What is MyCleanID?
The Malwarebytes research team has determined that MyCleanID is a "privacy optimizer". These so-called "system optimizers" use exaggerated results or sometimes even intentional false positives to convince users that their systems have problems. Then they try to sell you their software, claiming it will remove these problems.
This particular one also uses web push notifications.
How do I know if I am infected with MyCleanID?
This is how the main screen of the system optimizer looks:
You will find these icons in your taskbar, your startmenu, and on your desktop:
and see these warnings during install:
and this type of screens during "operations":
You may see this entry in your list of installed programs:
and these tasks in your list of Scheduled Tasks:
How did MyCleanID get on my computer?
These so-called system optimizers use different methods of getting installed. This particular one was downloaded from their website:
How do I remove MyCleanID?
Our program Malwarebytes can detect and remove this potentially unwanted application.
- Please download Malwarebytes for Windows to your desktop.
- Double-click MBSetup.exe and follow the prompts to install the program.
- When your Malwarebytes for Windows installation completes, the program opens to the Welcome to Malwarebytes screen.
- Click on the Get started button.
- Click Scan to start a Threat Scan.
- When the scan is finished click Quarantine to remove the found threats.
- Reboot the system if prompted to complete the removal process.
- No, Malwarebytes removes MyCleanID completely.
- This PUP creates some scheduled tasks. You can read here how to check for and, if necessary, remove Scheduled Tasks.
- If you have allowed the notifications you can read here how to disable them.
We hope our application and this guide have helped you eradicate this system optimizer.
As you can see below the full version of Malwarebytes would have protected you against the MyCleanID installer. It would have warned you before the application could install itself, giving you a chance to stop it before it became too late.
Technical details for experts
You may see these entries in FRST logs:
(RealDefense LLC -> RealDefense LLC) C:\Program Files (x86)\MyCleanID\MyCleanID.exe HKCU\...\Run: [MyCleanID] => C:\Program Files (x86)\MyCleanID\MyCleanID.exe [7591448 2019-12-13] (RealDefense LLC -> RealDefense LLC) Task: {101B4BED-02C0-443D-8E1F-5B39EA5DBCFA} - System32\Tasks\MyCleanID_PopupRenew => C:\Program Files (x86)\MyCleanID\MyCleanID.exe [7591448 2019-12-13] (RealDefense LLC -> RealDefense LLC) Task: {56D7824B-CAEB-44E5-B0D7-830E11A38FD7} - System32\Tasks\MyCleanID_PPO => C:\Program Files (x86)\MyCleanID\MyCleanID.exe [7591448 2019-12-13] (RealDefense LLC -> RealDefense LLC) Task: {78EFE2F8-DCEB-46E4-9465-F617C0FD236F} - System32\Tasks\MyCleanID-User_Account_Control => C:\Program Files (x86)\MyCleanID\TaskTools.exe [152600 2019-12-13] (RealDefense LLC -> RealDefense LLC) Task: {A4500ACD-78C9-4C6C-9D62-12FCEA9A92A4} - System32\Tasks\MyCleanID_Popup => C:\Program Files (x86)\MyCleanID\MyCleanID.exe [7591448 2019-12-13] (RealDefense LLC -> RealDefense LLC) C:\Users\{username}\AppData\Local\MyCleanID C:\Windows\system32\Tasks\MyCleanID_Popup C:\Windows\system32\Tasks\MyCleanID_PopupRenew C:\Windows\system32\Tasks\MyCleanID_PPO C:\Windows\system32\Tasks\MyCleanID-User_Account_Control C:\Users\Public\Desktop\MyCleanID.lnk C:\ProgramData\Desktop\MyCleanID.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyCleanID C:\Program Files (x86)\MyCleanID C:\Users\{username}\AppData\Roaming\MyCleanID MyCleanID (HKLM-x32\...\{964F4651-2C91-4E91-ACC4-3A47A732F6C5}) (Version: 4.0.9 - RealDefense LLC) FirewallRules: [{FFD9CC67-CCAF-42C3-A9E4-B3B0A183F831}] => (Allow) C:\Program Files (x86)\MyCleanID\MyCleanID.exe (RealDefense LLC -> RealDefense LLC) FirewallRules: [{A595CCF8-E07F-4D15-8D1D-C8F21CAEEE60}] => (Allow) C:\Program Files (x86)\MyCleanID\MyCleanID.exe (RealDefense LLC -> RealDefense LLC)Alterations made by the installer:
File system details [View: All details] (Selection) --------------------------------------------------- Adds the folder C:\Program Files (x86)\MyCleanID Adds the file Armt.exe"="12/13/2019 9:31 AM, 67096 bytes Adds the file Armt.exe.config"="9/3/2019 12:12 PM, 183 bytes Adds the file CaByp.CA.dll"="12/13/2019 9:31 AM, 3275016 bytes Adds the file CaByp.dll"="12/13/2019 9:31 AM, 830488 bytes Adds the file DeployAppx.exe"="12/13/2019 9:31 AM, 21528 bytes Adds the file Esent.Interop.dll"="4/12/2019 10:52 AM, 413080 bytes Adds the file ExcelDataReader.dll"="4/12/2019 10:52 AM, 181272 bytes Adds the file geckodriver.exe"="10/12/2019 8:38 AM, 3566280 bytes Adds the file ICSharpCode.SharpZipLib.dll"="4/12/2019 10:52 AM, 207896 bytes Adds the file InstAct.exe"="12/13/2019 9:31 AM, 91160 bytes Adds the file InstAct.exe.config"="4/12/2019 10:52 AM, 232 bytes Adds the file Microsoft.Deployment.WindowsInstaller.dll"="11/18/2017 1:59 PM, 183320 bytes Adds the file Microsoft.Win32.TaskScheduler.dll"="4/12/2019 10:52 AM, 299032 bytes Adds the file MicrosoftWebDriver.exe"="3/18/2019 6:32 PM, 516648 bytes Adds the file msvcp100.dll"="7/16/2019 7:11 AM, 421200 bytes Adds the file msvcp120.dll"="7/16/2019 7:11 AM, 455488 bytes Adds the file msvcp140.dll"="7/17/2019 12:48 PM, 627440 bytes Adds the file msvcr100.dll"="7/16/2019 7:11 AM, 773968 bytes Adds the file msvcr120.dll"="7/16/2019 7:11 AM, 971584 bytes Adds the file MyCleanID.exe"="12/13/2019 9:31 AM, 7591448 bytes Adds the file MyCleanID.exe.config"="4/12/2019 10:52 AM, 306 bytes Adds the file Newtonsoft.Json.dll"="4/12/2019 10:52 AM, 529432 bytes Adds the file PdfReader.dll"="12/13/2019 9:31 AM, 541720 bytes Adds the file Perpetuum.dll"="12/13/2019 9:31 AM, 495128 bytes Adds the file Perpetuum.dll.config"="4/12/2019 10:52 AM, 229 bytes Adds the file README.txt"="9/22/2020 10:00 AM, 274 bytes, A Adds the file schedc10.exe"="12/13/2019 9:31 AM, 59416 bytes Adds the file schedc10.exe.config"="4/12/2019 10:52 AM, 232 bytes Adds the file Setup.dll"="12/13/2019 9:31 AM, 248344 bytes Adds the file Setup.dll.config"="4/12/2019 10:52 AM, 229 bytes Adds the file System.Data.SQLite.dll"="4/12/2019 10:52 AM, 1427480 bytes Adds the file TaskTools.exe"="12/13/2019 9:31 AM, 152600 bytes Adds the file TaskTools.exe.config"="4/12/2019 10:52 AM, 231 bytes Adds the file Tracking.dll"="12/13/2019 9:31 AM, 160280 bytes Adds the file trialnotification.exe"="12/13/2019 9:31 AM, 73752 bytes Adds the file trialnotification.exe.config"="4/12/2019 10:52 AM, 224 bytes Adds the file updater.exe"="4/12/2019 10:52 AM, 636952 bytes Adds the file updater.ini"="9/22/2020 10:00 AM, 362 bytes, A Adds the file Util.dll"="12/13/2019 9:31 AM, 705048 bytes Adds the file Util.dll.config"="4/12/2019 10:52 AM, 229 bytes Adds the file vcruntime140.dll"="7/17/2019 12:48 PM, 85040 bytes Adds the file WebDriver.dll"="10/31/2018 9:53 AM, 1791000 bytes Adds the folder C:\Program Files (x86)\MyCleanID\de Adds the file CaByp.resources.dll"="12/13/2019 9:31 AM, 11288 bytes Adds the file MyCleanID.resources.dll"="12/13/2019 9:31 AM, 74264 bytes Adds the folder C:\Program Files (x86)\MyCleanID\es Adds the file CaByp.resources.dll"="12/13/2019 9:31 AM, 11288 bytes Adds the file MyCleanID.resources.dll"="12/13/2019 9:31 AM, 73752 bytes Adds the folder C:\Program Files (x86)\MyCleanID\fr Adds the file CaByp.resources.dll"="12/13/2019 9:31 AM, 11288 bytes Adds the file MyCleanID.resources.dll"="12/13/2019 9:31 AM, 74776 bytes Adds the folder C:\Program Files (x86)\MyCleanID\ja Adds the file CaByp.resources.dll"="12/13/2019 9:31 AM, 11288 bytes Adds the file MyCleanID.resources.dll"="12/13/2019 9:31 AM, 77848 bytes Adds the folder C:\Program Files (x86)\MyCleanID\x64 Adds the file DecryptTool.exe"="12/13/2019 9:31 AM, 83992 bytes Adds the file DecryptTool.exe.config"="9/3/2019 12:12 PM, 163 bytes Adds the folder C:\Program Files (x86)\MyCleanID\x86 Adds the file DecryptTool.exe"="12/13/2019 9:31 AM, 85528 bytes Adds the file DecryptTool.exe.config"="9/3/2019 12:12 PM, 163 bytes Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyCleanID Adds the file MyCleanID.lnk"="9/22/2020 10:00 AM, 967 bytes, A Adds the file Uninstall MyCleanID.lnk"="9/22/2020 10:00 AM, 1820 bytes, A Adds the folder C:\Users\{username}\AppData\Local\MyCleanID Adds the file cnfg"="9/22/2020 10:00 AM, 304 bytes, A Adds the file compact.txt"="9/22/2020 10:01 AM, 26 bytes, A Adds the file debug.log"="9/22/2020 10:01 AM, 8599 bytes, A Adds the file debugdoc.log"="9/22/2020 10:01 AM, 955 bytes, A Adds the file log.rtf"="9/22/2020 10:01 AM, 378 bytes, A Adds the file MyCleanID.settings"="9/22/2020 10:01 AM, 2544 bytes, A Adds the file report.txt"="9/22/2020 10:01 AM, 72 bytes, A Adds the file track.xml"="9/22/2020 10:00 AM, 168 bytes, A Adds the file wndstate.tmp"="9/22/2020 10:01 AM, 5 bytes, A Adds the folder C:\Users\{username}\AppData\Local\MyCleanID\Files Vault\metadata Adds the file categories.bin"="9/22/2020 10:00 AM, 54 bytes, A Adds the folder C:\Users\{username}\AppData\Roaming\MyCleanID\MyCleanID 4.0.9\install Adds the file installlog.txt"="9/22/2020 10:00 AM, 346378 bytes, A Adds the folder C:\Users\{username}\AppData\Roaming\MyCleanID\MyCleanID 4.0.9\install\732F6C5 Adds the file MyCleanID.msi"="12/13/2019 9:39 AM, 3638784 bytes, A In the existing folder C:\Users\Public\Desktop Adds the file MyCleanID.lnk"="9/22/2020 10:00 AM, 949 bytes, A In the existing folder C:\Windows\System32\Tasks Adds the file MyCleanID_Popup"="9/22/2020 10:01 AM, 4192 bytes, A Adds the file MyCleanID_PopupRenew"="9/22/2020 10:01 AM, 3646 bytes, A Adds the file MyCleanID_PPO"="9/22/2020 10:01 AM, 3568 bytes, A Adds the file MyCleanID-User_Account_Control"="9/22/2020 10:00 AM, 3440 bytes, A Registry details [View: All details] (Selection) ------------------------------------------------ [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shell\MyCleanID] "(Default)"="REG_EXPAND_SZ, "Add to MyCleanID Vault" "Icon"="REG_EXPAND_SZ, "C:\Program Files (x86)\MyCleanID\MyCleanID.exe" "MultiSelectModel"="REG_EXPAND_SZ, "Player" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shell\MyCleanID\command] "(Default)"="REG_EXPAND_SZ, ""C:\Program Files (x86)\MyCleanID\Armt.exe" "addfile" "%1"" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shell\MyCleanID] "(Default)"="REG_EXPAND_SZ, "Add to MyCleanID Vault" "Icon"="REG_EXPAND_SZ, "C:\Program Files (x86)\MyCleanID\MyCleanID.exe" "MultiSelectModel"="REG_EXPAND_SZ, "Player" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shell\MyCleanID\command] "(Default)"="REG_EXPAND_SZ, ""C:\Program Files (x86)\MyCleanID\Armt.exe" "addfolder" "%V"" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\1564F46919C219E4CA4CA3747A236F5C] "AdvertiseFlags"="REG_DWORD", 388 "Assignment"="REG_DWORD", 1 "AuthorizedLUAApp"="REG_DWORD", 0 "Clients"="REG_MULTI_SZ, ": " "DeploymentFlags"="REG_DWORD", 3 "InstanceType"="REG_DWORD", 0 "Language"="REG_DWORD", 1033 "PackageCode"="REG_SZ", "ACE580F31D884AA4DA467EB3833EBCCF" "ProductIcon"="REG_SZ", "C:\Windows\Installer\{964F4651-2C91-4E91-ACC4-3A47A732F6C5}\icon_1.exe" "ProductName"="REG_SZ", "MyCleanID" "Version"="REG_DWORD", 67108873 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Caphyon\Advanced Installer\Windows Firewall\{964F4651-2C91-4E91-ACC4-3A47A732F6C5}\Registered Applications] "PCPrivacyShield"="REG_SZ", "{FFD9CC67-CCAF-42C3-A9E4-B3B0A183F831}" "PCPrivacyShield_1"="REG_SZ", "{A595CCF8-E07F-4D15-8D1D-C8F21CAEEE60}" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{964F4651-2C91-4E91-ACC4-3A47A732F6C5}] "AuthorizedCDFPrefix"="REG_SZ", "" "Comments"="REG_SZ", "This installer database contains the logic and data required to install MyCleanID." "Contact"="REG_SZ", "" "DisplayName"="REG_SZ", "MyCleanID" "DisplayVersion"="REG_SZ", "4.0.9" "HelpLink"="REG_SZ", "" "HelpTelephone"="REG_SZ", "" "InstallDate"="REG_SZ", "20200922" "InstallLocation"="REG_SZ", "C:\Program Files (x86)\MyCleanID\" "Language"="REG_DWORD", 1033 "ModifyPath"="REG_EXPAND_SZ, "MsiExec.exe /X{964F4651-2C91-4E91-ACC4-3A47A732F6C5}" "NoModify"="REG_DWORD", 1 "NoRepair"="REG_DWORD", 1 "Publisher"="REG_SZ", "RealDefense LLC" "Readme"="REG_SZ", "" "Size"="REG_DWORD", 27420 "UninstallString"="REG_EXPAND_SZ, "MsiExec.exe /X{964F4651-2C91-4E91-ACC4-3A47A732F6C5}" "URLInfoAbout"="REG_SZ", "" "URLUpdateInfo"="REG_SZ", "" "Version"="REG_DWORD", 67108873 "VersionMajor"="REG_DWORD", 4 "VersionMinor"="REG_DWORD", 0 "WindowsInstaller"="REG_DWORD", 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\RealDefense LLC\MyCleanID] "Path"="REG_SZ", "C:\Program Files (x86)\MyCleanID\" "Version"="REG_SZ", "4.0.9" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MyCleanID"="REG_SZ", ""C:\Program Files (x86)\MyCleanID\MyCleanID.exe" minimized" [HKEY_CURRENT_USER\Software\MyCleanIDValidity] "Base"="REG_SZ", "Oracle CorporationBase Board0" "Bios"="REG_SZ", "innotek GmbHVirtualBox020061201000000.000000+000VBOX - 1" "BuyLink"="REG_SZ", "https://www.mycleanid.com/app/carts/" "Cpu"="REG_SZ", "Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz2808" "Disk"="REG_SZ", "VBOX HARDDISK ATA Device(Standard disk drives)2064909821255" "lang"="REG_SZ", "en" "Mac"="REG_SZ", "EAAAAER9Mv0WB6/p5YCgIV/CrKaEbawDclwr08ITFJaEt8om" "NeedsRenewal"="REG_SZ", "False" "PhoneNum"="REG_SZ", "1 (801) 857-2379 * Additional offers may be made" "Reg"="REG_SZ", "EAAAAPilphY1qWhBN+Ce+gI0T16wnY2HnrzQ/MRe32QS0BBZ" "Rti"="REG_SZ", "0" "SplashTime"="REG_QWORD, .... "Support"="REG_SZ", "https://www.mycleanid.com/contact-us.html" [HKEY_CURRENT_USER\Software\RealDefense LLC\MyCleanID] "AI_SETUPEXEPATH"="REG_SZ", "C:\Users\{username}\Desktop\MyCleanIDSetup.exe" "Custom1"="REG_DWORD", 0 "Custom2"="REG_DWORD", 0 "Params"="REG_SZ", "arg1= arg2= arg3= arg4= arg5= arg6= arg7= arg8= arg9= setupexepath="C:\Users\{username}\Desktop\MyCleanIDSetup.exe"" "ProductCode"="REG_SZ", "{964F4651-2C91-4E91-ACC4-3A47A732F6C5}" "ResName"="REG_SZ", "Regular" "UpgradeCode"="REG_SZ", "{6D31FC71-3DF7-4906-AB9F-0745325E475A}" "Version"="REG_SZ", "4.0.9"Malwarebytes log:
Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 9/22/20 Scan Time: 10:28 AM Log File: 987a9840-fcad-11ea-9281-00ffdcc6fdfc.json -Software Information- Version: 4.2.1.89 Components Version: 1.0.1045 Update Package Version: 1.0.30232 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: {computername}\{username} -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 231809 Threats Detected: 38 Threats Quarantined: 37 Time Elapsed: 6 min, 2 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 1 PUP.Optional.MyCleanID, C:\PROGRAM FILES (X86)\MYCLEANID\MYCLEANID.EXE, Quarantined, 3555, 518959, , , , , B82E4C37FF9292DD6C3FD46F68371AED, 9715DE365CCDFFA1638D98881FE1EFC313109C1A65DBC6FCF88350D45EE5837C Module: 1 PUP.Optional.MyCleanID, C:\PROGRAM FILES (X86)\MYCLEANID\MYCLEANID.EXE, Quarantined, 3555, 518959, , , , , B82E4C37FF9292DD6C3FD46F68371AED, 9715DE365CCDFFA1638D98881FE1EFC313109C1A65DBC6FCF88350D45EE5837C Registry Key: 19 PUP.Optional.MyCleanID, HKLM\SOFTWARE\CLASSES\*\SHELL\MyCleanID, Quarantined, 3555, 859064, 1.0.30232, , ame, , , PUP.Optional.MyCleanID, HKCU\SOFTWARE\MyCleanIDValidity, Quarantined, 3555, 518958, 1.0.30232, , ame, , , PUP.Optional.MyCleanID, HKCU\SOFTWARE\REALDEFENSE LLC\MyCleanID, Quarantined, 3555, 519119, 1.0.30232, , ame, , , PUP.Optional.MyCleanID, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{964F4651-2C91-4E91-ACC4-3A47A732F6C5}, Quarantined, 3555, 859069, 1.0.30232, , ame, , , PUP.Optional.MyCleanID, HKLM\SOFTWARE\WOW6432NODE\REALDEFENSE LLC\MyCleanID, Quarantined, 3555, 518955, 1.0.30232, , ame, , , PUP.Optional.MyCleanID, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\MyCleanID_RASAPI32, Quarantined, 3555, 518952, 1.0.30232, , ame, , , PUP.Optional.MyCleanID, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\MyCleanID_RASMANCS, Quarantined, 3555, 518952, 1.0.30232, , ame, , , PUP.Optional.MyCleanID, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\MyCleanID_Popup, Quarantined, 3555, 518959, , , , , , PUP.Optional.MyCleanID, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{A4500ACD-78C9-4C6C-9D62-12FCEA9A92A4}, Quarantined, 3555, 518959, , , , , , PUP.Optional.MyCleanID, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{A4500ACD-78C9-4C6C-9D62-12FCEA9A92A4}, Quarantined, 3555, 518959, , , , , , PUP.Optional.MyCleanID, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\MyCleanID_PopupRenew, Quarantined, 3555, 518959, , , , , , PUP.Optional.MyCleanID, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{101B4BED-02C0-443D-8E1F-5B39EA5DBCFA}, Quarantined, 3555, 518959, , , , , , PUP.Optional.MyCleanID, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{101B4BED-02C0-443D-8E1F-5B39EA5DBCFA}, Quarantined, 3555, 518959, , , , , , PUP.Optional.MyCleanID, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\MyCleanID_PPO, Quarantined, 3555, 518959, , , , , , PUP.Optional.MyCleanID, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{56D7824B-CAEB-44E5-B0D7-830E11A38FD7}, Quarantined, 3555, 518959, , , , , , PUP.Optional.MyCleanID, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{56D7824B-CAEB-44E5-B0D7-830E11A38FD7}, Quarantined, 3555, 518959, , , , , , PUP.Optional.MyCleanID, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\MyCleanID-User_Account_Control, Quarantined, 3555, 518959, , , , , , PUP.Optional.MyCleanID, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{78EFE2F8-DCEB-46E4-9465-F617C0FD236F}, Quarantined, 3555, 518959, , , , , , PUP.Optional.MyCleanID, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{78EFE2F8-DCEB-46E4-9465-F617C0FD236F}, Quarantined, 3555, 518959, , , , , , Registry Value: 2 PUP.Optional.MyCleanID, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{964F4651-2C91-4E91-ACC4-3A47A732F6C5}|DISPLAYNAME, Quarantined, 3555, 859069, 1.0.30232, , ame, , , PUP.Optional.MyCleanID, HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|MyCleanID, Quarantined, 3555, 518959, , , , , , Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 4 PUP.Optional.MyCleanID, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MYCLEANID, Quarantined, 3555, 518947, 1.0.30232, , ame, , , PUP.Optional.MyCleanID, C:\PROGRAM FILES (X86)\MYCLEANID, Delete-on-Reboot, 3555, 858936, 1.0.30232, , ame, , , PUP.Optional.MyCleanID, C:\USERS\{username}\APPDATA\LOCAL\MYCLEANID, Delete-on-Reboot, 3555, 858938, 1.0.30232, , ame, , , PUP.Optional.MyCleanID, C:\USERS\{username}\APPDATA\ROAMING\MYCLEANID, Quarantined, 3555, 859062, 1.0.30232, , ame, , , File: 11 PUP.Optional.MyCleanID, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyCleanID\MyCleanID.lnk, Quarantined, 3555, 518947, , , , , 230F2FDBC9824D2DE451850CD2FA2236, D2849A9BB13707A3023B918E95B7F6DD0E91F77E5BC9D4E2AE1053A2683A3774 PUP.Optional.MyCleanID, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyCleanID\Uninstall MyCleanID.lnk, Quarantined, 3555, 518947, , , , , D930DDDB2C1E8CC35A32B2AE7AB3458D, C2DCB073E76CE2BE5265DA611485EC1BC21D5C1A61488228365B20513DD9D216 PUP.Optional.MyCleanID, C:\USERS\PUBLIC\DESKTOP\MYCLEANID.LNK, Quarantined, 3555, 518948, 1.0.30232, , ame, , C0A11BD85F0B4E7798240E3BE88BDF16, 5C58A8BB05EB4DE870358828C82A597F801DAFB2BFD9BD048EAD559605B5F3B7 PUP.Optional.MyCleanID, C:\WINDOWS\SYSTEM32\TASKS\MyCleanID_Popup, Quarantined, 3555, 518959, , , , , 95D4985C790D99D25C8969333C9EBD10, 851564EBFB2BD83E0FAFC3A7FFAE492783CC215010C733229D80479F98EE5D38 PUP.Optional.MyCleanID, C:\WINDOWS\SYSTEM32\TASKS\MyCleanID_PopupRenew, Quarantined, 3555, 518959, , , , , 2D4CE8137C599255EE0E89145F1B47D6, 2F50F724D5930008CB3A4A238B2A9214823FB0CBD07124F9224E8C6501A6876D PUP.Optional.MyCleanID, C:\WINDOWS\SYSTEM32\TASKS\MyCleanID_PPO, Quarantined, 3555, 518959, , , , , D7625B64ADE15355C891C46A6E93E9D0, 0AF59A1892BD2A2653603DA531586ABCF9BAA7687BFEDCBD6F4E0C7FA023F0D3 PUP.Optional.MyCleanID, C:\DOCUMENTS AND SETTINGS\PUBLIC\Desktop\MyCleanID.lnk, Removal Failed, 3555, 518959, , , , , C0A11BD85F0B4E7798240E3BE88BDF16, 5C58A8BB05EB4DE870358828C82A597F801DAFB2BFD9BD048EAD559605B5F3B7 PUP.Optional.MyCleanID, C:\PROGRAM FILES (X86)\MYCLEANID\MYCLEANID.EXE, Delete-on-Reboot, 3555, 518959, 1.0.30232, , ame, , B82E4C37FF9292DD6C3FD46F68371AED, 9715DE365CCDFFA1638D98881FE1EFC313109C1A65DBC6FCF88350D45EE5837C PUP.Optional.MyCleanID, C:\WINDOWS\SYSTEM32\TASKS\MyCleanID-User_Account_Control, Quarantined, 3555, 518959, , , , , 723FCB7B2AA1F16301D0D6FAB29E0EBD, FA13506BC7F607223A09C8A1BB9D6461D4202A2AFF3D44C970632183AD0ECC88 PUP.Optional.MyCleanID, C:\PROGRAM FILES (X86)\MYCLEANID\TASKTOOLS.EXE, Quarantined, 3555, 518959, 1.0.30232, , ame, , A1113D9BBDD6E9327C57AF64D2988961, 21C4C5C5F7BA8C967DE8561DFAA6DEFA6F41E467F861C97B26D6A94BC50E3DC9 PUP.Optional.MyCleanID, C:\USERS\{username}\DESKTOP\MYCLEANIDSETUP.EXE, Quarantined, 3555, 518959, 1.0.30232, , ame, , D1C30B3C0141078C691785BD3C959ACB, A4BE9CE5DFF40CC3F6A9081CF2BF0B43CE7C70F10CDD4AD0FDD55E275B6A8A3F Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end)As mentioned before the full version of Malwarebytes could have protected your computer against this threat.
We use different ways of protecting your computer(s):
- Dynamically Blocks Malware Sites & Servers
- Malware Execution Prevention