# ------------------------------- # Malwarebytes AdwCleaner 7.1.1.0 # ------------------------------- # Build: 04-27-2018 # Database: 2018-05-02.2 # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 05-03-2018 # Duration: 00:00:06 # OS: Windows 10 Enterprise N # Cleaned: 64 # Failed: 0 ***** [ Services ] ***** Deleted saiyitechnology ***** [ Folders ] ***** Deleted C:\ProgramData\Logic Cramble Deleted C:\Program Files (x86)\MCOQbbUPMajU2 Deleted C:\Program Files (x86)\RlCzQmKuU Deleted C:\Program Files (x86)\UXKaXUEoyrOvC Deleted C:\Program Files (x86)\yGQUkuNFJydZrWLqulR Deleted C:\Program Files (x86)\qdxtUcdmoIE Deleted C:\Program Files (x86)\APFJptQZUoUn Deleted C:\ProgramData\Voyasollam Deleted C:\ProgramData\68B94C14-5FA3-0 Deleted C:\ProgramData\68B94C14-57B5-1 Deleted C:\Users\HAMZA\AppData\Roaming\IObit\Advanced SystemCare Deleted C:\Program Files (x86)\FastDataX Deleted C:\Users\HAMZA\AppData\Local\FastDataX Deleted C:\ProgramData\yahoochrome_D Deleted C:\ProgramData\PrefsSecure Deleted C:\Users\HAMZA\AppData\Local\AdService Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion Deleted C:\Users\HAMZA\AppData\Roaming\WidModule ***** [ Files ] ***** Deleted C:\Users\HAMZA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Driver Booster.lnk Deleted C:\Users\HAMZA\appdata\local\installationconfiguration.xml Deleted C:\Users\HAMZA\AppData\Local\Main.dat ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** Deleted C:\Windows\System32\Tasks\waTTzezvPrMPuZrWXNR2 Deleted C:\Windows\System32\Tasks\RLkqBnyOWmWtiyTNd2 Deleted C:\Windows\System32\Tasks\LEYQPVHwvgCJZX Deleted C:\Windows\System32\Tasks\SblZmBRLKrukRom2 Deleted C:\Windows\System32\Tasks\FastDataX Task Deleted C:\Windows\System32\Tasks\Driver Booster Scheduler Deleted C:\Windows\System32\Tasks\PPI Update ***** [ Registry ] ***** Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564 Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C0D38E5A-7CF8-4105-8FE8-31B81443A114} Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C0D38E5A-7CF8-4105-8FE8-31B81443A114} Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C0D38E5A-7CF8-4105-8FE8-31B81443A114} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{C0D38E5A-7CF8-4105-8FE8-31B81443A114} Deleted HKLM\Software\Classes\CLSID\{C0D38E5A-7CF8-4105-8FE8-31B81443A114} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F2B9DDA7-4070-410E-B529-BDD7D75E6941} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\waTTzezvPrMPuZrWXNR2 Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D8C9F80-1277-485D-8ADA-7B6E70119420} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RLkqBnyOWmWtiyTNd2 Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E1816C6E-11B7-418D-80D3-6C8D8BE2556C} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E1816C6E-11B7-418D-80D3-6C8D8BE2556C} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LEYQPVHwvgCJZX Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0BFC6EE6-EBB8-409C-8459-3E4CEAF874B5} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SblZmBRLKrukRom2 Deleted HKCU\Software\SetupCompany Deleted HKCU\Software\drpsu Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FastDataX_is1 Deleted HKCU\Software\FastDataX Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1DF70996-57A6-421A-BCD2-5DF70777DC4E} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1DF70996-57A6-421A-BCD2-5DF70777DC4E} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FastDataX Task Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion Deleted HKCU\Software\Lavasoft\Web Companion Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F5184CA5-AF55-4935-9377-AE2AFE1722E5} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D583CF19-469C-4A01-939B-339D91F5E686} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D583CF19-469C-4A01-939B-339D91F5E686} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PPI Update Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\Application Hosting Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\E3605470-291B-44EB-8648-745EE356599A Deleted HKCU\Software\WidModule ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########