Publicité
Publicité
Format du document : text/plain
Prévisualisation
# AdwCleaner 7.0.0.0 - Logfile created on Tue Jul 18 03:51:07 2017
# Updated on 2017/17/07 by Malwarebytes
# Running on Windows 7 Ultimate (X86)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
Deleted: BackupStack
Deleted: SmdmFService
Deleted: MustangService_2015_10_10
Deleted: MustangService_2015_10_10
***** [ Folders ] *****
Deleted: C:\Program Files\PANDORA.TV
Deleted: C:\Program Files\YTDownloader
Deleted: C:\Users\iso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader
Deleted: C:\Users\iso\AppData\Local\Webplayer
Deleted: C:\Windows\System32\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar
Deleted: C:\Program Files\Assets Manager
Deleted: C:\Program Files\AVG Security Toolbar
Deleted: C:\Windows\System32\C2MP
Deleted: C:\Users\iso\AppData\Local\webplayer
Deleted: C:\ProgramData\ShopperPro
Deleted: C:\ProgramData\Application Data\ShopperPro
Deleted: C:\Program Files\ShopperPro
Deleted: C:\Users\All Users\ShopperPro
Deleted: C:\Users\All Users\Documents\ShopperPro
Deleted: C:\Users\Public\Documents\ShopperPro
Deleted: C:\Users\iso\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence
Deleted: C:\Users\iso\AppData\Roaming\RHEng
Deleted: C:\Users\iso\AppData\Roaming\OpenCandy
Deleted: C:\Windows\System32\config\systemprofile\AppData\Local\LavasoftTcpService
Deleted: C:\ProgramData\smdmf
Deleted: C:\ProgramData\Application Data\smdmf
Deleted: C:\Users\All Users\smdmf
Deleted: C:\ProgramData\TempMoudleSet
Deleted: C:\ProgramData\Application Data\TempMoudleSet
Deleted: C:\Users\All Users\TempMoudleSet
Deleted: C:\Users\iso\AppData\Roaming\DRPSu
Deleted: C:\Users\iso\AppData\Roaming\FirefoxToolbar
Deleted: C:\Program Files\Cyti Web
Deleted: C:/Program Files\Cyti Web
Deleted: C:/Program Files\SmartSound Software
Deleted: C:/ProgramData\AppMgr3.16.8591351
Deleted: C:/ProgramData\Avg_Update_0215tb
Deleted: C:/ProgramData\Avg_Update_0814tb
Deleted: C:/ProgramData\Avg_Update_1114tb
Deleted: C:/ProgramData\Avg_Update_1214tb
Deleted: \Downloaded Installers\{760B29F2-8663-419B-A025-5A55066E130B}
Deleted: \Installer\{760B29F2-8663-419B-A025-5A55066E130B}
***** [ Files ] *****
Deleted: C:\Windows\System32\roboot.exe
Deleted: C:\istartsurf.xml
Deleted: C:\Windows\System32\lavasofttcpservice.dll
Deleted: C:\Windows\System32\LavasoftTcpServiceOff.ini
Deleted: C:\Users\iso\AppData\Roaming\Mozilla\Firefox\Profiles\6azgi7cz.default\searchplugins\yahoo-lavasoft.xml
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted: Yahoo! Search Updater
Deleted: 1114tbUpdateInfo
***** [ Registry ] *****
Deleted: [Key] - HKU\S-1-5-21-976014490-3346805242-2403212102-1000\Software\Mail.Ru
Deleted: [Key] - HKCU\Software\Mail.Ru
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|Default_Page_URL [http://www.istartsurf.com/?type=hp&ts=1447504014&z=cc7cb996ef5fc5965df16b6g6z1zfmaw9edz3e6gbz&from=cor&uid=hitachixhts725032a9a364_100817pck304gkg4wn4kx]
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|IE11UpgradePageShownTime [궨鄯ǒ://www.istartsurf.com/?type=hp&ts=1447504014&z=cc7cb996ef5fc5965df16b6g6z1zfmaw9edz3e6gbz&from=cor&uid=hitachixhts725032a9a364_100817pck304gkg4wn4kx]
Deleted: [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL [http://www.istartsurf.com/web/?type=ds&ts=1447504014&z=cc7cb996ef5fc5965df16b6g6z1zfmaw9edz3e6gbz&from=cor&uid=hitachixhts725032a9a364_100817pck304gkg4wn4kx&q={searchTerms}]
Deleted: [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Page_URL [http://www.istartsurf.com/?type=hp&ts=1447504014&z=cc7cb996ef5fc5965df16b6g6z1zfmaw9edz3e6gbz&from=cor&uid=hitachixhts725032a9a364_100817pck304gkg4wn4kx]
Deleted: [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Search Page [http://www.istartsurf.com/web/?type=ds&ts=1447504014&z=cc7cb996ef5fc5965df16b6g6z1zfmaw9edz3e6gbz&from=cor&uid=hitachixhts725032a9a364_100817pck304gkg4wn4kx&q={searchTerms}]
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{26FA36D5-229A-4539-884A-54CDFD498B76}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{3C4BFB1C-F495-4105-8581-227065493B74}
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\SearchScopes|DoNotAskAgain
Deleted: [Value] - HKU\S-1-5-21-976014490-3346805242-2403212102-1000\Software\Microsoft\Internet Explorer\SearchScopes|DoNotAskAgain
Deleted: [Value] - HKU\S-1-5-21-976014490-3346805242-2403212102-1000\Software\Microsoft\Internet Explorer\SearchScopes|DoNotAskAgain
Deleted: [Key] - HKU\S-1-5-21-976014490-3346805242-2403212102-1000\Software\Video Player
Deleted: [Key] - HKCU\Software\Video Player
Deleted: [Key] - HKU\S-1-5-21-976014490-3346805242-2403212102-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Search
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Search
Deleted: [Key] - HKU\S-1-5-21-976014490-3346805242-2403212102-1000\Software\APN PIP
Deleted: [Key] - HKCU\Software\APN PIP
Deleted: [Key] - HKLM\SOFTWARE\PIP
Deleted: [Key] - HKU\S-1-5-21-976014490-3346805242-2403212102-1000\Software\OB
Deleted: [Key] - HKCU\Software\OB
Deleted: [Key] - HKU\S-1-5-21-976014490-3346805242-2403212102-1000\Software\TeleCharger
Deleted: [Key] - HKCU\Software\TeleCharger
Deleted: [Key] - HKU\S-1-5-21-976014490-3346805242-2403212102-1000\Software\Mozilla\Extends
Deleted: [Key] - HKCU\Software\Mozilla\Extends
Deleted: [Key] - HKLM\SOFTWARE\Lavasoft\Web Companion
Deleted: [Key] - HKU\S-1-5-21-976014490-3346805242-2403212102-1000\Software\ICSW1.23
Deleted: [Key] - HKCU\Software\ICSW1.23
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{D813D5BB-EBC7-45F9-B8A4-36A305168069}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{20B9C05C-99C9-4BAB-B596-FB0C0E1C9F55}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{61AB12E1-A5FF-11D1-B2E9-444553540000}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{82351441-9094-11D1-A24B-00A0C932C7DF}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{85198F55-85AC-498A-BFE4-BBC33840F4AB}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{6DC82D15-92F2-11D1-A255-00A0C932C7DF}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\SysMenu.DLL
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Deleted: [Value] - HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls|x64
Deleted: [Value] - HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls|x64
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls|x64
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted: [Key] - HKLM\SOFTWARE\ShopperPro
Deleted: [Key] - HKLM\SOFTWARE\istartsurfSoftware
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{26FA36D5-229A-4539-884A-54CDFD498B76}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{3C4BFB1C-F495-4105-8581-227065493B74}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\LavasoftTcpService.exe
Deleted: [Key] - HKLM\SOFTWARE\SystemK
Deleted: [Key] - HKLM\SOFTWARE\Systemk
Deleted: [Key] - HKLM\SOFTWARE\SmdmF
Deleted: [Key] - HKU\S-1-5-21-976014490-3346805242-2403212102-1000\Software\SmdmF
Deleted: [Key] - HKCU\Software\SmdmF
Deleted: [Key] - HKLM\SOFTWARE\ihpmserver
Deleted: [Key] - HKLM\SOFTWARE\RayDld
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{8DD92279-9B04-4C6F-A862-EF3C24603804}
Deleted: [Key] - HKLM\SOFTWARE\YTDownloader
Deleted: [Key] - HKU\S-1-5-21-976014490-3346805242-2403212102-1000\Software\YTDownloader
Deleted: [Key] - HKCU\Software\YTDownloader
Deleted: [Key] - HKU\S-1-5-21-976014490-3346805242-2403212102-1000\Software\Linkey
Deleted: [Key] - HKCU\Software\Linkey
Deleted: [Key] - HKU\S-1-5-21-976014490-3346805242-2403212102-1000\Software\InstallCore
Deleted: [Key] - HKCU\Software\InstallCore
Deleted: [Key] - HKU\S-1-5-21-976014490-3346805242-2403212102-1000\Software\csastats
Deleted: [Key] - HKCU\Software\csastats
Deleted: [Key] - HKU\S-1-5-21-976014490-3346805242-2403212102-1000\Software\PRODUCTSETUP
Deleted: [Key] - HKCU\Software\PRODUCTSETUP
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
Deleted: [Key] - HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{760B29F2-8663-419B-A025-5A55066E130B}
***** [ Firefox (and derivatives) ] *****
Plugin deleted: deskCut - lightningnewtab.com
Plugin deleted: Shopper-Pro - Goobzo
SearchProvider deleted: http://mysearch.avg.com/search?cid={00BF3BCC-FD7D-409F-AC7D-61211A9EB2B9}&mid=caa3eefb7e6f47d3854eb1a22fba6184-3f15a39653afaeed7e3194fae4c320a666d1bbe3&lang=en&ds=co011&coid=avgtbdisco&cmpid=0814tb&&pr=sa&d=2013-11-08 10:13:10&v=17.2.0.38&pid=safeguard&sg=0&sap=dsp&q={searchTerms} - AVG Secure Search
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [16766 B] - [2017/7/18 3:48:37]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
# Updated on 2017/17/07 by Malwarebytes
# Running on Windows 7 Ultimate (X86)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
Deleted: BackupStack
Deleted: SmdmFService
Deleted: MustangService_2015_10_10
Deleted: MustangService_2015_10_10
***** [ Folders ] *****
Deleted: C:\Program Files\PANDORA.TV
Deleted: C:\Program Files\YTDownloader
Deleted: C:\Users\iso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader
Deleted: C:\Users\iso\AppData\Local\Webplayer
Deleted: C:\Windows\System32\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar
Deleted: C:\Program Files\Assets Manager
Deleted: C:\Program Files\AVG Security Toolbar
Deleted: C:\Windows\System32\C2MP
Deleted: C:\Users\iso\AppData\Local\webplayer
Deleted: C:\ProgramData\ShopperPro
Deleted: C:\ProgramData\Application Data\ShopperPro
Deleted: C:\Program Files\ShopperPro
Deleted: C:\Users\All Users\ShopperPro
Deleted: C:\Users\All Users\Documents\ShopperPro
Deleted: C:\Users\Public\Documents\ShopperPro
Deleted: C:\Users\iso\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence
Deleted: C:\Users\iso\AppData\Roaming\RHEng
Deleted: C:\Users\iso\AppData\Roaming\OpenCandy
Deleted: C:\Windows\System32\config\systemprofile\AppData\Local\LavasoftTcpService
Deleted: C:\ProgramData\smdmf
Deleted: C:\ProgramData\Application Data\smdmf
Deleted: C:\Users\All Users\smdmf
Deleted: C:\ProgramData\TempMoudleSet
Deleted: C:\ProgramData\Application Data\TempMoudleSet
Deleted: C:\Users\All Users\TempMoudleSet
Deleted: C:\Users\iso\AppData\Roaming\DRPSu
Deleted: C:\Users\iso\AppData\Roaming\FirefoxToolbar
Deleted: C:\Program Files\Cyti Web
Deleted: C:/Program Files\Cyti Web
Deleted: C:/Program Files\SmartSound Software
Deleted: C:/ProgramData\AppMgr3.16.8591351
Deleted: C:/ProgramData\Avg_Update_0215tb
Deleted: C:/ProgramData\Avg_Update_0814tb
Deleted: C:/ProgramData\Avg_Update_1114tb
Deleted: C:/ProgramData\Avg_Update_1214tb
Deleted: \Downloaded Installers\{760B29F2-8663-419B-A025-5A55066E130B}
Deleted: \Installer\{760B29F2-8663-419B-A025-5A55066E130B}
***** [ Files ] *****
Deleted: C:\Windows\System32\roboot.exe
Deleted: C:\istartsurf.xml
Deleted: C:\Windows\System32\lavasofttcpservice.dll
Deleted: C:\Windows\System32\LavasoftTcpServiceOff.ini
Deleted: C:\Users\iso\AppData\Roaming\Mozilla\Firefox\Profiles\6azgi7cz.default\searchplugins\yahoo-lavasoft.xml
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted: Yahoo! Search Updater
Deleted: 1114tbUpdateInfo
***** [ Registry ] *****
Deleted: [Key] - HKU\S-1-5-21-976014490-3346805242-2403212102-1000\Software\Mail.Ru
Deleted: [Key] - HKCU\Software\Mail.Ru
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|Default_Page_URL [http://www.istartsurf.com/?type=hp&ts=1447504014&z=cc7cb996ef5fc5965df16b6g6z1zfmaw9edz3e6gbz&from=cor&uid=hitachixhts725032a9a364_100817pck304gkg4wn4kx]
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|IE11UpgradePageShownTime [궨鄯ǒ://www.istartsurf.com/?type=hp&ts=1447504014&z=cc7cb996ef5fc5965df16b6g6z1zfmaw9edz3e6gbz&from=cor&uid=hitachixhts725032a9a364_100817pck304gkg4wn4kx]
Deleted: [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL [http://www.istartsurf.com/web/?type=ds&ts=1447504014&z=cc7cb996ef5fc5965df16b6g6z1zfmaw9edz3e6gbz&from=cor&uid=hitachixhts725032a9a364_100817pck304gkg4wn4kx&q={searchTerms}]
Deleted: [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Page_URL [http://www.istartsurf.com/?type=hp&ts=1447504014&z=cc7cb996ef5fc5965df16b6g6z1zfmaw9edz3e6gbz&from=cor&uid=hitachixhts725032a9a364_100817pck304gkg4wn4kx]
Deleted: [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Search Page [http://www.istartsurf.com/web/?type=ds&ts=1447504014&z=cc7cb996ef5fc5965df16b6g6z1zfmaw9edz3e6gbz&from=cor&uid=hitachixhts725032a9a364_100817pck304gkg4wn4kx&q={searchTerms}]
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{26FA36D5-229A-4539-884A-54CDFD498B76}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{3C4BFB1C-F495-4105-8581-227065493B74}
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\SearchScopes|DoNotAskAgain
Deleted: [Value] - HKU\S-1-5-21-976014490-3346805242-2403212102-1000\Software\Microsoft\Internet Explorer\SearchScopes|DoNotAskAgain
Deleted: [Value] - HKU\S-1-5-21-976014490-3346805242-2403212102-1000\Software\Microsoft\Internet Explorer\SearchScopes|DoNotAskAgain
Deleted: [Key] - HKU\S-1-5-21-976014490-3346805242-2403212102-1000\Software\Video Player
Deleted: [Key] - HKCU\Software\Video Player
Deleted: [Key] - HKU\S-1-5-21-976014490-3346805242-2403212102-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Search
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Search
Deleted: [Key] - HKU\S-1-5-21-976014490-3346805242-2403212102-1000\Software\APN PIP
Deleted: [Key] - HKCU\Software\APN PIP
Deleted: [Key] - HKLM\SOFTWARE\PIP
Deleted: [Key] - HKU\S-1-5-21-976014490-3346805242-2403212102-1000\Software\OB
Deleted: [Key] - HKCU\Software\OB
Deleted: [Key] - HKU\S-1-5-21-976014490-3346805242-2403212102-1000\Software\TeleCharger
Deleted: [Key] - HKCU\Software\TeleCharger
Deleted: [Key] - HKU\S-1-5-21-976014490-3346805242-2403212102-1000\Software\Mozilla\Extends
Deleted: [Key] - HKCU\Software\Mozilla\Extends
Deleted: [Key] - HKLM\SOFTWARE\Lavasoft\Web Companion
Deleted: [Key] - HKU\S-1-5-21-976014490-3346805242-2403212102-1000\Software\ICSW1.23
Deleted: [Key] - HKCU\Software\ICSW1.23
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{D813D5BB-EBC7-45F9-B8A4-36A305168069}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{20B9C05C-99C9-4BAB-B596-FB0C0E1C9F55}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{61AB12E1-A5FF-11D1-B2E9-444553540000}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{82351441-9094-11D1-A24B-00A0C932C7DF}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{85198F55-85AC-498A-BFE4-BBC33840F4AB}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{6DC82D15-92F2-11D1-A255-00A0C932C7DF}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\SysMenu.DLL
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Deleted: [Value] - HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls|x64
Deleted: [Value] - HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls|x64
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls|x64
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted: [Key] - HKLM\SOFTWARE\ShopperPro
Deleted: [Key] - HKLM\SOFTWARE\istartsurfSoftware
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{26FA36D5-229A-4539-884A-54CDFD498B76}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{3C4BFB1C-F495-4105-8581-227065493B74}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\LavasoftTcpService.exe
Deleted: [Key] - HKLM\SOFTWARE\SystemK
Deleted: [Key] - HKLM\SOFTWARE\Systemk
Deleted: [Key] - HKLM\SOFTWARE\SmdmF
Deleted: [Key] - HKU\S-1-5-21-976014490-3346805242-2403212102-1000\Software\SmdmF
Deleted: [Key] - HKCU\Software\SmdmF
Deleted: [Key] - HKLM\SOFTWARE\ihpmserver
Deleted: [Key] - HKLM\SOFTWARE\RayDld
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{8DD92279-9B04-4C6F-A862-EF3C24603804}
Deleted: [Key] - HKLM\SOFTWARE\YTDownloader
Deleted: [Key] - HKU\S-1-5-21-976014490-3346805242-2403212102-1000\Software\YTDownloader
Deleted: [Key] - HKCU\Software\YTDownloader
Deleted: [Key] - HKU\S-1-5-21-976014490-3346805242-2403212102-1000\Software\Linkey
Deleted: [Key] - HKCU\Software\Linkey
Deleted: [Key] - HKU\S-1-5-21-976014490-3346805242-2403212102-1000\Software\InstallCore
Deleted: [Key] - HKCU\Software\InstallCore
Deleted: [Key] - HKU\S-1-5-21-976014490-3346805242-2403212102-1000\Software\csastats
Deleted: [Key] - HKCU\Software\csastats
Deleted: [Key] - HKU\S-1-5-21-976014490-3346805242-2403212102-1000\Software\PRODUCTSETUP
Deleted: [Key] - HKCU\Software\PRODUCTSETUP
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
Deleted: [Key] - HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{760B29F2-8663-419B-A025-5A55066E130B}
***** [ Firefox (and derivatives) ] *****
Plugin deleted: deskCut - lightningnewtab.com
Plugin deleted: Shopper-Pro - Goobzo
SearchProvider deleted: http://mysearch.avg.com/search?cid={00BF3BCC-FD7D-409F-AC7D-61211A9EB2B9}&mid=caa3eefb7e6f47d3854eb1a22fba6184-3f15a39653afaeed7e3194fae4c320a666d1bbe3&lang=en&ds=co011&coid=avgtbdisco&cmpid=0814tb&&pr=sa&d=2013-11-08 10:13:10&v=17.2.0.38&pid=safeguard&sg=0&sap=dsp&q={searchTerms} - AVG Secure Search
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [16766 B] - [2017/7/18 3:48:37]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########