# AdwCleaner 7.0.1.0 - Logfile created on Fri Aug 11 13:14:50 2017 # Updated on 2017/05/08 by Malwarebytes # Running on Windows 7 Home Premium (X64) # Mode: clean # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** Deleted: Update service ***** [ Folders ] ***** Deleted: C:\Program Files\Common Files\AVG Secure Search Deleted: C:\Windows\System32\config\systemprofile\AppData\LocalLow\avg web tuneup Deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\avg web tuneup Deleted: C:\Users\July\AppData\Local\avg web tuneup Deleted: C:\Users\July\AppData\LocalLow\avg web tuneup Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader Deleted: C:\Program Files (x86)\SmartSound Software Deleted: C:\Program Files (x86)\youtubeadblocker Deleted: C:\ProgramData\18088003513945667821 Deleted: C:\ProgramData\Avg_Update_0215tb Deleted: C:\ProgramData\{3457c172-36eb-d81f-3457-7c17236e05c8} Deleted: C:\ProgramData\{a6ae0652-08a9-2454-a6ae-e065208a1948} Deleted: C:\ProgramData\{cabe5dd8-cf05-4e40-cabe-e5dd8cf07763} ***** [ Files ] ***** Deleted: C:\Windows\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb Deleted: C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** Deleted: 0116tbUpdateInfo ***** [ Registry ] ***** Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\mysearch.avg.com Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mysearch.avg.com Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mystartsearch.com Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mystartsearch.com Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{68C4FB14-E0A4-4773-9538-5FA4B424463D}C:\program files (x86)\popcorn time\chromecast\node.exe Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{6C3A0517-5DD6-471E-993B-7F08F556B403}C:\program files (x86)\popcorn time\chromecast\node.exe Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{D07C0A47-864F-4AE3-AA39-B04CC34DBB49}C:\program files (x86)\popcorn time\chromecast\node.exe Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{23178B30-E61A-4E48-891C-C570EA2EC8C7}C:\program files (x86)\popcorn time\chromecast\node.exe Deleted: [Value] - HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command| Deleted: [Value] - HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command| Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1 Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613} Deleted: [Key] - HKU\S-1-5-21-1758715510-1450827849-130790418-1000\Software\Mozilla\Extends Deleted: [Key] - HKCU\Software\Mozilla\Extends Deleted: [Key] - HKLM\SOFTWARE\AVG Tuneup Deleted: [Key] - HKU\S-1-5-21-1758715510-1450827849-130790418-1000\Software\AVG Tuneup Deleted: [Key] - HKCU\Software\AVG Tuneup Deleted: [Key] - HKLM\SOFTWARE\Lavasoft\Web Companion Deleted: [Key] - HKU\S-1-5-21-1758715510-1450827849-130790418-1000\Software\Lavasoft\Web Companion Deleted: [Key] - HKCU\Software\Lavasoft\Web Companion Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615} Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup Deleted: [Value] - HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\chrome.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb Deleted: [Value] - HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\firefox.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb Deleted: [Key] - HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh Deleted: [Key] - HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\SPVC32LDR Deleted: [Value] - HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\SPVC32Ldr|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb Deleted: [Value] - HKLM\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Custom\chrome.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb Deleted: [Value] - HKLM\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Custom\explorer.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb Deleted: [Value] - HKLM\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Custom\firefox.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb Deleted: [Value] - HKLM\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Custom\iexplore.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\Layers\SPVC32LDR Deleted: [Key] - HKLM\SOFTWARE\FFPluginHp Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\InstalledsDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd} Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\InstalledsDB\{cf2797aa-b7ec-e311-8ed9-005056c00008} Deleted: [Key] - HKCU\Software\Classes\TypeLib\{157B1AA6-3E5C-404A-9118-C1D91F537040} Deleted: [Key] - HKU\S-1-5-21-1758715510-1450827849-130790418-1000\Software\Classes\TypeLib\{157B1AA6-3E5C-404A-9118-C1D91F537040} Deleted: [Key] - HKLM\SOFTWARE\mystartsearchSoftware Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0116tbUpdateInfo ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries deleted. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries deleted. ************************* ::Tracing keys deleted ::Winsock settings cleared ::Additional Actions: 0 ************************* C:/AdwCleaner/AdwCleaner[S0].txt - [7097 B] - [2017/8/11 13:13:51] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########