# AdwCleaner 7.0.1.0 - Logfile created on Wed Aug 09 14:52:10 2017 # Updated on 2017/05/08 by Malwarebytes # Running on Windows 7 Professional (X64) # Mode: clean # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services deleted. ***** [ Folders ] ***** Deleted: C:\ProgramData\IObit\Advanced SystemCare Deleted: C:\ProgramData\Application Data\IObit\Advanced SystemCare Deleted: C:\Windows\System32\config\systemprofile\AppData\LocalLow\IObit\Advanced SystemCare Deleted: C:\Program Files (x86)\IObit\Advanced SystemCare Deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\IObit\Advanced SystemCare Deleted: C:\Users\All Users\IObit\Advanced SystemCare Deleted: C:\Users\Joyeusa\AppData\LocalLow\IObit\Advanced SystemCare Deleted: C:\Users\liandry\AppData\Roaming\IObit\Advanced SystemCare Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare Deleted: C:\Users\Joyeusa\AppData\Roaming\BROWSERMODULE Deleted: C:\ProgramData\{4FCEED6C-B7D9-405B-A844-C3DBF418BF87} Deleted: C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A} Deleted: C:\ProgramData\{CB28D9D3-6B5D-4AFA-BA37-B4AFAABF70B8} ***** [ Files ] ***** No malicious files deleted. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** Deleted: Driver Booster Scheduler Deleted: Microsoft\Windows\Windows Error Reporting\ErrorReporting Deleted: ASC10_SkipUac_Joyeusa ***** [ Registry ] ***** Deleted: [Key] - HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare Deleted: [Key] - HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare Deleted: [Key] - HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare Deleted: [Key] - HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.ascplugin.protect Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{26A6B749-F8CC-4704-ACFB-B6A1E23F548F} Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{759AFB5E-E632-4B8D-A099-891D403F35EC} Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Advanced SystemCare_is1 Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} Deleted: [Value] - HKU\S-1-5-21-997578801-1229425148-687259749-1001\Software\Microsoft\Windows\CurrentVersion\Run|Advanced SystemCare 10 Deleted: [Value] - HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Advanced SystemCare 10 Deleted: [Value] - HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|YeaDesktop.exe Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|YeaDesktop.exe Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\gplyra ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries deleted. ***** [ Chromium (and derivatives) ] ***** Plugin deleted: Bitmotion - New Tab - ************************* ::Tracing keys deleted ::Winsock settings cleared ::Additional Actions: 0 ************************* C:/AdwCleaner/AdwCleaner[S0].txt - [4386 B] - [2017/8/9 14:50:52] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########