# ------------------------------- # Malwarebytes AdwCleaner 7.2.2.0 # ------------------------------- # Build: 07-17-2018 # Database: 2018-08-13.2 # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 08-17-2018 # Duration: 00:00:06 # OS: Windows 10 Home # Cleaned: 56 # Failed: 1 ***** [ Services ] ***** Deleted YSearchUtilSvc ***** [ Folders ] ***** Deleted C:\ProgramData\1E29D23600007A93 Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\???? Deleted C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\???? Deleted C:\Program Files\Common Files\Tencent Deleted C:\Program Files (x86)\Yahoo!\yset Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil Deleted C:\Users\Matthias\AppData\Local\YSearchUtil Deleted C:\Users\Matthias\Desktop\Tuto Deleted C:\ProgramData\AGI ***** [ Files ] ***** Deleted C:\Windows\System32\drivers\TFsFltX64.sys Deleted C:\Windows\SysWOW64\MMInstaller.dll ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ConvertAd Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|WindApp Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SU Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21} Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21} Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! SearchSet Deleted HKCU\Software\Kromtech Deleted HKLM\Software\Wow6432Node\SpeedBit Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|AndroidServer.exe Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|SmartWeb Deleted HKLM\Software\Wow6432Node\Classes\AppID\DownloadProxy.EXE Deleted HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{8519F1E4-E25B-42B1-B361-0C643F45CF11} Deleted HKLM\Software\Classes\TypeLib\{8519F1E4-E25B-42B1-B361-0C643F45CF11} Deleted HKLM\Software\Wow6432Node\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A} Deleted HKLM\Software\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A} Deleted HKLM\Software\Wow6432Node\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270} Deleted HKLM\Software\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146} Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{6E1533F0-E0B5-465A-9F16-98FF0C76D493} Deleted HKLM\Software\Classes\TypeLib\{6E1533F0-E0B5-465A-9F16-98FF0C76D493} Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{29B6CFD5-0064-411A-8C42-9890C83F9921} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{EC0FA563-E0F2-406F-8659-1E728458A91E} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{88260EA6-BC91-42DF-ABEF-4A683E8A3C23} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{4C097DF1-0716-4FA1-84A9-025BC1E7B03F} Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved|{754DF2CE-51E8-4895-B53C-6381418B84AE} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{754DF2CE-51E8-4895-B53C-6381418B84AE} Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{50F4150A-48B2-417A-BE4C-C83F580FB904} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64} Deleted HKLM\Software\Wow6432Node\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E} Deleted HKLM\Software\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E} Deleted HKLM\Software\Wow6432Node\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1} Deleted HKLM\Software\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1} Deleted HKLM\Software\Classes\METNSD Deleted HKLM\Software\Classes\qmgcfiles Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|qqlive Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{8B2BBEEC-3A3A-4A8F-A81B-822B668889D0} Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5EF7B131-C278-4034-BC88-2CE28B128681} Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D9EBCF5D-3F8F-4B6A-89BA-70577BE73C62} Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F7E55BDF-9528-46BA-B550-777859627591} ***** [ Chromium (and derivatives) ] ***** Deleted Recherche et nouvel onglet de Yahoo ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** Deleted Zotero Bibliography Locale Switcher ***** [ Firefox URLs ] ***** Not Deleted oursurfing.com ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [6774 octets] - [17/08/2018 19:54:46] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########