# ------------------------------- # Malwarebytes AdwCleaner 7.1.1.0 # ------------------------------- # Build: 04-27-2018 # Database: 2018-04-24.1 # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 05-05-2018 # Duration: 00:00:15 # OS: Windows 10 Home # Cleaned: 91 # Failed: 1 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** Deleted C:\ProgramData\AVG_UPDATE_0814TB Deleted C:\Program Files (x86)\Common Files\Software Update Utility Deleted C:\Program Files (x86)\Shopping Sidekick Plugin Deleted C:\Users\WIYAO\AppData\Local\Shopping Sidekick Plugin Deleted C:\Program Files (x86)\AVG Security Toolbar Deleted C:\Users\WIYAO\music\qtrax media library Deleted C:\Program Files (x86)\SaveValet ***** [ Files ] ***** Deleted C:\Program Files (x86)\Mozilla Firefox\avg-secure-search.xml ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** Deleted C:\Windows\Tasks\AVG-SECURE-SEARCH-UPDATE_JUNE2013_TB_RMV.JOB ***** [ Registry ] ***** Deleted HKLM\Software\Wow6432Node\5b578a8ab73eee10 Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{76E48B6F-9B25-41FB-8C5B-7BF32123F3C1} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG-Secure-Search-Update_JUNE2013_TB_rmv Deleted HKCU\Software\Microsoft\Internet Explorer\TabbedBrowsing|bProtectShowTabsWelcome Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings Deleted HKCU\Software\AppDataLow\Software\Shopping Sidekick Plugin Deleted HKCU\Software\qtrax Deleted HKU\S-1-5-18\Software\AVG Secure Search Deleted HKU\.DEFAULT\Software\AVG Secure Search Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA} Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\20E71B53321C641458DBDAF83979D193 Deleted HKLM\Software\Classes\Installer\UpgradeCodes\20E71B53321C641458DBDAF83979D193 Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7 Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193 Deleted HKLM\Software\Classes\Installer\Features\3192AA38321C641458DBDAF83979D193 Deleted HKLM\SOFTWARE\CLASSES\b Deleted HKCU\Software\Microsoft\Internet Explorer\Main|bprotector start page Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC} Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Deleted HKLM\Software\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Deleted HKLM\Software\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0} Deleted HKLM\Software\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0} Deleted HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Deleted HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575} Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D} Deleted HKLM\Software\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D} Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE} Deleted HKLM\Software\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE} Deleted HKLM\Software\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997} Deleted HKLM\Software\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997} Deleted HKLM\Software\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E} Deleted HKLM\Software\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E} Deleted HKLM\Software\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD} Deleted HKLM\Software\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD} Deleted HKLM\Software\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020} Deleted HKLM\Software\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020} Deleted HKLM\Software\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68} Deleted HKLM\Software\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68} Deleted HKLM\Software\Wow6432Node\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393} Deleted HKLM\Software\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393} Deleted HKLM\Software\Wow6432Node\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037} Deleted HKLM\Software\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037} Deleted HKLM\Software\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047} Deleted HKLM\Software\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047} Deleted HKLM\Software\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599} Deleted HKLM\Software\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599} Deleted HKLM\Software\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F} Deleted HKLM\Software\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F} Deleted HKLM\Software\Wow6432Node\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993} Deleted HKLM\Software\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993} Deleted HKLM\Software\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D} Deleted HKLM\Software\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D} Deleted HKLM\Software\Wow6432Node\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1} Deleted HKLM\Software\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1} Deleted HKLM\Software\Wow6432Node\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} Deleted HKLM\Software\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70} Deleted HKLM\Software\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70} Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Deleted HKLM\Software\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Deleted HKLM\Software\Wow6432Node\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Deleted HKLM\Software\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3F198B95-7E5F-4E51-BFFB-02D1E3852888} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F198B95-7E5F-4E51-BFFB-02D1E3852888} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\QtraxPlayer Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B0E97EA9-89AE-4675-BB60-8F43E201CC30} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B0E97EA9-89AE-4675-BB60-8F43E201CC30} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\mysearchdial Deleted HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1585671971-3633617115-168381053-1000\Software\SweetIM ***** [ Chromium (and derivatives) ] ***** Not Deleted Freemake Video Converter ***** [ Chromium URLs ] ***** Deleted MyStart Search Deleted Conduit Search ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########