Wow! Van not believe how much stuff there was!
Reports:
Ad Cleaner: +++++++++++++++
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-05.4 (Cloud)
# Support:
https://www.malwarebytes.com/support#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-07-2019
# Duration: 00:00:09
# OS: Windows 10 Pro
# Cleaned: 31
# Failed: 2
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files\Reimage
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reimage repair
Deleted C:\ProgramData\Reimage Protector
Deleted C:\Windows\System32\config\systemprofile\AppData\Local\WebDiscoverBrowser
Deleted C:\rei
***** [ Files ] *****
Deleted C:\Users\geek9\AppData\Roaming\Mozilla\Firefox\Profiles\i8sbflim.default\searchplugins\avg-secure-search.xml
Deleted C:\Windows\Reimage.ini
Deleted C:\Windows\Temp\reimage.log
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1G1R1P1V0A1Q1Q0O1G
Deleted HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F
Deleted HKCU\Software\Reimage
Deleted HKCU\Software\WebDiscoverBrowser
Deleted HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Deleted HKLM\Software\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted HKLM\Software\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted HKLM\Software\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Deleted HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Classes\REI_AxControl.ReiEngine
Deleted HKLM\Software\Classes\REI_AxControl.ReiEngine.1
Deleted HKLM\Software\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Codec Settings UAC Manager
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Codec Settings UAC Manager
Deleted HKLM\Software\Reimage
Deleted HKLM\Software\WebDiscoverBrowser
Deleted HKU\.DEFAULT\Software\WebDiscoverBrowser
Deleted HKU\S-1-5-18\Software\WebDiscoverBrowser
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
Deleted
https://mysearch.avg.com/?rvt=1&pid=bcuDeleted
https://mysearch.avg.com/?rvt=1&pid=bcuNot Deleted webtuneup.avg.com
Not Deleted webtuneup.avg.com
*************************
- Delete Tracing Keys
- Reset Winsock
*************************
AdwCleaner[S00].txt - [1569 octets] - [07/03/2019 12:07:14]
AdwCleaner[C00].txt - [1661 octets] - [07/03/2019 12:09:32]
AdwCleaner[S01].txt - [4021 octets] - [07/04/2019 12:05:12]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
Malwarebyres: ========================
Malwarebytes
www.malwarebytes.com-Log Details-
Scan Date: 4/7/19
Scan Time: 12:22 PM
Log File: 8aa0a846-596a-11e9-9a9c-00219b6a717e.json
-Software Information-
Version: 3.7.1.2839
Components Version: 1.0.563
Update Package Version: 1.0.10038
License: Expired
-System Information-
OS: Windows 10 (Build 18356.1)
CPU: x86
File System: NTFS
User: DESKTOP-T35LOPR\geek9
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 181231
Threats Detected: 15
Threats Quarantined: 15
Time Elapsed: 3 min, 15 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 4
PUP.Optional.SearchManager, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\NAHHMPBCKPGDIDFNMFKFGIFLPJIJILCE, Quarantined, [2063], [440037],1.0.10038
PUP.Optional.SearchManager, HKU\S-1-5-21-1999882772-3128741223-438591315-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\nahhmpbckpgdidfnmfkfgiflpjijilce, Quarantined, [2063], [440037],1.0.10038
PUP.Optional.SearchManager, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, Quarantined, [2063], [183362],1.0.10038
PUP.Optional.SearchManager, HKU\S-1-5-21-1999882772-3128741223-438591315-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, Quarantined, [2063], [183362],1.0.10038
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 2
PUP.Optional.Reimage, C:\ProgramData\ReimageRepair\Results, Quarantined, [340], [651074],1.0.10038
PUP.Optional.Reimage, C:\PROGRAMDATA\REIMAGEREPAIR, Quarantined, [340], [651074],1.0.10038
File: 9
PUP.Optional.SearchManager, C:\USERS\GEEK9\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\chrome-extension_pilplloabdedfmialnfchjomjmpjcoej_0.localstorage, Quarantined, [2063], [453138],1.0.10038
PUP.Optional.SearchModule, C:\USERS\GEEK9\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\chrome-extension_nahhmpbckpgdidfnmfkfgiflpjijilce_0.localstorage, Quarantined, [275], [453492],1.0.10038
PUP.Optional.SearchManager, C:\USERS\GEEK9\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Replaced, [2063], [183362],1.0.10038
PUP.Optional.Reimage, C:\ProgramData\ReimageRepair\Results\ProtectorPackage.log, Quarantined, [340], [651074],1.0.10038
PUP.Optional.Reimage, C:\ProgramData\ReimageRepair\active_protection.txt, Quarantined, [340], [651074],1.0.10038
PUP.Optional.Reimage, C:\ProgramData\ReimageRepair\cfl.rei, Quarantined, [340], [651074],1.0.10038
PUP.Optional.Reimage, C:\ProgramData\ReimageRepair\scan_agent_result_log.txt, Quarantined, [340], [651074],1.0.10038
PUP.Optional.Reimage, C:\ProgramData\ReimageRepair\url_setting_definitions.txt, Quarantined, [340], [651074],1.0.10038
PUP.Optional.WinYahoo.Generic, C:\USERS\GEEK9\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I8SBFLIM.DEFAULT\SEARCHPLUGINS\SADARAMA.XML, Quarantined, [223], [643052],1.0.10038
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
Security Check --------------------------
Results of screen317's Security Check version 1.014 --- 12/23/15
x86 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````[/u]
Windows Firewall Enabled!
Windows Defender
AVG Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````[/u]
Adobe Flash Player 32.0.0.156
Mozilla Firefox (66.0.2)
Google Chrome (73.0.3683.86)
Google Chrome (SetupMetrics...)
````````Process Check: objlist.exe by Laurent````````[/u]
Malwarebytes Anti-Malware mbamservice.exe
AVG Antivirus AVGSvc.exe
AVG Antivirus aswidsagent.exe
AVG Antivirus AVGUI.exe
Malwarebytes Anti-Malware mbamtray.exe
`````````````````System Health check`````````````````[/u]
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````[/u]
That's all ;D