# AdwCleaner v6.045 - Logfile created 11/04/2017 at 18:38:29
# Updated on 28/03/2017 by Malwarebytes
# Database : 2017-04-10.2 [Local]
# Operating System : Windows 10 Home  (X86)
# Username : Vaishnavi - LENOVO
# Running from : C:\Users\Vaishnavi\Downloads\adwcleaner_6.045(1).exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

No malicious services found.


***** [ Folders ] *****

Folder Found:  C:\Users\Vaishnavi\AppData\Roaming\Firefox
Folder Found:  C:\Users\Vaishnavi\AppData\Local\Firefox
Folder Found:  C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej


***** [ Files ] *****

File Found:  C:\Users\Vaishnavi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet-Explorer Browser.lnk
File Found:  C:\Users\Vaishnavi\AppData\Roaming\Microsoft\Windows\Start Menu\¿ìÑ¹.lnk
File Found:  C:\WINDOWS\system32\findit.xml
File Found:  C:\WINDOWS\system32\drivers\iSafeKrnlBoot.sys
File Found:  C:\WINDOWS\system32\drivers\KuaiZipDrive.sys
File Found:  C:\WINDOWS\rsrcs.dll
File Found:  C:\Program Files\settings.dat
File Found:  C:\Users\Public\Documents\temp.dat
File Found:  C:\Users\Public\Documents\report.dat
File Found:  C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\a4ycc3sr.default\searchplugins\startpageing123.xml 
File Found:  C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pilplloabdedfmialnfchjomjmpjcoej_0.localstorage
File Found:  C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pilplloabdedfmialnfchjomjmpjcoej_0.localstorage-journal
File Found:  C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_pilplloabdedfmialnfchjomjmpjcoej_0.localstorage


***** [ DLL ] *****

No malicious DLLs found.


***** [ WMI ] *****

Key Found:  : \root\subscription\\ActiveScriptEventConsumer [ASEC]


***** [ Shortcuts ] *****

No infected shortcut found.


***** [ Scheduled Tasks ] *****

Task Found:  Tafewardkinerpy
Task Found:  Milimili
Task Found:  iorrt
Task Found:  Windows-PG


***** [ Registry ] *****

Key Found:  HKLM\SOFTWARE\5b952a37-ebad-c0b3-e5d4-92d30f6ce1bc
Key Found:  HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WindowsMangerProtect
Key Found:  HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\GoogleChromeUpService
Key Found:  HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\FirefoxU
Key Found:  HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WinSnare
Key Found:  HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\windowsmangerprotect
Key Found:  HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\googlechromeupservice
Key Found:  HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\SNARER
Key Found:  HKLM\SOFTWARE\Classes\Fishjanesc
Key Found:  HKLM\SOFTWARE\Classes\QZipShell.ContextMenuExt
Key Found:  HKLM\SOFTWARE\Classes\QZipShell.ContextMenuExt.1
Key Found:  HKLM\SOFTWARE\Classes\QZipShell.DragDropMenu
Key Found:  HKLM\SOFTWARE\Classes\QZipShell.DragDropMenu.1
Key Found:  HKLM\SOFTWARE\Classes\QZipShell.KYDropHandler
Key Found:  HKLM\SOFTWARE\Classes\QZipShell.KYDropHandler.1
Key Found:  HKLM\SOFTWARE\Classes\QZipShell.KzShlobj
Key Found:  HKLM\SOFTWARE\Classes\QZipShell.KzShlobj.1
Key Found:  HKLM\SOFTWARE\Classes\QZipShell.PropertyExt
Key Found:  HKLM\SOFTWARE\Classes\QZipShell.PropertyExt.1
Key Found:  HKLM\SOFTWARE\Classes\AppID\{9CC34070-3A38-4C7A-89CB-EF8177EF07A1}
Key Found:  HKLM\SOFTWARE\Classes\CLSID\{2FB831EA-DA68-4A66-8E31-A2D976A6296C}
Key Found:  HKLM\SOFTWARE\Classes\CLSID\{3DCCD550-7586-40D2-A51D-D2F98EC06B3C}
Key Found:  HKLM\SOFTWARE\Classes\CLSID\{6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E}
Key Found:  HKLM\SOFTWARE\Classes\CLSID\{AAA0C5B8-933F-4200-93AD-B143D7FFF9F2}
Key Found:  HKLM\SOFTWARE\Classes\CLSID\{C9487131-EF4C-40D9-BA70-E85356CAF67E}
Key Found:  HKLM\SOFTWARE\Classes\TypeLib\{86C4C3BA-4EA4-4CF8-98B9-6B07B477B835}
Value Found:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}]
Key Found:  HKU\.DEFAULT\Software\KuaiZip
Key Found:  HKU\.DEFAULT\Software\UpgSvr
Key Found:  HKU\.DEFAULT\Software\xvb`lj
Key Found:  HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Found:  HKU\AvGeneric_S-1-5-21-1790925875-1115741758-2148593521-1000\Software\APN PIP
Key Found:  HKU\AvGeneric_S-1-5-21-1790925875-1115741758-2148593521-1000\Software\AskPartnerNetwork
Key Found:  HKU\AvGeneric_S-1-5-21-1790925875-1115741758-2148593521-1000\Software\HomeTab
Key Found:  HKU\AvGeneric_S-1-5-21-1790925875-1115741758-2148593521-1000\Software\Kromtech
Key Found:  HKU\AvGeneric_S-1-5-21-1790925875-1115741758-2148593521-1000\Software\Mozilla\Extends
Key Found:  HKU\AvGeneric_S-1-5-21-1790925875-1115741758-2148593521-1000\Software\PIP
Key Found:  HKU\AvGeneric_S-1-5-21-1790925875-1115741758-2148593521-1000\Software\PRODUCTSETUP
Key Found:  HKU\AvGeneric_S-1-5-21-1790925875-1115741758-2148593521-1000\Software\SearchProtectWS
Key Found:  HKU\AvGeneric_S-1-5-21-1790925875-1115741758-2148593521-1000\Software\simplytech
Key Found:  HKU\AvGeneric_S-1-5-21-1790925875-1115741758-2148593521-1000\Software\Simplytech\HomeTab
Key Found:  HKU\AvGeneric_S-1-5-21-1790925875-1115741758-2148593521-1000\Software\TNT2
Key Found:  HKU\AvGeneric_S-1-5-21-1790925875-1115741758-2148593521-1000\Software\csastats
Key Found:  HKU\AvGeneric_S-1-5-21-1790925875-1115741758-2148593521-1000\Software\SIMPLYTECH
Key Found:  HKU\AvGeneric_S-1-5-21-1790925875-1115741758-2148593521-1000\Software\KuaiZip
Key Found:  HKU\AvGeneric_S-1-5-21-1790925875-1115741758-2148593521-1000\Software\mtUtatity
Key Found:  HKU\AvGeneric_S-1-5-21-1790925875-1115741758-2148593521-1000\Software\WinSnare
Key Found:  HKU\AvGeneric_S-1-5-21-1790925875-1115741758-2148593521-1000\Software\Fishjane
Key Found:  HKU\AvGeneric_S-1-5-21-1790925875-1115741758-2148593521-1000\Software\deskapp
Key Found:  HKU\AvGeneric_S-1-5-21-1790925875-1115741758-2148593521-1000\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Found:  HKU\AvGeneric_S-1-5-21-1790925875-1115741758-2148593521-1000\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Found:  HKU\AvGeneric_S-1-5-21-1790925875-1115741758-2148593521-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
Key Found:  HKU\AvGeneric_S-1-5-21-1790925875-1115741758-2148593521-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Found:  HKU\AvGeneric_S-1-5-21-1790925875-1115741758-2148593521-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Key Found:  HKU\AvGeneric_S-1-5-21-1790925875-1115741758-2148593521-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Found:  HKU\AvGeneric_S-1-5-21-1790925875-1115741758-2148593521-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Key Found:  HKU\AvGeneric_S-1-5-21-1790925875-1115741758-2148593521-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Key Found:  HKU\AvGeneric_S-1-5-21-1790925875-1115741758-2148593521-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\SEARCHPROTECT
Key Found:  HKU\AvGeneric_S-1-5-21-1790925875-1115741758-2148593521-1002\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Found:  HKU\S-1-5-21-1790925875-1115741758-2148593521-1001\Software\Installer
Key Found:  HKU\S-1-5-21-1790925875-1115741758-2148593521-1001\Software\AutoTime
Key Found:  HKU\S-1-5-21-1790925875-1115741758-2148593521-1001\Software\SNDA
Key Found:  HKU\S-1-5-21-1790925875-1115741758-2148593521-1001\Software\mtUtatity
Key Found:  HKU\S-1-5-21-1790925875-1115741758-2148593521-1001\Software\MICROSOFT\wewewe
Key Found:  HKU\S-1-5-21-1790925875-1115741758-2148593521-1001\Software\WinSnare
Key Found:  HKU\S-1-5-21-1790925875-1115741758-2148593521-1001\Software\dlr
Key Found:  HKU\S-1-5-21-1790925875-1115741758-2148593521-1001\Software\PopWnd
Key Found:  HKU\S-1-5-21-1790925875-1115741758-2148593521-1001\Software\UpgSvr
Key Found:  HKU\S-1-5-21-1790925875-1115741758-2148593521-1001\Software\deskapp
Key Found:  HKU\S-1-5-21-1790925875-1115741758-2148593521-1001\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Found:  HKU\S-1-5-21-1790925875-1115741758-2148593521-1001\Software\AppDataLow\Software\AppTrailers
Key Found:  HKU\S-1-5-18\Software\KuaiZip
Key Found:  HKU\S-1-5-18\Software\UpgSvr
Key Found:  HKU\S-1-5-18\Software\xvb`lj
Key Found:  HKU\S-1-5-18\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Found:  HKCU\Software\Installer
Key Found:  HKCU\Software\AutoTime
Key Found:  HKCU\Software\SNDA
Key Found:  HKCU\Software\mtUtatity
Key Found:  HKCU\Software\MICROSOFT\wewewe
Key Found:  HKCU\Software\WinSnare
Key Found:  HKCU\Software\dlr
Key Found:  HKCU\Software\PopWnd
Key Found:  HKCU\Software\UpgSvr
Key Found:  HKCU\Software\deskapp
Key Found:  HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Found:  HKCU\Software\AppDataLow\Software\AppTrailers
Key Found:  HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Key Found:  HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Found:  HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found:  HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Found:  HKLM\SOFTWARE\AIM Toolbar
Key Found:  HKLM\SOFTWARE\AskPartnerNetwork
Key Found:  HKLM\SOFTWARE\Conduit
Key Found:  HKLM\SOFTWARE\FFPluginHp
Key Found:  HKLM\SOFTWARE\Iminent
Key Found:  HKLM\SOFTWARE\istartsurfSoftware
Key Found:  HKLM\SOFTWARE\SearchModule
Key Found:  HKLM\SOFTWARE\SearchProtect
Key Found:  HKLM\SOFTWARE\searchult
Key Found:  HKLM\SOFTWARE\SpeedBit
Key Found:  HKLM\SOFTWARE\SEARCHPROTECT
Key Found:  HKLM\SOFTWARE\youndooSoftware
Key Found:  HKLM\SOFTWARE\OtherSearch
Key Found:  HKLM\SOFTWARE\amule-custom
Key Found:  HKLM\SOFTWARE\mtUtatity
Key Found:  HKLM\SOFTWARE\InterSect Alliance
Key Found:  HKLM\SOFTWARE\startpageing123Software
Key Found:  HKLM\SOFTWARE\Fishjane
Key Found:  HKLM\SOFTWARE\xvb`lj
Key Found:  HKLM\SOFTWARE\msServer
Key Found:  HKLM\SOFTWARE\{84416237-6490-494D-9AD6-4994DD978971}
Key Found:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
Key Found:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Found:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Key Found:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Key Found:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Found:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Key Found:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Key Found:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SEARCHPROTECT
Key Found:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{59B5A9CD-253D-4C41-A073-B387D4C9672D}
Key Found:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{13D7C2E9-08E7-4889-94FF-87E707184E53}
Data Found:  HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\ProgramData\Utatity\TransLax.dll
Value Found:  HKU\S-1-5-21-1790925875-1115741758-2148593521-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [msiql]
Value Found:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [DiskPower]
Value Found:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [AppTrailers]
Key Found:  HKLM\SOFTWARE\Microsoft\Internet Explorer\SEARCHSCOPES\IELNKSRCH
Key Found:  HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\iSafeSvc2.exe
Value Found:  HKCU\Environment [SNF]
Value Found:  HKCU\Environment [SNP]
Key Found:  HKLM\SYSTEM\CurrentControlSet\Control\Class\{0C95ABFE-4FB6-49DB-B22F-0E1F5FC4BEEC}
Key Found:  HKLM\SYSTEM\CurrentControlSet\Control\Class\{EEEFACB3-729F-4484-B66D-E7A7917BBFC1}
Key Found:  HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\IELNKSRCH
Value Found:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved [KuaiZip Shell Extension]
Value Found:  HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [kuaizipupdatesvc]
Key Found:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\KzShlobj
Key Found:  HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9
Key Found:  HKLM\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\KuaiZipShlExt
Key Found:  HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\KuaiZipShlExt
Key Found:  HKLM\SOFTWARE\Classes\AppID\QZipShell.DLL
Value Found:  HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [WinSAPSvc]
Key Found:  HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\KuaiZipShlExt
Key Found:  HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SilentProcessExit\Utatity.exe
Key Found:  HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Utatity.exe
Value Found:  HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [WinSnare]
Value Found:  HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost [WinSnare]
Key Found:  HKCU\SOFTWARE\Classes\ChromeHTML
Key Found:  HKCU\SOFTWARE\Clients\StartMenuInternet\ChromeHTML
Value Found:  HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [WINSNARE]
Value Found:  HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [SNARER]
Value Found:  HKLM\SOFTWARE\Mozilla\Firefox\Extensions [searchffv2@gmail.com]
Value Found:  HKLM\SOFTWARE\Mozilla\Firefox\Extensions [sweetsearch@gmail.com]
Value Found:  HKLM\SOFTWARE\Mozilla\Firefox\Extensions [searchffv2@gmail.com]
Value Found:  HKLM\SOFTWARE\Mozilla\Firefox\Extensions [sweetsearch@gmail.com]
Value Found:  HKLM\SOFTWARE\Mozilla\Firefox\Extensions [searchffv2@gmail.com]
Value Found:  HKLM\SOFTWARE\Mozilla\Firefox\Extensions [sweetsearch@gmail.com]
Key Found:  HKCU\Software\Google\Chrome\Extensions\jlcgehabolcakkjhgmgpkagpolbjlhfa
Key Found:  HKLM\SOFTWARE\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej


***** [ Web browsers ] *****

No malicious Firefox based browser items found.
Chrome pref Found:  [C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - pilplloabdedfmialnfchjomjmpjcoej
Chrome pref Found:  [C:\Users\Vaishnavi\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Secure Preferences ] - jlcgehabolcakkjhgmgpkagpolbjlhfa
Chrome pref Found:  [C:\Users\Vaishnavi\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Secure Preferences ] - pilplloabdedfmialnfchjomjmpjcoej
Chrome pref Found:  [C:\Users\Varun\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - cknghehebaconkajgiobncfleofebcog

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [14391 Bytes] - [31/03/2017 20:36:27]
C:\AdwCleaner\AdwCleaner[S1].txt - [14404 Bytes] - [31/03/2017 20:41:55]
C:\AdwCleaner\AdwCleaner[S2].txt - [15919 Bytes] - [11/04/2017 18:09:24]
C:\AdwCleaner\AdwCleaner[S3].txt - [15310 Bytes] - [11/04/2017 18:38:29]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [15384 Bytes] ##########