the software (ADWC) crashed a couple of times so it made more than a text file (6 to be exact) i will post them all.
AdwCleaner[C1]:
# AdwCleaner v5.200 - Logfile created 20/06/2016 at 19:39:35
# Updated 14/06/2016 by ToolsLib
# Database : 2016-06-20.3 [Server]
# Operating system : Windows 10 Pro (X64)
# Username : iCyPo - ICY
# Running from : C:\Users\iCyPo\Downloads\AdwCleaner.exe
# Option : Clean
# Support :
https://toolslib.net/forum
***** [ Services ] *****
[-] Service Deleted : QMUdisk
[-] Service Deleted : TheDesktopWeatherService
[-] Service Deleted : softaal
[-] Service Deleted : CloudPrinter
[-] Service Deleted : SRepairDrv
[-] Service Deleted : tsnethlpx64
[-] Service Deleted : Ronzap
AdwCleaner[C2]:
# AdwCleaner v5.200 - Logfile created 20/06/2016 at 19:59:34
# Updated 14/06/2016 by ToolsLib
# Database : 2016-06-20.3 [Server]
# Operating system : Windows 10 Pro (X64)
# Username : iCyPo - ICY
# Running from : C:\Users\iCyPo\Desktop\AdwCleaner.exe
# Option : Clean
# Support :
https://toolslib.net/forum
***** [ Services ] *****
AdwCleaner[C3]:
# AdwCleaner v5.201 - Logfile created 02/07/2016 at 09:51:00
# Updated 30/06/2016 by ToolsLib
# Database : 2016-07-01.1 [Server]
# Operating system : Windows 10 Pro (X64)
# Username : iCyPo - ICY
# Running from : C:\Users\iCyPo\Downloads\adwcleaner_5.201.exe
# Option : Clean
# Support :
https://toolslib.net/forum
***** [ Services ] *****
AdwCleaner[S1]:
# AdwCleaner v5.200 - Logfile created 20/06/2016 at 19:35:01
# Updated 14/06/2016 by ToolsLib
# Database : 2016-06-20.3 [Server]
# Operating system : Windows 10 Pro (X64)
# Username : iCyPo - ICY
# Running from : C:\Users\iCyPo\Downloads\AdwCleaner.exe
# Option : Scan
# Support :
https://toolslib.net/forum
***** [ Services ] *****
Service Found : QMUdisk
Service Found : TheDesktopWeatherService
Service Found : softaal
Service Found : CloudPrinter
Service Found : SRepairDrv
Service Found : tsnethlpx64
Service Found : Ronzap
Service Found : UCGuard
Service Found : backlh
Service Found : zigipyro
Service Found : QQRepairFixSVC
Service Found : dowidoly
Service Found : qyqijyrezbt
Service Found : rijufoze
Service Found : zigipyro
***** [ Folders ] *****
Folder Found : C:\ProgramData\tencent
Folder Found : C:\ProgramData\TXQMPC
Folder Found : C:\ProgramData\CloudPrinter
Folder Found : C:\ProgramData\Ronzap
Folder Found : C:\ProgramData\Ronzaps
Folder Found : C:\ProgramData\Logic Handler
Folder Found : C:\ProgramData\Application Data\tencent
Folder Found : C:\ProgramData\Application Data\TXQMPC
Folder Found : C:\ProgramData\Application Data\CloudPrinter
Folder Found : C:\ProgramData\Application Data\Ronzap
Folder Found : C:\ProgramData\Application Data\Ronzaps
Folder Found : C:\ProgramData\Application Data\Logic Handler
Folder Found : C:\Users\Public\Documents\Guid
Folder Found : C:\Program Files (x86)\Common Files\tencent
Folder Found : C:\Users\iCyPo\AppData\Local\Temp\tencent
Folder Found : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\tencent
Folder Found : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\WeatherTool
Folder Found : C:\Users\iCyPo\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
Folder Found : C:\Users\iCyPo\AppData\Local\03AA02FC-1466200974-05B0-D506-250700080009
Folder Found : C:\Users\iCyPo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcgnigmofekcllgbiejhmigggmgehkip
Folder Found : C:\Program Files\Common Files\tencent
Folder Found : C:\Users\iCyPo\AppData\Local\VirtualStore\Program Files (x86)\tencent
Folder Found : C:\Users\iCyPo\AppData\Local\app
***** [ Files ] *****
File Found : C:\Windows\SysWOW64\findit.xml
File Found : C:\Windows\SysWOW64\drivers\TS888x64.sys
File Found : C:\Users\iCyPo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pinhfkamckbogjgmbmdkdebbbpnmlaef_0.localstorage
File Found : C:\Windows\SysNative\drivers\TFsFltX64.sys
File Found : C:\Windows\SysNative\drivers\TAOKernelEx64.sys
File Found : C:\Windows\SysNative\drivers\ucguard.sys
***** [ DLL ] *****
***** [ WMI ] *****
Key Found : \root\subscription\\ActiveScriptEventConsumer [ASEC]
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
Task Found : tasklist
Task Found : tasklist
***** [ Registry ] *****
Key Found : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SEARCHSCOPES\IELNKSRCH
Key Found : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP
Key Found : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP
Key Found : HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
Value Found : HKCU\Environment [SNF]
Value Found : HKCU\Environment [SNP]
Key Found : HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Application Hosting
Key Found : HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Ronzap.exe
Key Found : HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\RONZAP.EXE
Key Found : HKLM\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\UCBrowser.exe
Key Found : HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\IELNKSRCH
Key Found : HKEY_CLASSES_ROOT\.qmgc
Key Found : HKLM\SOFTWARE\Classes\UCHTML
Key Found : HKLM\SOFTWARE\Classes\UCHTML.AssocFile.CRX
Key Found : HKLM\SOFTWARE\Classes\UCHTML.AssocFile.HTM
Key Found : HKLM\SOFTWARE\Classes\UCHTML.AssocFile.HTML
Key Found : HKLM\SOFTWARE\Classes\UCHTML.AssocFile.MHT
Key Found : HKLM\SOFTWARE\Classes\UCHTML.AssocFile.SHTM
Key Found : HKLM\SOFTWARE\Classes\UCHTML.AssocFile.SHTML
Key Found : HKLM\SOFTWARE\Classes\UCHTML.AssocFile.WEBP
Key Found : HKLM\SOFTWARE\Classes\UCHTML.AssocFile.XHT
Key Found : HKLM\SOFTWARE\Classes\UCHTML.AssocFile.XHTML
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\fcgnigmofekcllgbiejhmigggmgehkip
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\fcgnigmofekcllgbiejhmigggmgehkip
Key Found : HKLM\SOFTWARE\Classes\metnsd
Key Found : HKLM\SOFTWARE\Classes\qmgcfiles
Key Found : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{29B6CFD5-0064-411A-8C42-9890C83F9921}
Key Found : HKCU\Software\PRODUCTSETUP
Key Found : HKCU\Software\csastats
Key Found : HKCU\Software\mtRonzap
Key Found : HKCU\Software\UCBrowserPID
Key Found : HKCU\Software\KuaiZip
Key Found : HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
Key Found : HKLM\SOFTWARE\mtRonzap
Key Found : HKLM\SOFTWARE\UCBrowserPID
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Key Found : HKU\S-1-5-21-2475911614-839709902-1613718654-1001\Software\PRODUCTSETUP
Key Found : HKU\S-1-5-21-2475911614-839709902-1613718654-1001\Software\csastats
Key Found : HKU\S-1-5-21-2475911614-839709902-1613718654-1001\Software\mtRonzap
Key Found : HKU\S-1-5-21-2475911614-839709902-1613718654-1001\Software\UCBrowserPID
Key Found : HKU\S-1-5-21-2475911614-839709902-1613718654-1001\Software\KuaiZip
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{528DE932-CECC-4DD6-B9F2-8269587ADBD0}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{B5D45767-D8DB-486A-9353-045B361E8C6D}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{F467A4A2-4086-49B4-924D-94555F9AE818}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{E6122292-43E3-4AD7-BF17-E1537DE2DE13}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{50D83406-7C23-44D6-A2FA-C56D57B4A2C1}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{2119D14F-7E5F-4A65-923A-C994A33AD08E}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{91E4D4CC-9273-4FD4-83D5-E31C4B492687}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{67BD5DBB-1FB0-4AD0-960C-9A8F57DAC574}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{0FF99C15-259A-42A6-B2EF-83C3D6047DAD}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{7D851A33-CCB0-4A00-A248-E006202C9330}]
Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\ProgramData\Ronzap\Strongtamplus.dll
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\ProgramData\Ronzap\Med-Air.dll
Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon [Userinit] - wscript C:\Windows\run.vbs,
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [apphide]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [msiql]
Value Found : HKU\S-1-5-21-2475911614-839709902-1613718654-1001\Software\Microsoft\Windows\CurrentVersion\Run [msiql]
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Application Hosting
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\CloudPrinter
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\Ronzap
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\backlh
***** [ Web browsers ] *****
[C:\Users\iCyPo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : fcgnigmofekcllgbiejhmigggmgehkip
*************************
C:\AdwCleaner\AdwCleaner[S1].txt - [8469 bytes] - [20/06/2016 19:35:01]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [8542 bytes] ##########
AdwCleaner[S2]:
# AdwCleaner v5.200 - Logfile created 20/06/2016 at 19:57:53
# Updated 14/06/2016 by ToolsLib
# Database : 2016-06-20.3 [Server]
# Operating system : Windows 10 Pro (X64)
# Username : iCyPo - ICY
# Running from : C:\Users\iCyPo\Desktop\AdwCleaner.exe
# Option : Scan
# Support :
https://toolslib.net/forum
***** [ Services ] *****
Service Found : UCGuard
Service Found : backlh
Service Found : zigipyro
Service Found : QQRepairFixSVC
Service Found : dowidoly
Service Found : qyqijyrezbt
Service Found : rijufoze
Service Found : zigipyro
***** [ Folders ] *****
Folder Found : C:\ProgramData\tencent
Folder Found : C:\ProgramData\TXQMPC
Folder Found : C:\ProgramData\CloudPrinter
Folder Found : C:\ProgramData\Ronzap
Folder Found : C:\ProgramData\Ronzaps
Folder Found : C:\ProgramData\Logic Handler
Folder Found : C:\ProgramData\Application Data\tencent
Folder Found : C:\ProgramData\Application Data\TXQMPC
Folder Found : C:\ProgramData\Application Data\CloudPrinter
Folder Found : C:\ProgramData\Application Data\Ronzap
Folder Found : C:\ProgramData\Application Data\Ronzaps
Folder Found : C:\ProgramData\Application Data\Logic Handler
Folder Found : C:\Users\Public\Documents\Guid
Folder Found : C:\Program Files (x86)\Common Files\tencent
Folder Found : C:\Users\iCyPo\AppData\Local\Temp\tencent
Folder Found : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\tencent
Folder Found : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\WeatherTool
Folder Found : C:\Users\iCyPo\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
Folder Found : C:\Users\iCyPo\AppData\Local\03AA02FC-1466200974-05B0-D506-250700080009
Folder Found : C:\Users\iCyPo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcgnigmofekcllgbiejhmigggmgehkip
Folder Found : C:\Program Files\Common Files\tencent
Folder Found : C:\Users\iCyPo\AppData\Local\VirtualStore\Program Files (x86)\tencent
Folder Found : C:\Users\iCyPo\AppData\Local\app
***** [ Files ] *****
File Found : C:\Windows\SysWOW64\findit.xml
File Found : C:\Windows\SysWOW64\drivers\TS888x64.sys
File Found : C:\Users\iCyPo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pinhfkamckbogjgmbmdkdebbbpnmlaef_0.localstorage
File Found : C:\Windows\SysNative\drivers\TFsFltX64.sys
File Found : C:\Windows\SysNative\drivers\TAOKernelEx64.sys
File Found : C:\Windows\SysNative\drivers\ucguard.sys
***** [ DLL ] *****
***** [ WMI ] *****
Key Found : \root\subscription\\ActiveScriptEventConsumer [ASEC]
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
Task Found : tasklist
Task Found : tasklist
***** [ Registry ] *****
Key Found : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SEARCHSCOPES\IELNKSRCH
Key Found : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP
Key Found : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP
Key Found : HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
Value Found : HKCU\Environment [SNF]
Value Found : HKCU\Environment [SNP]
Key Found : HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Application Hosting
Key Found : HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Ronzap.exe
Key Found : HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\RONZAP.EXE
Key Found : HKLM\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\UCBrowser.exe
Key Found : HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\IELNKSRCH
Key Found : HKEY_CLASSES_ROOT\.qmgc
Key Found : HKLM\SOFTWARE\Classes\UCHTML
Key Found : HKLM\SOFTWARE\Classes\UCHTML.AssocFile.CRX
Key Found : HKLM\SOFTWARE\Classes\UCHTML.AssocFile.HTM
Key Found : HKLM\SOFTWARE\Classes\UCHTML.AssocFile.HTML
Key Found : HKLM\SOFTWARE\Classes\UCHTML.AssocFile.MHT
Key Found : HKLM\SOFTWARE\Classes\UCHTML.AssocFile.SHTM
Key Found : HKLM\SOFTWARE\Classes\UCHTML.AssocFile.SHTML
Key Found : HKLM\SOFTWARE\Classes\UCHTML.AssocFile.WEBP
Key Found : HKLM\SOFTWARE\Classes\UCHTML.AssocFile.XHT
Key Found : HKLM\SOFTWARE\Classes\UCHTML.AssocFile.XHTML
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\fcgnigmofekcllgbiejhmigggmgehkip
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\fcgnigmofekcllgbiejhmigggmgehkip
Key Found : HKLM\SOFTWARE\Classes\metnsd
Key Found : HKLM\SOFTWARE\Classes\qmgcfiles
Key Found : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{29B6CFD5-0064-411A-8C42-9890C83F9921}
Key Found : HKCU\Software\PRODUCTSETUP
Key Found : HKCU\Software\csastats
Key Found : HKCU\Software\mtRonzap
Key Found : HKCU\Software\UCBrowserPID
Key Found : HKCU\Software\KuaiZip
Key Found : HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
Key Found : HKLM\SOFTWARE\mtRonzap
Key Found : HKLM\SOFTWARE\UCBrowserPID
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Key Found : HKU\S-1-5-21-2475911614-839709902-1613718654-1001\Software\PRODUCTSETUP
Key Found : HKU\S-1-5-21-2475911614-839709902-1613718654-1001\Software\csastats
Key Found : HKU\S-1-5-21-2475911614-839709902-1613718654-1001\Software\mtRonzap
Key Found : HKU\S-1-5-21-2475911614-839709902-1613718654-1001\Software\UCBrowserPID
Key Found : HKU\S-1-5-21-2475911614-839709902-1613718654-1001\Software\KuaiZip
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{528DE932-CECC-4DD6-B9F2-8269587ADBD0}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{B5D45767-D8DB-486A-9353-045B361E8C6D}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{F467A4A2-4086-49B4-924D-94555F9AE818}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{E6122292-43E3-4AD7-BF17-E1537DE2DE13}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{50D83406-7C23-44D6-A2FA-C56D57B4A2C1}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{2119D14F-7E5F-4A65-923A-C994A33AD08E}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{91E4D4CC-9273-4FD4-83D5-E31C4B492687}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{67BD5DBB-1FB0-4AD0-960C-9A8F57DAC574}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{0FF99C15-259A-42A6-B2EF-83C3D6047DAD}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{7D851A33-CCB0-4A00-A248-E006202C9330}]
Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\ProgramData\Ronzap\Strongtamplus.dll
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\ProgramData\Ronzap\Med-Air.dll
Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon [Userinit] - wscript C:\Windows\run.vbs,
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [apphide]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [msiql]
Value Found : HKU\S-1-5-21-2475911614-839709902-1613718654-1001\Software\Microsoft\Windows\CurrentVersion\Run [msiql]
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Application Hosting
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\CloudPrinter
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\Ronzap
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\backlh
***** [ Web browsers ] *****
[C:\Users\iCyPo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : fcgnigmofekcllgbiejhmigggmgehkip
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [593 bytes] - [20/06/2016 19:39:35]
C:\AdwCleaner\AdwCleaner[S1].txt - [8641 bytes] - [20/06/2016 19:35:01]
C:\AdwCleaner\AdwCleaner[S2].txt - [8409 bytes] - [20/06/2016 19:57:53]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [8482 bytes] ##########
AdwCleaner[S3]:
# AdwCleaner v5.201 - Logfile created 02/07/2016 at 09:48:32
# Updated 30/06/2016 by ToolsLib
# Database : 2016-07-01.1 [Server]
# Operating system : Windows 10 Pro (X64)
# Username : iCyPo - ICY
# Running from : C:\Users\iCyPo\Downloads\adwcleaner_5.201.exe
# Option : Scan
# Support :
https://toolslib.net/forum
***** [ Services ] *****
Service Found : UCGuard
Service Found : backlh
Service Found : zigipyro
Service Found : QQRepairFixSVC
Service Found : dowidoly
Service Found : qyqijyrezbt
Service Found : rijufoze
Service Found : zigipyro
***** [ Folders ] *****
Folder Found : C:\ProgramData\tencent
Folder Found : C:\ProgramData\TXQMPC
Folder Found : C:\ProgramData\CloudPrinter
Folder Found : C:\ProgramData\Ronzap
Folder Found : C:\ProgramData\Ronzaps
Folder Found : C:\ProgramData\Logic Handler
Folder Found : C:\ProgramData\Application Data\tencent
Folder Found : C:\ProgramData\Application Data\TXQMPC
Folder Found : C:\ProgramData\Application Data\CloudPrinter
Folder Found : C:\ProgramData\Application Data\Ronzap
Folder Found : C:\ProgramData\Application Data\Ronzaps
Folder Found : C:\ProgramData\Application Data\Logic Handler
Folder Found : C:\Users\Public\Documents\Guid
Folder Found : C:\Program Files (x86)\Common Files\tencent
Folder Found : C:\Users\iCyPo\AppData\Local\Temp\tencent
Folder Found : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\tencent
Folder Found : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\WeatherTool
Folder Found : C:\Users\iCyPo\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
Folder Found : C:\Users\iCyPo\AppData\Local\03AA02FC-1466200974-05B0-D506-250700080009
Folder Found : C:\Users\iCyPo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcgnigmofekcllgbiejhmigggmgehkip
Folder Found : C:\Program Files\Common Files\tencent
Folder Found : C:\Users\iCyPo\AppData\Local\VirtualStore\Program Files (x86)\tencent
Folder Found : C:\Users\iCyPo\AppData\Local\app
***** [ Files ] *****
File Found : C:\END
File Found : C:\Windows\SysWOW64\findit.xml
File Found : C:\Windows\SysWOW64\drivers\TS888x64.sys
File Found : C:\Users\iCyPo\AppData\Local\Temp\Utils.dll
File Found : C:\Users\iCyPo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pinhfkamckbogjgmbmdkdebbbpnmlaef_0.localstorage
File Found : C:\Windows\SysNative\drivers\TFsFltX64.sys
File Found : C:\Windows\SysNative\drivers\TAOKernelEx64.sys
File Found : C:\Windows\SysNative\drivers\ucguard.sys
***** [ DLL ] *****
***** [ WMI ] *****
Key Found : \root\subscription\\ActiveScriptEventConsumer [ASEC]
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
Task Found : tasklist
Task Found : tasklist
***** [ Registry ] *****
Key Found : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SEARCHSCOPES\IELNKSRCH
Key Found : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP
Key Found : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP
Key Found : HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
Value Found : HKCU\Environment [SNF]
Value Found : HKCU\Environment [SNP]
Key Found : HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Application Hosting
Key Found : HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Ronzap.exe
Key Found : HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\RONZAP.EXE
Key Found : HKLM\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\UCBrowser.exe
Key Found : HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\IELNKSRCH
Key Found : HKEY_CLASSES_ROOT\.qmgc
Key Found : HKLM\SOFTWARE\Classes\UCHTML
Key Found : HKLM\SOFTWARE\Classes\UCHTML.AssocFile.CRX
Key Found : HKLM\SOFTWARE\Classes\UCHTML.AssocFile.HTM
Key Found : HKLM\SOFTWARE\Classes\UCHTML.AssocFile.HTML
Key Found : HKLM\SOFTWARE\Classes\UCHTML.AssocFile.MHT
Key Found : HKLM\SOFTWARE\Classes\UCHTML.AssocFile.SHTM
Key Found : HKLM\SOFTWARE\Classes\UCHTML.AssocFile.SHTML
Key Found : HKLM\SOFTWARE\Classes\UCHTML.AssocFile.WEBP
Key Found : HKLM\SOFTWARE\Classes\UCHTML.AssocFile.XHT
Key Found : HKLM\SOFTWARE\Classes\UCHTML.AssocFile.XHTML
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\fcgnigmofekcllgbiejhmigggmgehkip
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\fcgnigmofekcllgbiejhmigggmgehkip
Key Found : HKLM\SOFTWARE\Classes\metnsd
Key Found : HKLM\SOFTWARE\Classes\qmgcfiles
Key Found : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{29B6CFD5-0064-411A-8C42-9890C83F9921}
Key Found : HKCU\Software\PRODUCTSETUP
Key Found : HKCU\Software\csastats
Key Found : HKCU\Software\mtRonzap
Key Found : HKCU\Software\UCBrowserPID
Key Found : HKCU\Software\KuaiZip
Key Found : HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
Key Found : HKLM\SOFTWARE\mtRonzap
Key Found : HKLM\SOFTWARE\UCBrowserPID
Key Found : HKLM\SOFTWARE\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
Key Found : HKLM\SOFTWARE\dllpop100
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Key Found : [x64] HKLM\SOFTWARE\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
Key Found : HKU\.DEFAULT\Software\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
Key Found : HKU\S-1-5-21-2475911614-839709902-1613718654-1001\Software\PRODUCTSETUP
Key Found : HKU\S-1-5-21-2475911614-839709902-1613718654-1001\Software\csastats
Key Found : HKU\S-1-5-21-2475911614-839709902-1613718654-1001\Software\mtRonzap
Key Found : HKU\S-1-5-21-2475911614-839709902-1613718654-1001\Software\UCBrowserPID
Key Found : HKU\S-1-5-21-2475911614-839709902-1613718654-1001\Software\KuaiZip
Key Found : HKU\S-1-5-18\Software\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{528DE932-CECC-4DD6-B9F2-8269587ADBD0}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{B5D45767-D8DB-486A-9353-045B361E8C6D}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{F467A4A2-4086-49B4-924D-94555F9AE818}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{E6122292-43E3-4AD7-BF17-E1537DE2DE13}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{50D83406-7C23-44D6-A2FA-C56D57B4A2C1}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{2119D14F-7E5F-4A65-923A-C994A33AD08E}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{91E4D4CC-9273-4FD4-83D5-E31C4B492687}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{67BD5DBB-1FB0-4AD0-960C-9A8F57DAC574}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{0FF99C15-259A-42A6-B2EF-83C3D6047DAD}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{7D851A33-CCB0-4A00-A248-E006202C9330}]
Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\ProgramData\Ronzap\Strongtamplus.dll
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\ProgramData\Ronzap\Med-Air.dll
Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon [Userinit] - wscript C:\Windows\run.vbs,
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [apphide]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [msiql]
Value Found : HKU\S-1-5-21-2475911614-839709902-1613718654-1001\Software\Microsoft\Windows\CurrentVersion\Run [msiql]
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Application Hosting
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\CloudPrinter
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\Ronzap
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\backlh
***** [ Web browsers ] *****
[C:\Users\iCyPo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : fcgnigmofekcllgbiejhmigggmgehkip
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [593 bytes] - [20/06/2016 19:39:35]
C:\AdwCleaner\AdwCleaner[C2].txt - [346 bytes] - [20/06/2016 19:59:34]
C:\AdwCleaner\AdwCleaner[S1].txt - [8641 bytes] - [20/06/2016 19:35:01]
C:\AdwCleaner\AdwCleaner[S2].txt - [8581 bytes] - [20/06/2016 19:57:53]
C:\AdwCleaner\AdwCleaner[S3].txt - [8960 bytes] - [02/07/2016 09:48:32]
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [9033 bytes] ##########
