# ------------------------------- # Malwarebytes AdwCleaner 7.1.1.0 # ------------------------------- # Build: 04-27-2018 # Database: 2018-04-30.1 # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 05-02-2018 # Duration: 00:00:08 # OS: Windows 7 Home Premium # Cleaned: 41 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\IObit\Advanced SystemCare Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare Deleted C:\Users\PMS\AppData\LocalLow\IObit\Advanced SystemCare Deleted C:\Users\PMS\AppData\Roaming\IObit\Advanced SystemCare Deleted C:\Users\PMS\AppData\Roaming\DRPSu Deleted C:\ProgramData\IObit\ASCDownloader ***** [ Files ] ***** Deleted C:\Users\PMS\AppData\Roaming\Mozilla\Firefox\Profiles\ki3txbbf.default\searchplugins\yahoo-lavasoft.xml Deleted C:\Users\PMS\AppData\Roaming\Mozilla\Firefox\Profiles\ki3txbbf.default\invalidprefs.js Deleted C:\Windows\System32\LavasoftTcpService64.dll Deleted C:\Windows\SysWOW64\lavasofttcpservice.dll ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** Deleted C:\Windows\System32\Tasks\Driver Booster Scheduler ***** [ Registry ] ***** Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{65F226FA-6B42-48C4-88C7-C96359C01A5A} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65F226FA-6B42-48C4-88C7-C96359C01A5A} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC10_SkipUac_PMS Deleted HKLM\Software\Wow6432Node\IObit\RealTimeProtector Deleted HKLM\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\Advanced SystemCare Deleted HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Advanced SystemCare Deleted HKLM\Software\Wow6432Node\Google\Chrome\NativeMessagingHosts\com.ascplugin.protect Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0069693F-B05F-4C3E-9A65-56039C5D91CC} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC10_PerformanceMonitor Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|AndroidServer.exe Deleted HKLM\Software\Wow6432Node\Classes\AppID\DownloadProxy.EXE Deleted HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057} Deleted HKLM\Software\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057} Deleted HKLM\Software\Wow6432Node\Classes\Interface\{B9E49847-9822-4139-BC55-7173ED1ADA11} Deleted HKLM\Software\Wow6432Node\Classes\Interface\{6B3732AA-F6D4-4F16-9E22-49EDC52C9514} Deleted HKLM\Software\Wow6432Node\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1} Deleted HKLM\Software\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{821E397E-AC02-405A-8D5C-D6FC46B7E966} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page Deleted HKLM\Software\Wow6432Node\Classes\AppID\LavasoftTcpService.exe Deleted HKLM\SOFTWARE\Classes\AppID\LavasoftTcpService.exe Deleted HKLM\Software\Wow6432Node\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB} Deleted HKLM\Software\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB} ***** [ Chromium (and derivatives) ] ***** Deleted ????? Mail.Ru Deleted ???????? ???????? Mail.Ru Deleted ????? Mail.Ru Deleted ???????? ???????? Mail.Ru ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########