folders] - 2 malicious folders found 2017-04-12 18:41:15 : [scan] - Progress: 50% 2017-04-12 18:41:15 : [scan.files] - Starting files scan 2017-04-12 18:41:18 : [scan.files] - Found C:\Users\Vaishnavi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet-Explorer Browser.lnk 2017-04-12 18:41:19 : [scan.files] - Found C:\Users\Vaishnavi\AppData\Roaming\Microsoft\Windows\Start Menu\¿ìѹ.lnk 2017-04-12 18:41:25 : [scan.files] - Found C:\WINDOWS\system32\findit.xml 2017-04-12 18:41:25 : [scan.files] - Found C:\WINDOWS\system32\drivers\iSafeKrnlBoot.sys 2017-04-12 18:41:25 : [scan.files] - Found C:\WINDOWS\system32\drivers\KuaiZipDrive.sys 2017-04-12 18:41:26 : [scan.files] - Found C:\WINDOWS\rsrcs.dll 2017-04-12 18:41:26 : [scan.files] - Found C:\Program Files\settings.dat 2017-04-12 18:41:26 : [scan.files] - Found C:\Users\Public\Documents\temp.dat 2017-04-12 18:41:26 : [scan.files] - Found C:\Users\Public\Documents\report.dat 2017-04-12 18:41:26 : [scan.files] - Stopping files scan 2017-04-12 18:41:26 : [scan.files] - 9 malicious files found 2017-04-12 18:41:26 : [scan] - Progress: 55% 2017-04-12 18:41:26 : [scan.dll] - Starting DLL scan 2017-04-12 18:41:26 : [scan.dll] - Stopping DLL scan 2017-04-12 18:41:26 : [scan.dll] - 0 malicious DLL found 2017-04-12 18:41:26 : [scan] - Progress: 60% 2017-04-12 18:41:26 : [scan.wmi] - Starting WMI scan 2017-04-12 18:41:27 : [scan.wmi] - Found \root\subscription 2017-04-12 18:41:27 : [scan.wmi] - Stopping WMI scan 2017-04-12 18:41:27 : [scan.wmi] - 1 malicious WMI found 2017-04-12 18:41:27 : [scan] - Progress: 65% 2017-04-12 18:41:27 : [scan.shortcuts] - Starting shortcuts scan 2017-04-12 18:41:27 : [scan.shortcuts] - Cannot scan C:\Users\Vaishnavi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet-Explorer Browser.lnk 2017-04-12 18:41:27 : [scan.shortcuts] - Stopping shortcuts scan 2017-04-12 18:41:27 : [scan.shortcuts] - 0 malicious shortcuts found 2017-04-12 18:41:27 : [scan] - Progress: 70% 2017-04-12 18:41:27 : [scan.tasks] - Starting tasks scan 2017-04-12 18:41:28 : [scan.tasks] - Found Milimili 2017-04-12 18:41:28 : [scan.tasks] - Found iorrt 2017-04-12 18:41:28 : [scan.tasks] - Found Windows-PG 2017-04-12 18:41:28 : [scan.tasks] - Stopping tasks scan 2017-04-12 18:41:28 : [scan.tasks] - 4 malicious tasks found 2017-04-12 18:41:28 : [scan] - Progress: 75% 2017-04-12 18:41:28 : [scan.registry] - Starting registry scan [1] 2017-04-12 18:41:29 : [scan.registry] - Found Fishjanesc 2017-04-12 18:41:29 : [scan.registry] - Found QZipShell.ContextMenuExt 2017-04-12 18:41:29 : [scan.registry] - Found QZipShell.ContextMenuExt.1 2017-04-12 18:41:29 : [scan.registry] - Found QZipShell.DragDropMenu 2017-04-12 18:41:29 : [scan.registry] - Found QZipShell.DragDropMenu.1 2017-04-12 18:41:29 : [scan.registry] - Found QZipShell.KYDropHandler 2017-04-12 18:41:29 : [scan.registry] - Found QZipShell.KYDropHandler.1 2017-04-12 18:41:29 : [scan.registry] - Found QZipShell.KzShlobj 2017-04-12 18:41:29 : [scan.registry] - Found QZipShell.KzShlobj.1 2017-04-12 18:41:29 : [scan.registry] - Found QZipShell.PropertyExt 2017-04-12 18:41:29 : [scan.registry] - Found QZipShell.PropertyExt.1 2017-04-12 18:41:30 : [scan.registry] - Stopping registry scan [1] 2017-04-12 18:41:30 : [scan.registry] - Starting registry scan [2] 2017-04-12 18:41:32 : [scan.registry] - Found {9CC34070-3A38-4C7A-89CB-EF8177EF07A1} 2017-04-12 18:41:32 : [scan.registry] - Found {2FB831EA-DA68-4A66-8E31-A2D976A6296C} 2017-04-12 18:41:32 : [scan.registry] - Found {3DCCD550-7586-40D2-A51D-D2F98EC06B3C} 2017-04-12 18:41:32 : [scan.registry] - Found {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} 2017-04-12 18:41:32 : [scan.registry] - Found {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} 2017-04-12 18:41:32 : [scan.registry] - Found {C9487131-EF4C-40D9-BA70-E85356CAF67E} 2017-04-12 18:41:33 : [scan.registry] - Found {86C4C3BA-4EA4-4CF8-98B9-6B07B477B835} 2017-04-12 18:41:34 : [scan.registry] - Found {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} 2017-04-12 18:41:37 : [scan.registry] - Stopping registry scan [2] 2017-04-12 18:41:37 : [scan.registry] - Starting registry scan [3] 2017-04-12 18:41:37 : [scan.registry] - Found KuaiZip 2017-04-12 18:41:37 : [scan.registry] - Found UpgSvr 2017-04-12 18:41:37 : [scan.registry] - Found xvb`lj 2017-04-12 18:41:37 : [scan.registry] - Found {12DA0E6F-5543-440C-BAA2-28BF01070AFA} 2017-04-12 18:41:38 : [scan.registry] - Found APN PIP 2017-04-12 18:41:38 : [scan.registry] - Found AskPartnerNetwork 2017-04-12 18:41:38 : [scan.registry] - Found HomeTab 2017-04-12 18:41:38 : [scan.registry] - Found Kromtech 2017-04-12 18:41:38 : [scan.registry] - Found Mozilla\Extends 2017-04-12 18:41:38 : [scan.registry] - Found PIP 2017-04-12 18:41:38 : [scan.registry] - Found PRODUCTSETUP 2017-04-12 18:41:38 : [scan.registry] - Found SearchProtectWS 2017-04-12 18:41:38 : [scan.registry] - Found simplytech 2017-04-12 18:41:38 : [scan.registry] - Found Simplytech\HomeTab 2017-04-12 18:41:38 : [scan.registry] - Found TNT2 2017-04-12 18:41:38 : [scan.registry] - Found csastats 2017-04-12 18:41:38 : [scan.registry] - Found SIMPLYTECH 2017-04-12 18:41:38 : [scan.registry] - Found KuaiZip 2017-04-12 18:41:38 : [scan.registry] - Found mtUtatity 2017-04-12 18:41:38 : [scan.registry] - Found WinSnare 2017-04-12 18:41:38 : [scan.registry] - Found Fishjane 2017-04-12 18:41:38 : [scan.registry] - Found deskapp 2017-04-12 18:41:38 : [scan.registry] - Found {12DA0E6F-5543-440C-BAA2-28BF01070AFA} 2017-04-12 18:41:38 : [scan.registry] - Found {4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9} 2017-04-12 18:41:38 : [scan.registry] - Found {D01A33E2-0A34-4659-82AA-8A90C51C0D21} 2017-04-12 18:41:38 : [scan.registry] - Found IMBoosterARP 2017-04-12 18:41:38 : [scan.registry] - Found IminentToolbar 2017-04-12 18:41:38 : [scan.registry] - Found SearchProtect 2017-04-12 18:41:38 : [scan.registry] - Found Vosteran.com 2017-04-12 18:41:38 : [scan.registry] - Found WajIntEnhance 2017-04-12 18:41:38 : [scan.registry] - Found SEARCHPROTECT 2017-04-12 18:41:39 : [scan.registry] - Found {12DA0E6F-5543-440C-BAA2-28BF01070AFA} 2017-04-12 18:41:40 : [scan.registry] - Found Installer 2017-04-12 18:41:40 : [scan.registry] - Found AutoTime 2017-04-12 18:41:40 : [scan.registry] - Found SNDA 2017-04-12 18:41:40 : [scan.registry] - Found mtUtatity 2017-04-12 18:41:40 : [scan.registry] - Found MICROSOFT\wewewe 2017-04-12 18:41:40 : [scan.registry] - Found WinSnare 2017-04-12 18:41:40 : [scan.registry] - Found dlr 2017-04-12 18:41:40 : [scan.registry] - Found PopWnd 2017-04-12 18:41:40 : [scan.registry] - Found UpgSvr 2017-04-12 18:41:40 : [scan.registry] - Found deskapp 2017-04-12 18:41:40 : [scan.registry] - Found {12DA0E6F-5543-440C-BAA2-28BF01070AFA} 2017-04-12 18:41:41 : [scan.registry] - Found AppTrailers 2017-04-12 18:41:41 : [scan.registry] - Found KuaiZip 2017-04-12 18:41:41 : [scan.registry] - Found UpgSvr 2017-04-12 18:41:41 : [scan.registry] - Found xvb`lj 2017-04-12 18:41:41 : [scan.registry] - Found {12DA0E6F-5543-440C-BAA2-28BF01070AFA} 2017-04-12 18:41:42 : [scan.registry] - Found Installer 2017-04-12 18:41:42 : [scan.registry] - Found AutoTime 2017-04-12 18:41:42 : [scan.registry] - Found SNDA 2017-04-12 18:41:42 : [scan.registry] - Found mtUtatity 2017-04-12 18:41:42 : [scan.registry] - Found MICROSOFT\wewewe 2017-04-12 18:41:42 : [scan.registry] - Found WinSnare 2017-04-12 18:41:42 : [scan.registry] - Found dlr 2017-04-12 18:41:42 : [scan.registry] - Found PopWnd 2017-04-12 18:41:42 : [scan.registry] - Found UpgSvr 2017-04-12 18:41:42 : [scan.registry] - Found deskapp 2017-04-12 18:41:42 : [scan.registry] - Found {12DA0E6F-5543-440C-BAA2-28BF01070AFA} 2017-04-12 18:41:42 : [scan.registry] - Found AppTrailers 2017-04-12 18:41:42 : [scan.registry] - Found {12A61307-94CD-4F8E-94BC-918E511FAA81} 2017-04-12 18:41:42 : [scan.registry] - Found {12DA0E6F-5543-440C-BAA2-28BF01070AFA} 2017-04-12 18:41:42 : [scan.registry] - Found {3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} 2017-04-12 18:41:42 : [scan.registry] - Found {4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9} 2017-04-12 18:41:42 : [scan.registry] - Found AIM Toolbar 2017-04-12 18:41:42 : [scan.registry] - Found AskPartnerNetwork 2017-04-12 18:41:42 : [scan.registry] - Found Conduit 2017-04-12 18:41:42 : [scan.registry] - Found FFPluginHp 2017-04-12 18:41:42 : [scan.registry] - Found Iminent 2017-04-12 18:41:42 : [scan.registry] - Found istartsurfSoftware 2017-04-12 18:41:42 : [scan.registry] - Found SearchModule 2017-04-12 18:41:42 : [scan.registry] - Found SearchProtect 2017-04-12 18:41:42 : [scan.registry] - Found searchult 2017-04-12 18:41:42 : [scan.registry] - Found SpeedBit 2017-04-12 18:41:42 : [scan.registry] - Found SEARCHPROTECT 2017-04-12 18:41:42 : [scan.registry] - Found youndooSoftware 2017-04-12 18:41:42 : [scan.registry] - Found OtherSearch 2017-04-12 18:41:42 : [scan.registry] - Found amule-custom 2017-04-12 18:41:42 : [scan.registry] - Found mtUtatity 2017-04-12 18:41:42 : [scan.registry] - Found InterSect Alliance 2017-04-12 18:41:42 : [scan.registry] - Found startpageing123Software 2017-04-12 18:41:42 : [scan.registry] - Found Fishjane 2017-04-12 18:41:42 : [scan.registry] - Found xvb`lj 2017-04-12 18:41:42 : [scan.registry] - Found msServer 2017-04-12 18:41:42 : [scan.registry] - Found {84416237-6490-494D-9AD6-4994DD978971} 2017-04-12 18:41:42 : [scan.registry] - Found {D01A33E2-0A34-4659-82AA-8A90C51C0D21} 2017-04-12 18:41:42 : [scan.registry] - Found IMBoosterARP 2017-04-12 18:41:42 : [scan.registry] - Found IminentToolbar 2017-04-12 18:41:42 : [scan.registry] - Found Linkey 2017-04-12 18:41:42 : [scan.registry] - Found SearchProtect 2017-04-12 18:41:42 : [scan.registry] - Found Vosteran.com 2017-04-12 18:41:42 : [scan.registry] - Found WajIntEnhance 2017-04-12 18:41:42 : [scan.registry] - Found SEARCHPROTECT 2017-04-12 18:41:42 : [scan.registry] - Found {59B5A9CD-253D-4C41-A073-B387D4C9672D} 2017-04-12 18:41:42 : [scan.registry] - Found {13D7C2E9-08E7-4889-94FF-87E707184E53} 2017-04-12 18:41:43 : [scan.registry] - Stopping registry scan [3] 2017-04-12 18:41:43 : [scan] - Progress: 80% 2017-04-12 18:41:43 : [scan.registry] - Starting registry scan [4] 2017-04-12 18:41:43 : [scan.registry] - Stopping registry scan [4] 2017-04-12 18:41:43 : [scan.registry] - Starting registry scan [5] 2017-04-12 18:41:43 : [scan.registry] - Stopping registry scan [5] 2017-04-12 18:41:43 : [scan] - Progress: 82% 2017-04-12 18:41:43 : [scan.registry] - Starting registry scan [6] 2017-04-12 18:41:43 : [scan.registry] - Stopping registry scan [6] 2017-04-12 18:41:43 : [scan.registry] - Starting registry scan [7] 2017-04-12 18:41:43 : [scan.registry] - Stopping registry scan [7] 2017-04-12 18:41:43 : [scan.registry] - Starting registry scan [8] 2017-04-12 18:41:43 : [scan.registry] - Stopping registry scan [8] 2017-04-12 18:41:43 : [scan] - Progress: 84% 2017-04-12 18:41:43 : [scan.registry] - Starting registry scan [9] 2017-04-12 18:41:43 : [scan.registry] - Stopping registry scan [9] 2017-04-12 18:41:43 : [scan.registry] - Starting registry scan [10] 2017-04-12 18:41:43 : [scan.registry] - Stopping registry scan [10] 2017-04-12 18:41:43 : [scan.registry] - Starting registry scan [11] 2017-04-12 18:41:43 : [scan.registry] - Found C:\ProgramData\Utatity\TransLax.dll 2017-04-12 18:41:43 : [scan.registry] - Stopping registry scan [11] 2017-04-12 18:41:43 : [scan.registry] - Starting registry scan [12] 2017-04-12 18:41:43 : [scan.registry] - Stopping registry scan [12] 2017-04-12 18:41:43 : [scan.registry] - Starting registry scan [13] 2017-04-12 18:41:43 : [scan.registry] - Stopping registry scan [13] 2017-04-12 18:41:43 : [scan.registry] - Starting registry scan [14] 2017-04-12 18:41:43 : [scan.registry] - Stopping registry scan [14] 2017-04-12 18:41:43 : [scan.registry] - Starting registry scan [15] 2017-04-12 18:41:43 : [scan.registry] - Stopping registry scan [15] 2017-04-12 18:41:43 : [scan.registry] - Starting registry scan [16] 2017-04-12 18:41:43 : [scan.registry] - Stopping registry scan [16] 2017-04-12 18:41:43 : [scan.registry] - Starting registry scan [17] 2017-04-12 18:41:43 : [scan.registry] - Stopping registry scan [17] 2017-04-12 18:41:43 : [scan.registry] - Starting registry scan [18] 2017-04-12 18:41:44 : [scan.registry] - Found msiql 2017-04-12 18:41:44 : [scan.registry] - Found DiskPower 2017-04-12 18:41:44 : [scan.registry] - Found AppTrailers 2017-04-12 18:41:44 : [scan.registry] - Stopping registry scan [18] 2017-04-12 18:41:44 : [scan] - Progress: 86% 2017-04-12 18:41:44 : [scan.registry] - Starting registry scan [19] 2017-04-12 18:41:44 : [scan.registry] - Found HKLM\SOFTWARE\Microsoft\Internet Explorer\SEARCHSCOPES\IELNKSRCH 2017-04-12 18:41:44 : [scan.registry] - Found HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\iSafeSvc2.exe 2017-04-12 18:41:44 : [scan.registry] - Found HKCU\Environment SNF 2017-04-12 18:41:44 : [scan.registry] - Found HKCU\Environment SNP 2017-04-12 18:41:44 : [scan.registry] - Found HKLM\SYSTEM\CurrentControlSet\Control\Class\{0C95ABFE-4FB6-49DB-B22F-0E1F5FC4BEEC} 2017-04-12 18:41:44 : [scan.registry] - Found HKLM\SYSTEM\CurrentControlSet\Control\Class\{EEEFACB3-729F-4484-B66D-E7A7917BBFC1} 2017-04-12 18:41:44 : [scan.registry] - Found HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\IELNKSRCH 2017-04-12 18:41:44 : [scan.registry] - Found HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved KuaiZip Shell Extension 2017-04-12 18:41:44 : [scan.registry] - Found HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost kuaizipupdatesvc 2017-04-12 18:41:44 : [scan.registry] - Found HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\KzShlobj 2017-04-12 18:41:44 : [scan.registry] - Found HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9 2017-04-12 18:41:44 : [scan.registry] - Found HKLM\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\KuaiZipShlExt 2017-04-12 18:41:44 : [scan.registry] - Found HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\KuaiZipShlExt 2017-04-12 18:41:44 : [scan.registry] - Found HKLM\SOFTWARE\Classes\AppID\QZipShell.DLL 2017-04-12 18:41:44 : [scan.registry] - Found HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost WinSAPSvc 2017-04-12 18:41:44 : [scan.registry] - Found HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\KuaiZipShlExt 2017-04-12 18:41:44 : [scan.registry] - Found HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SilentProcessExit\Utatity.exe 2017-04-12 18:41:44 : [scan.registry] - Found HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Utatity.exe 2017-04-12 18:41:44 : [scan.registry] - Found HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost WinSnare 2017-04-12 18:41:44 : [scan.registry] - Found HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost WinSnare 2017-04-12 18:41:44 : [scan.registry] - Found HKCU\SOFTWARE\Classes\ChromeHTML 2017-04-12 18:41:44 : [scan.registry] - Found HKCU\SOFTWARE\Clients\StartMenuInternet\ChromeHTML 2017-04-12 18:41:44 : [scan.registry] - Found HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost WINSNARE 2017-04-12 18:41:44 : [scan.registry] - Found HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost SNARER 2017-04-12 18:41:44 : [scan.registry] - Stopping registry scan [19] 2017-04-12 18:41:44 : [scan] - Progress: 88% 2017-04-12 18:41:44 : [scan.registry] - 150 malicious registry element found 2017-04-12 18:41:44 : [scan] - Progress: 90% 2017-04-12 18:41:44 : [main] - Firefox is installed: True 2017-04-12 18:41:44 : [scan.firefox] - Starting Firefox based browsers scan [1] 2017-04-12 18:41:47 : [scan.firefox] - Found HKLM\SOFTWARE\Mozilla\Firefox\Extensions [searchffv2@gmail.com] 2017-04-12 18:41:48 : [scan.firefox] - Found HKLM\SOFTWARE\Mozilla\Firefox\Extensions [sweetsearch@gmail.com] 2017-04-12 18:41:50 : [scan.firefox] - Found HKLM\SOFTWARE\Mozilla\Firefox\Extensions [searchffv2@gmail.com] 2017-04-12 18:41:50 : [scan.firefox] - Found HKLM\SOFTWARE\Mozilla\Firefox\Extensions [sweetsearch@gmail.com] 2017-04-12 18:41:53 : [scan.firefox] - Found HKLM\SOFTWARE\Mozilla\Firefox\Extensions [searchffv2@gmail.com] 2017-04-12 18:41:53 : [scan.firefox] - Found HKLM\SOFTWARE\Mozilla\Firefox\Extensions [sweetsearch@gmail.com] 2017-04-12 18:41:53 : [scan.firefox] - Stopping Firefox based browsers scan [1] 2017-04-12 18:41:53 : [scan.firefox] - Starting Firefox based browsers scan [2] 2017-04-12 18:41:54 : [scan.firefox] - Found C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\a4ycc3sr.default\searchplugins\startpageing123.xml 2017-04-12 18:41:54 : [scan.firefox] - Stopping Firefox based browsers scan [2] 2017-04-12 18:41:54 : [scan] - Progress: 92% 2017-04-12 18:41:54 : [scan.firefox] - Starting Firefox based browsers scan [3] 2017-04-12 18:41:54 : [scan.firefox] - Reading C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\a4ycc3sr.default\prefs.js 2017-04-12 18:41:55 : [scan.firefox] - Reading C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\a4ycc3sr.default\user.js 2017-04-12 18:41:55 : [scan.firefox] - Reading C:\Users\Vaishnavi\AppData\Roaming\Mozilla\Firefox\Profiles\al4wjjbd.default-1467199780811\prefs.js 2017-04-12 18:41:55 : [scan.firefox] - Reading C:\Users\Vaishnavi\AppData\Roaming\Mozilla\Firefox\Profiles\al4wjjbd.default-1467199780811\user.js 2017-04-12 18:41:55 : [scan.firefox] - Reading C:\Users\Vaishnavi\AppData\Roaming\Mozilla\Firefox\Profiles\oz7itdg9.default-1491669357601\prefs.js 2017-04-12 18:41:55 : [scan.firefox] - Reading C:\Users\Vaishnavi\AppData\Roaming\Mozilla\Firefox\Profiles\oz7itdg9.default-1491669357601\user.js 2017-04-12 18:41:55 : [scan.firefox] - Reading C:\Users\Varun\AppData\Roaming\Mozilla\Firefox\Profiles\rmbrwe3s.default\prefs.js 2017-04-12 18:41:55 : [scan.firefox] - Reading C:\Users\Varun\AppData\Roaming\Mozilla\Firefox\Profiles\rmbrwe3s.default\user.js 2017-04-12 18:41:55 : [scan.firefox] - No profile to scan, skipping 2017-04-12 18:41:55 : [scan.firefox] - No profile to scan, skipping 2017-04-12 18:41:55 : [scan.firefox] - No profile to scan, skipping 2017-04-12 18:41:55 : [scan] - Progress: 94% 2017-04-12 18:41:55 : [scan.firefox] - Stopping Firefox based browsers scan [3] 2017-04-12 18:41:55 : [scan.firefox] - 0 malicious Firefox preferences found 2017-04-12 18:41:55 : [scan] - Progress: 95% 2017-04-12 18:41:55 : [main] - Chrome is installed: True 2017-04-12 18:41:55 : [scan.chromium] - Starting Chromium based browsers scan [1] 2017-04-12 18:42:02 : [scan.chromium] - Found HKCU\Software\Google\Chrome\Extensions\jlcgehabolcakkjhgmgpkagpolbjlhfa 2017-04-12 18:42:03 : [scan.chromium] - Found C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej 2017-04-12 18:42:03 : [scan.chromium] - Found C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pilplloabdedfmialnfchjomjmpjcoej_0.localstorage 2017-04-12 18:42:03 : [scan.chromium] - Found C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pilplloabdedfmialnfchjomjmpjcoej_0.localstorage-journal 2017-04-12 18:42:03 : [scan.chromium] - Found C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_pilplloabdedfmialnfchjomjmpjcoej_0.localstorage 2017-04-12 18:42:03 : [scan.chromium] - Found HKLM\SOFTWARE\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej 2017-04-12 18:42:04 : [scan.chromium] - Stopping Chromium based browsers scan [1] 2017-04-12 18:42:04 : [scan] - Progress: 97% 2017-04-12 18:42:04 : [scan.chromium] - Starting Chromium based browsers scan [2] 2017-04-12 18:42:04 : [scan.chromium] - No profile to scan, skipping 2017-04-12 18:42:04 : [scan.chromium] - Opening C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data 2017-04-12 18:42:04 : [scan.chromium] - Closing C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data 2017-04-12 18:42:04 : [scan.chromium] - Opening C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences 2017-04-12 18:42:08 : [scan.chromium] - Found C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extensions] pilplloabdedfmialnfchjomjmpjcoej 2017-04-12 18:42:08 : [scan.chromium] - Opening C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data 2017-04-12 18:42:08 : [scan.chromium] - Closing C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data 2017-04-12 18:42:08 : [scan.chromium] - Opening C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Secure Preferences 2017-04-12 18:42:09 : [scan.chromium] - Opening C:\Users\Vaishnavi\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data 2017-04-12 18:42:09 : [scan.chromium] - Closing C:\Users\Vaishnavi\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data 2017-04-12 18:42:09 : [scan.chromium] - Opening C:\Users\Vaishnavi\AppData\Local\Google\Chrome\User Data\Profile 1\Secure Preferences 2017-04-12 18:42:10 : [scan.chromium] - Opening C:\Users\Vaishnavi\AppData\Local\Google\Chrome\User Data\Profile 2\Web Data 2017-04-12 18:42:10 : [scan.chromium] - Closing C:\Users\Vaishnavi\AppData\Local\Google\Chrome\User Data\Profile 2\Web Data 2017-04-12 18:42:10 : [scan.chromium] - Opening C:\Users\Vaishnavi\AppData\Local\Google\Chrome\User Data\Profile 2\Secure Preferences 2017-04-12 18:42:12 : [scan.chromium] - Opening C:\Users\Vaishnavi\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Web Data 2017-04-12 18:42:12 : [scan.chromium] - Closing C:\Users\Vaishnavi\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Web Data 2017-04-12 18:42:12 : [scan.chromium] - Opening C:\Users\Vaishnavi\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Secure Preferences 2017-04-12 18:42:22 : [scan.chromium] - Found C:\Users\Vaishnavi\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Secure Preferences] [Extensions] jlcgehabolcakkjhgmgpkagpolbjlhfa 2017-04-12 18:42:23 : [scan.chromium] - Found C:\Users\Vaishnavi\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Secure Preferences] [Extensions] pilplloabdedfmialnfchjomjmpjcoej 2017-04-12 18:42:23 : [scan.chromium] - Opening C:\Users\Varun\AppData\Local\Google\Chrome\User Data\Default\Web Data 2017-04-12 18:42:23 : [scan.chromium] - Closing C:\Users\Varun\AppData\Local\Google\Chrome\User Data\Default\Web Data 2017-04-12 18:42:23 : [scan.chromium] - Opening C:\Users\Varun\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences 2017-04-12 18:42:30 : [scan.chromium] - Found C:\Users\Varun\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extensions] cknghehebaconkajgiobncfleofebcog 2017-04-12 18:42:31 : [scan.chromium] - No profile to scan, skipping 2017-04-12 18:42:31 : [scan.chromium] - No profile to scan, skipping 2017-04-12 18:42:31 : [scan.chromium] - No profile to scan, skipping 2017-04-12 18:42:31 : [scan.chromium] - No profile to scan, skipping 2017-04-12 18:42:31 : [scan.chromium] - No profile to scan, skipping 2017-04-12 18:42:31 : [scan.chromium] - Stopping Chromium based browsers scan [2] 2017-04-12 18:42:31 : [scan] - Progress: 99% 2017-04-12 18:42:31 : [scan.chromium] - Starting Chromium based browsers scan [3] 2017-04-12 18:42:31 : [scan.chromium] - Stopping Chromium based browsers scan [3] 2017-04-12 18:42:31 : [scan.chromium] - 4 malicious Chromium preferences elements found 2017-04-12 18:42:31 : [scan] - Progress: 100% 2017-04-12 18:42:31 : [scan] - Stopping scan 2017-04-12 18:43:12 : [main.gui] - Showing Options window 2017-04-12 18:43:16 : [main] - Saving current options to the configuration file 2017-04-12 18:43:26 : [main.gui] - Clean requested 2017-04-12 18:43:29 : [main.gui] - Killing all processes 2017-04-12 18:43:29 : [main] - Killing [System Process](0) 2017-04-12 18:43:29 : [main] - Killing System(4) 2017-04-12 18:43:29 : [main] - smss.exe - (4) not killed - whitelisted 2017-04-12 18:43:29 : [main] - csrss.exe - (4) not killed - whitelisted 2017-04-12 18:43:29 : [main] - wininit.exe - (4) not killed - whitelisted 2017-04-12 18:43:29 : [main] - services.exe - (4) not killed - whitelisted 2017-04-12 18:43:29 : [main] - lsass.exe - (4) not killed - whitelisted 2017-04-12 18:43:29 : [main] - svchost.exe - (4) not killed - whitelisted 2017-04-12 18:43:29 : [main] - svchost.exe - (4) not killed - whitelisted 2017-04-12 18:43:29 : [main] - svchost.exe - (4) not killed - whitelisted 2017-04-12 18:43:29 : [main] - svchost.exe - (4) not killed - whitelisted 2017-04-12 18:43:29 : [main] - svchost.exe - (4) not killed - whitelisted 2017-04-12 18:43:29 : [main] - svchost.exe - (4) not killed - whitelisted 2017-04-12 18:43:29 : [main] - svchost.exe - (4) not killed - whitelisted 2017-04-12 18:43:29 : [main] - dasHost.exe - (4) not killed - whitelisted 2017-04-12 18:43:29 : [main] - svchost.exe - (4) not killed - whitelisted 2017-04-12 18:43:29 : [main] - svchost.exe - (4) not killed - whitelisted 2017-04-12 18:43:29 : [main] - svchost.exe - (4) not killed - whitelisted 2017-04-12 18:43:29 : [main] - svchost.exe - (4) not killed - whitelisted 2017-04-12 18:43:29 : [main] - Killing afwServ.exe(2320) 2017-04-12 18:43:29 : [main] - svchost.exe - (2320) not killed - whitelisted 2017-04-12 18:43:29 : [main] - svchost.exe - (2320) not killed - whitelisted 2017-04-12 18:43:29 : [main] - TeamViewer_Service.exe - (2320) not killed - whitelisted 2017-04-12 18:43:29 : [main] - svchost.exe - (2320) not killed - whitelisted 2017-04-12 18:43:29 : [main] - Killing Memory Compression(2844) 2017-04-12 18:43:29 : [main] - DMAgent.exe - (2844) not killed - whitelisted 2017-04-12 18:43:29 : [main] - WmiPrvSE.exe - (2844) not killed - whitelisted 2017-04-12 18:43:29 : [main] - svchost.exe - (2844) not killed - whitelisted 2017-04-12 18:43:29 : [main] - svchost.exe - (2844) not killed - whitelisted 2017-04-12 18:43:29 : [main] - svchost.exe - (2844) not killed - whitelisted 2017-04-12 18:43:29 : [main] - Killing AvastSvc.exe(9788) 2017-04-12 18:43:29 : [main] - csrss.exe - (9788) not killed - whitelisted 2017-04-12 18:43:29 : [main] - winlogon.exe - (9788) not killed - whitelisted 2017-04-12 18:43:29 : [main] - dwm.exe - (9788) not killed - whitelisted 2017-04-12 18:43:29 : [main] - sihost.exe - (9788) not killed - whitelisted 2017-04-12 18:43:29 : [main] - svchost.exe - (9788) not killed - whitelisted 2017-04-12 18:43:29 : [main] - explorer.exe - (9788) not killed - whitelisted 2017-04-12 18:43:29 : [main] - SearchUI.exe - (9788) not killed - whitelisted 2017-04-12 18:43:29 : [main] - Killing AvastUI.exe(6160) 2017-04-12 18:43:29 : [main] - hkcmd.exe - (6160) not killed - whitelisted 2017-04-12 18:43:29 : [main] - fontdrvhost.exe - (6160) not killed - whitelisted 2017-04-12 18:43:29 : [main] - InstallAgent.exe - (6160) not killed - whitelisted 2017-04-12 18:43:29 : [main] - Killing taskhostw.exe(5224) 2017-04-12 18:43:29 : [main] - Killing RuntimeBroker.exe(7884) 2017-04-12 18:43:29 : [main] - Killing SkypeHost.exe(8884) 2017-04-12 18:43:29 : [main] - Killing ShellExperienceHost.exe(7520) 2017-04-12 18:43:29 : [main] - Killing SearchIndexer.exe(2476) 2017-04-12 18:43:29 : [main] - Killing AppSrv.exe(7552) 2017-04-12 18:43:29 : [main] - Killing btwdins.exe(4996) 2017-04-12 18:43:29 : [main] - Killing SearchProtocolHost.exe(0) 2017-04-12 18:43:29 : [main] - smartscreen.exe - (0) not killed - whitelisted 2017-04-12 18:43:29 : [main] - Killing dllhost.exe(6264) 2017-04-12 18:43:30 : [main] - Killing firefox.exe(5692) 2017-04-12 18:43:30 : [main] - Killing dllhost.exe(5704) 2017-04-12 18:43:30 : [main] - Killing RemindersServer.exe(8976) 2017-04-12 18:43:30 : [main] - svchost.exe - (8976) not killed - whitelisted 2017-04-12 18:43:30 : [main] - Killing audiodg.exe(3388) 2017-04-12 18:43:30 : [main] - adwcleaner_6.045.exe - (3388) not killed - whitelisted 2017-04-12 18:43:30 : [main] - Killing SearchFilterHost.exe(0) 2017-04-12 18:43:30 : [quarantine] - Quarantine database successfully opened 2017-04-12 18:43:30 : [clean] - Progress: 0% 2017-04-12 18:43:30 : [clean.services] - Starting services clean 2017-04-12 18:43:30 : [clean.services] - Nothing to clean. 2017-04-12 18:43:30 : [clean.services] - Stopping services clean 2017-04-12 18:43:30 : [clean] - Progress: 10% 2017-04-12 18:43:30 : [clean.folders] - Starting folders clean 2017-04-12 18:44:29 : [quarantine] - Added file to quarantine database [C:\Users\Vaishnavi\AppData\Roaming\Firefox] 2017-04-12 18:44:38 : [quarantine] - Folder added to quarantined and remove [C:\Users\Vaishnavi\AppData\Roaming\Firefox]