# -------------------------------
# Malwarebytes AdwCleaner 8.0.9.0
# -------------------------------
# Build: 01-11-2021
# Database: 2021-01-11.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-11-2021
# Duration: 00:00:02
# OS: Windows 10 Home
# Cleaned: 76
# Failed: 0


***** [ Services ] *****

Deleted pgt_svc

***** [ Folders ] *****

Deleted C:\Program Files (x86)\ProxyGate
Deleted C:\ProgramData\114A21A7
Deleted C:\ProgramData\AppmallosayoV
Deleted C:\ProgramData\AppmallosayoVs
Deleted C:\ProgramData\CloudPrinter
Deleted C:\ProgramData\Logic Cramble
Deleted C:\ProgramData\Voyasollam
Deleted C:\ProgramData\Voyasollams
Deleted C:\Users\PC-Mathieu\AppData\Roaming\Nosibay

***** [ Files ] *****

Deleted C:\Users\PC-Mathieu\AppData\Local\Main.dat
Deleted C:\Users\PC-Mathieu\AppData\Roaming\Bubble Dock.boostrap.log
Deleted C:\Users\PC-Mathieu\AppData\Roaming\Bubble Dock.installation.log
Deleted C:\Users\PC-Mathieu\AppData\Roaming\Selection Tools.installation.log
Deleted C:\Users\PC-Mathieu\AppData\Roaming\WindApp.boostrap.log
Deleted C:\Users\PC-Mathieu\AppData\Roaming\WindApp.installation.log
Deleted C:\Users\PC-Mathieu\appdata\local\installationconfiguration.xml
Deleted C:\Windows\SysWOW64\findit.xml

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Deleted C:\Users\PC-Mathieu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Deleted C:\Users\PC-Mathieu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\SELECTION TOOLS UPDATE
Deleted C:\Windows\System32\Tasks\WINDAPP UPDATE

***** [ Registry ] *****

Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\chatango.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\st.chatango.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\chatango.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\st.chatango.com
Deleted HKCU\Software\GCleaner
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes|DefaultScope
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Selection Tools
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|WindApp
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Selection Tools
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WindApp
Deleted HKCU\Software\Nosibay
Deleted HKCU\Software\Store
Deleted HKCU\Software\WTools
Deleted HKCU\Software\mtVoyasollam
Deleted HKLM\SOFTWARE\MICROSOFT\Speedycar
Deleted HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\VOYASOLLAM.EXE
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{83ED6182-8308-4879-9138-5BC92E6A30EB}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D5BBC4A1-AFC9-47F9-AFFB-0D67AF4F0C1D}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{83ED6182-8308-4879-9138-5BC92E6A30EB}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D5BBC4A1-AFC9-47F9-AFFB-0D67AF4F0C1D}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Selection Tools Update
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WindApp Update
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs - "C:\ProgramData\AppmallosayoV\Konlax.dll"
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced
Deleted HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\VOYASOLLAM.EXE
Deleted HKLM\Software\MICROSOFT\TechnologyDesktopnew
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|gpuminer
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\gpuminer
Deleted HKLM\Software\Wow6432Node\Proxy
Deleted HKLM\Software\Wow6432Node\\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\VOYASOLLAM.EXE
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\ielnksrch
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes|DefaultScope
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{1EC095EE-8CA3-43D6-B9F5-0C55B82ED3D7}}_is1
Deleted HKLM\Software\Wow6432Node\mtAppmallosayoV
Deleted HKLM\Software\Wow6432Node\mtVoyasollam
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\Application Hosting
Deleted HKLM\System\Setup\FirstBoot\Services\pgt_svc

***** [ Chromium (and derivatives) ] *****

Deleted Bazz Search SafeFinder - inafjghmmkmiobijhbgkfekenbfbklhb
Deleted kgafconhnilnginngkobbmhieeninmge

***** [ Chromium URLs ] *****

Deleted WebSearch
Deleted mystartsearch
Deleted mystartsearch
Deleted mystartsearch
Deleted mystartsearch

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

Deleted file:///C:/ProgramData/AppmallosayoVs/ff.HP
Deleted findit
Deleted findit

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [8694 octets] - [11/01/2021 20:45:30]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########