# AdwCleaner 7.0.2.1 - Logfile created on Fri Sep 08 06:40:20 2017 # Updated on 2017/29/08 by Malwarebytes # Running on Windows 10 Home (X64) # Mode: clean # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services deleted. ***** [ Folders ] ***** Deleted: C:\Program Files (x86)\DriverToolkit Deleted: C:\Users\Klaas\AppData\Local\DriverToolkit Deleted: C:\Users\Klaas\AppData\Roaming\1H1Q Deleted: C:\Users\Klaas\AppData\Local\AVG Secure Search Deleted: C:\Users\Klaas\AppData\LocalLow\AVG Secure Search Deleted: C:\Users\Klaas\AppData\Roaming\AVG Secure Search Deleted: C:\ProgramData\AVG Security Toolbar Deleted: C:\ProgramData\Application Data\AVG Security Toolbar Deleted: C:\Program Files (x86)\AVG Security Toolbar Deleted: C:\Users\All Users\AVG Security Toolbar Deleted: C:\Program Files (x86)\Uniblue Deleted: C:\Users\Public\Documents\Downloaded Installers Deleted: C:\Users\Klaas\AppData\Roaming\1h1q Deleted: C:\ProgramData\Partner Deleted: C:\ProgramData\Application Data\Partner Deleted: C:\Users\All Users\Partner Deleted: C:\Users\Klaas\AppData\Roaming\DriverPack Notifier Deleted: C:\Users\Klaas\AppData\Roaming\DRPSu Deleted: C:\Users\Klaas\AppData\Roaming\Systweak Deleted: C:\Users\Klaas\AppData\Local\slimware utilities inc Deleted: C:\Users\Klaas\AppData\Local\SlimWare Utilities Inc Deleted: C:\ProgramData\Avg_Update_0814tb Deleted: C:\ProgramData\Avg_Update_1215av ***** [ Files ] ***** Deleted: C:\Windows\SysNative\drivers\swdumon.sys Deleted: C:\Windows\SysNative\roboot64.exe ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks deleted. ***** [ Registry ] ***** Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\isearch.avg.com Deleted: [Key] - HKU\S-1-5-21-2493349215-1570600307-3789144642-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\File Opener Packages Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\File Opener Packages Deleted: [Key] - HKU\S-1-5-21-2493349215-1570600307-3789144642-1000\Software\DriverToolkit Deleted: [Key] - HKCU\Software\DriverToolkit Deleted: [Key] - HKLM\SOFTWARE\AVG Secure Search Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search Deleted: [Key] - HKU\S-1-5-21-2493349215-1570600307-3789144642-1000\Software\AVG Secure Search Deleted: [Key] - HKCU\Software\AVG Secure Search Deleted: [Key] - HKLM\SOFTWARE\AVG Security Toolbar Deleted: [Key] - HKU\S-1-5-21-2493349215-1570600307-3789144642-1000\Software\AVG Security Toolbar Deleted: [Key] - HKCU\Software\AVG Security Toolbar Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE} Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237} Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615} Deleted: [Key] - HKCU\Software\Classes\CLSID\{BEBBC426-4F16-4567-8FE1-BE198C982027} Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Deleted: [Key] - HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh Deleted: [Key] - HKU\S-1-5-21-2493349215-1570600307-3789144642-1000\Software\AppDataLow\Software\Safer-Surf Deleted: [Key] - HKCU\Software\AppDataLow\Software\Safer-Surf Deleted: [Key] - HKLM\SOFTWARE\drpsu Deleted: [Key] - HKU\S-1-5-21-2493349215-1570600307-3789144642-1000\Software\drpsu Deleted: [Key] - HKCU\Software\drpsu Deleted: [Key] - HKLM\SOFTWARE\systweak Deleted: [Key] - HKU\S-1-5-21-2493349215-1570600307-3789144642-1000\Software\systweak Deleted: [Key] - HKCU\Software\systweak Deleted: [Key] - HKU\S-1-5-21-2493349215-1570600307-3789144642-1000\Software\InstallCore Deleted: [Key] - HKCU\Software\InstallCore Deleted: [Key] - HKLM\SOFTWARE\SlimWare Utilities Inc Deleted: [Key] - HKU\S-1-5-21-2493349215-1570600307-3789144642-1000\Software\SlimWare Utilities Inc Deleted: [Key] - HKCU\Software\SlimWare Utilities Inc ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries deleted. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries deleted. ************************* ::Tracing keys deleted ::Winsock settings cleared ::Additional Actions: 0 ************************* C:/AdwCleaner/AdwCleaner[S0].txt - [6788 B] - [2017/9/8 6:39:8] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########