# AdwCleaner 7.0.2.1 - Logfile created on Wed Aug 30 11:13:44 2017 # Updated on 2017/29/08 by Malwarebytes # Running on Windows 10 Home (X64) # Mode: clean # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** Deleted: WtuSystemSupport Deleted: chip1click Deleted: vToolbarUpdater40.3.8 ***** [ Folders ] ***** Deleted: C:\ProgramData\BSD\DriverHive Deleted: C:\Users\All Users\BSD\DriverHive Deleted: C:\Users\Public\Documents\\dmp Deleted: C:\Program Files\Common Files\AVG Secure Search Deleted: C:\Program Files (x86)\Common Files\AVG Secure Search Deleted: C:\ProgramData\AVG Security Toolbar Deleted: C:\Users\All Users\AVG Security Toolbar Deleted: C:\Users\Computer\AppData\Roaming\DriverCure Deleted: C:\Users\Computer\AppData\Local\YSearchUtil Deleted: C:\ProgramData\avg web tuneup Deleted: C:\Program Files\avg web tuneup Deleted: C:\Program Files (x86)\avg web tuneup Deleted: C:\Users\All Users\avg web tuneup Deleted: C:\Users\Computer\AppData\Local\avg web tuneup Deleted: C:\Users\Computer\AppData\Local\Downloaded Installers Deleted: C:\Users\Public\Documents\Downloaded Installers Deleted: C:\Program Files (x86)\Yahoo!\yset Deleted: C:\Users\Computer\AppData\Local\AdvinstAnalytics Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimpleStar Deleted: C:\ProgramData\SimpleStar Deleted: C:\Users\All Users\SimpleStar Deleted: C:\Program Files (x86)\Chip Digital GmbH Deleted: C:\Users\Computer\AppData\Local\Downloaded Installations\{DAD82379-C684-4D04-83D5-2B9934A9C362} Deleted: C:\Windows\\Installer\{503CA94E-0834-4CEE-AD92-BA17AF4E809A} Deleted: C:\Program Files (x86)\CHIP Updater Deleted: C:\Users\Computer\AppData\Roaming\RenewSoftware.com Deleted: C:\Users\Computer\AppData\Local\VideoConverter Deleted: C:\ProgramData\PARETOLOGIC Deleted: C:\Program Files (x86)\Common Files\PARETOLOGIC Deleted: C:\Users\All Users\PARETOLOGIC Deleted: C:\Users\Computer\AppData\Roaming\PARETOLOGIC Deleted: C:\Users\Computer\AppData\Roaming\RHEng Deleted: C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASPackage Deleted: C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASPackage Deleted: C:\ProgramData\slimware utilities inc Deleted: C:\Users\All Users\slimware utilities inc Deleted: C:\Users\Computer\AppData\Local\slimware utilities inc Deleted: C:\ProgramData\SlimWare Utilities Inc Deleted: C:\Users\All Users\SlimWare Utilities Inc Deleted: C:\Users\Computer\AppData\Local\SlimWare Utilities Inc ***** [ Files ] ***** Deleted: C:\END Deleted: C:\Windows\System32\lavasofttcpservice.dll Deleted: C:\Windows\SysWOW64\lavasofttcpservice.dll Deleted: C:\Windows\SysNative\LavasoftTcpService64.dll Deleted: C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\85pf4r00.default-1425491253211\searchplugins\avg-secure-search.xml ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks deleted. ***** [ Registry ] ***** Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|Start Page [https:\\mysearch.avg.com\?cid={2E2055F0-0870-4141-B270-6EEA055F6394}&mid=9c02c083121a47cc905b69de1c6349fd-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=de&ds=AVG&coid=avgtbavg&cmpid=0916tb&pr=fr&d=2016-07-25 21:28:10&v=4.3.5.160&pid=wtu&sg=&sap=hp] Deleted: [Key] - HKU\S-1-5-21-3993077788-801993031-1647673089-1000\Software\estdemin Deleted: [Key] - HKCU\Software\estdemin Deleted: [Key] - HKLM\SOFTWARE\ParetoLogic Deleted: [Key] - HKU\S-1-5-21-3993077788-801993031-1647673089-1000\Software\ParetoLogic Deleted: [Key] - HKCU\Software\ParetoLogic Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! SearchSet Deleted: [Key] - HKU\S-1-5-21-3993077788-801993031-1647673089-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21} Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21} Deleted: [Key] - HKU\S-1-5-21-3993077788-801993031-1647673089-1000\Software\Microsoft\Tinstalls Deleted: [Key] - HKCU\Software\Microsoft\Tinstalls Deleted: [Key] - HKU\S-1-5-21-3993077788-801993031-1647673089-1000\Software\dobreprogramy Deleted: [Key] - HKCU\Software\dobreprogramy Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Eusing Free Registry Cleaner Deleted: [Key] - HKLM\SOFTWARE\AVG Tuneup Deleted: [Key] - HKLM\SOFTWARE\Lavasoft\Web Companion Deleted: [Key] - HKU\S-1-5-21-3993077788-801993031-1647673089-1000\Software\TWEAKBIT Deleted: [Key] - HKCU\Software\TWEAKBIT Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchy Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DD0688A5-FC8B-4E93-A485-CBF606A56D49} Deleted: [Key] - HKLM\SOFTWARE\Microsoft\DMunversion Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615} Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{08ACFB57-8187-47F0-AF93-56360D03634A} Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7} Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{94CB6BE7-AE1A-4751-AE74-1EDD6B567264} Deleted: [Key] - HKLM\SOFTWARE\MozillaPlugins\@avg.com\AVG SiteSafety plugin,version=11.0.0.1,application\x-avg-sitesafety-plugin Deleted: [Key] - HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\mseff32.DLL Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{503CA94E-0834-4CEE-AD92-BA17AF4E809A} Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\04A063A0BBEACF54EAEF493C49D9E3F6 Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\04A063A0BBEACF54EAEF493C49D9E3F6 Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E49AC3054380EEC4DA29AB71FAE408A9 Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Features\E49AC3054380EEC4DA29AB71FAE408A9 Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Products\E49AC3054380EEC4DA29AB71FAE408A9 Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\chip 1-click download service Deleted: [Key] - HKLM\SOFTWARE\BSD Deleted: [Key] - HKU\S-1-5-21-3993077788-801993031-1647673089-1000\Software\BSD Deleted: [Key] - HKCU\Software\BSD Deleted: [Key] - HKLM\SOFTWARE\Yahoo\SS Deleted: [Key] - HKU\S-1-5-21-3993077788-801993031-1647673089-1000\Software\Linkey Deleted: [Key] - HKCU\Software\Linkey Deleted: [Key] - HKLM\SOFTWARE\Microsoft\APreSam Deleted: [Key] - HKLM\SOFTWARE\Microsoft\NSaveA Deleted: [Key] - HKLM\SOFTWARE\Microsoft\PrAmNP Deleted: [Key] - HKLM\SOFTWARE\Microsoft\MPrForShutT Deleted: [Key] - HKLM\SOFTWARE\Microsoft\PrIncub Deleted: [Key] - HKU\S-1-5-21-3993077788-801993031-1647673089-1000\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d} Deleted: [Key] - HKCU\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d} Deleted: [Key] - HKLM\SOFTWARE\Auslogics Deleted: [Key] - HKLM\SOFTWARE\SlimWare Utilities Inc Deleted: [Key] - HKU\S-1-5-21-3993077788-801993031-1647673089-1000\Software\SlimWare Utilities Inc Deleted: [Key] - HKCU\Software\SlimWare Utilities Inc Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908} Deleted: [Key] - HKLM\SOFTWARE\Classes\ctTOOLBAR.ctToolBarCtrl.4 ***** [ Firefox (and derivatives) ] ***** Plugin deleted: Search and New Tab by Yahoo - Yahoo ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries deleted. ************************* ::Tracing keys deleted ::Winsock settings cleared ::Additional Actions: 0 ************************* C:/AdwCleaner/AdwCleaner[S0].txt - [9610 B] - [2017/8/30 10:59:10] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########