# AdwCleaner v6.030 - Logfile created 26/10/2016 at 12:18:32
# Updated on 19/10/2016 by Malwarebytes
# Database : 2016-10-25.1 [Server]
# Operating System : Windows 7 Professional Service Pack 1 (X64)
# Username : Marek - ICORE7
# Running from : C:\Users\Marek\AppData\Local\Temp\scoped_dir3628_26291\adwcleaner_6.030.exe
# Mode: Clean
# Support : hxxps://www.malwarebytes.com/support



***** [ Services ] *****

[-] Service deleted: ohnuze


***** [ Folders ] *****

[-] Folder deleted: C:\Users\Marek\AppData\Local\eeaUDOiyy
[-] Folder deleted: C:\Users\Marek\AppData\Roaming\HPRewriter2
[-] Folder deleted: C:\ProgramData\ohnuze
[-] Folder deleted: C:\ProgramData\eeaUDOiyy
[-] Folder deleted: C:\ProgramData\FileFinder
[#] Folder deleted on reboot: C:\ProgramData\Application Data\ohnuze
[#] Folder deleted on reboot: C:\ProgramData\Application Data\eeaUDOiyy
[#] Folder deleted on reboot: C:\ProgramData\Application Data\FileFinder
[-] Folder deleted: C:\Users\Public\Documents\eeaUDOiyy
[-] Folder deleted: C:\Program Files (x86)\eeaUDOiyy
[-] Folder deleted: C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F
[-] Folder deleted: C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
[-] Folder deleted: C:\Users\Marek\AppData\Roaming\GameLauncher
[-] Folder deleted: C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hegneaniplmfjcmohoclabblbahcbjoe


***** [ Files ] *****

[-] File deleted: C:\Windows\Reimage.ini
[-] File deleted: C:\Windows\SysWOW64\findit.xml
[-] File deleted: C:\Users\Marek\AppData\Local\Temp\ReimageRepair.exe
[-] File deleted: C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hegneaniplmfjcmohoclabblbahcbjoe_0.localstorage
[-] File deleted: C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hegneaniplmfjcmohoclabblbahcbjoe_0.localstorage-journal


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****



***** [ Scheduled Tasks ] *****



***** [ Registry ] *****

[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\PicexaService
[#] Key deleted on reboot: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\PicexaService
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Application Hosting
[#] Key deleted on reboot: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Application Hosting
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService
[#] Key deleted on reboot: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService
[-] Key deleted: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
[-] Key deleted: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
[-] Key deleted: HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
[-] Key deleted: HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{C379EAD1-CB34-4B09-AF6B-7E587F8BCD80}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D64016F6-4D8E-4B35-AB22-9B2060800112}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D64016F6-4D8E-4B35-AB22-9B2060800112}
[-] Key deleted: HKU\S-1-5-21-244903110-2082757558-103457356-1000\Software\dobreprogramy
[-] Key deleted: HKU\S-1-5-21-244903110-2082757558-103457356-1000\Software\Reimage
[-] Key deleted: HKU\S-1-5-21-244903110-2082757558-103457356-1000\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[-] Key deleted: HKU\S-1-5-21-244903110-2082757558-103457356-1000\Software\1Q1F1S1C1P1E1C1F1N1C1T1H2UtF1E1I
[-] Key deleted: HKU\S-1-5-21-244903110-2082757558-103457356-1000\Software\TrustedStart
[-] Key deleted: HKU\S-1-5-21-244903110-2082757558-103457356-1000\Software\mtdlohn
[-] Key deleted: HKU\S-1-5-21-244903110-2082757558-103457356-1000\Software\SavePass 1.1-nv-ie
[#] Key deleted on reboot: HKCU\Software\dobreprogramy
[#] Key deleted on reboot: HKCU\Software\Reimage
[#] Key deleted on reboot: HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[#] Key deleted on reboot: HKCU\Software\1Q1F1S1C1P1E1C1F1N1C1T1H2UtF1E1I
[#] Key deleted on reboot: HKCU\Software\TrustedStart
[#] Key deleted on reboot: HKCU\Software\mtdlohn
[#] Key deleted on reboot: HKCU\Software\SavePass 1.1-nv-ie
[-] Key deleted: HKLM\SOFTWARE\mtApService
[-] Key deleted: HKLM\SOFTWARE\mtdlohn
[-] Key deleted: HKLM\SOFTWARE\HPRewriter
[-] Key deleted: HKLM\SOFTWARE\WinZiper
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HPRewriter2
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HPRewriter
[#] Key deleted on reboot: [x64] HKCU\Software\dobreprogramy
[#] Key deleted on reboot: [x64] HKCU\Software\Reimage
[#] Key deleted on reboot: [x64] HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[#] Key deleted on reboot: [x64] HKCU\Software\1Q1F1S1C1P1E1C1F1N1C1T1H2UtF1E1I
[#] Key deleted on reboot: [x64] HKCU\Software\TrustedStart
[#] Key deleted on reboot: [x64] HKCU\Software\mtdlohn
[#] Key deleted on reboot: [x64] HKCU\Software\SavePass 1.1-nv-ie
[-] Key deleted: [x64] HKLM\SOFTWARE\Reimage
[-] Data restored: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] 
[-] Data restored: [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] 
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\SEARCHSCOPES\IELNKSRCH
[-] Key deleted: HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
[-] Value deleted: HKCU\Environment [SNF]
[-] Value deleted: HKCU\Environment [SNP]
[#] Key deleted on reboot: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Application Hosting
[#] Key deleted on reboot: HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\IELNKSRCH
[-] Key deleted: HKEY_CLASSES_ROOT\.qmgc
[-] Key deleted: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DLOHN.EXE
[-] Key deleted: HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\WinZipper
[-] Key deleted: HKCU\Software\Google\Chrome\Extensions\hegneaniplmfjcmohoclabblbahcbjoe
[-] Key deleted: HKLM\SOFTWARE\Google\Chrome\Extensions\hegneaniplmfjcmohoclabblbahcbjoe
[#] Key deleted on reboot: [x64] HKCU\Software\Google\Chrome\Extensions\hegneaniplmfjcmohoclabblbahcbjoe


***** [ Web browsers ] *****

[-] [C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: hegneaniplmfjcmohoclabblbahcbjoe


*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [27435 Bytes] - [13/01/2016 15:39:23]
C:\AdwCleaner\AdwCleaner[C2].txt - [11148 Bytes] - [13/01/2016 17:57:52]
C:\AdwCleaner\AdwCleaner[C3].txt - [8030 Bytes] - [14/01/2016 14:26:56]
C:\AdwCleaner\AdwCleaner[C4].txt - [3344 Bytes] - [15/01/2016 17:22:00]
C:\AdwCleaner\AdwCleaner[C5].txt - [3774 Bytes] - [16/01/2016 11:22:47]
C:\AdwCleaner\AdwCleaner[C6].txt - [640 Bytes] - [22/01/2016 15:39:01]
C:\AdwCleaner\AdwCleaner[C7].txt - [8284 Bytes] - [26/10/2016 12:18:32]
C:\AdwCleaner\AdwCleaner[S1].txt - [30469 Bytes] - [13/01/2016 15:38:30]
C:\AdwCleaner\AdwCleaner[S2].txt - [14814 Bytes] - [13/01/2016 17:57:01]
C:\AdwCleaner\AdwCleaner[S3].txt - [16635 Bytes] - [14/01/2016 14:26:00]
C:\AdwCleaner\AdwCleaner[S4].txt - [11902 Bytes] - [15/01/2016 17:19:10]
C:\AdwCleaner\AdwCleaner[S5].txt - [7245 Bytes] - [16/01/2016 11:19:33]
C:\AdwCleaner\AdwCleaner[S6].txt - [812 Bytes] - [16/01/2016 11:35:14]
C:\AdwCleaner\AdwCleaner[S7].txt - [1703 Bytes] - [22/01/2016 15:38:11]
C:\AdwCleaner\AdwCleaner[S8].txt - [8484 Bytes] - [26/10/2016 12:14:28]

########## EOF - C:\AdwCleaner\AdwCleaner[C7].txt - [8944 Bytes] ##########