# ------------------------------- # Malwarebytes AdwCleaner 7.2.6.0 # ------------------------------- # Build: 12-18-2018 # Database: 2018-12-21.2 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 12-24-2018 # Duration: 00:00:15 # OS: Windows 7 Home Premium # Cleaned: 49 # Failed: 2 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** Deleted C:\ProgramData\IObit\Advanced SystemCare V7 Deleted C:\ProgramData\IObit\Advanced SystemCare V8 Deleted C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare V8 Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare V8 Deleted C:\Users\ONECS\AppData\LocalLow\IObit\Advanced SystemCare V8 Deleted C:\Users\ONECS\AppData\Roaming\IObit\Advanced SystemCare V8 Not Deleted C:\ProgramData\Tencent Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent Deleted C:\Windows\Temp\Smartbar Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion ***** [ Files ] ***** Deleted C:\Users\ONECS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Driver Booster 3.lnk Deleted C:\Users\ONECS\appdata\local\installationconfiguration.xml Deleted C:\Users\ONECS\AppData\Local\Main.dat ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk Deleted C:\Users\ONECS\Desktop\Internet Explorer.lnk Deleted C:\Users\Public\Desktop\Google Chrome.lnk Deleted C:\Users\ONECS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk Deleted C:\Users\ONECS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk Deleted C:\Users\ONECS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk Deleted C:\Users\ONECS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk Deleted C:\Users\ONECS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk ***** [ Tasks ] ***** Deleted C:\Windows\System32\Tasks\IQOptionUpdateTask ***** [ Registry ] ***** Deleted HKLM\Software\Wow6432Node\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\Quoteex.exe Deleted HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\Quoteex.exe Deleted HKLM\Software\Wow6432Node\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Quoteex.exe Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IQOptionUpdateTask Deleted HKLM\Software\Wow6432Node\IObit\RealTimeProtector Deleted HKLM\Software\Wow6432Node\Google\Chrome\NativeMessagingHosts\com.ascplugin.protect Deleted HKCU\Software\Microsoft\Internet Explorer\TabbedBrowsing|bProtectShowTabsWelcome Deleted HKLM\Software\Classes\METNSD Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes|DefaultScope Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes|DefaultScope Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch} Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\ielnksrch Deleted HKU\S-1-5-18\Environment|SNP Deleted HKU\.DEFAULT\Environment|SNP Deleted HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\SpyHunter4.exe Deleted HKU\S-1-5-18\Software\Lavasoft\Web Companion Deleted HKCU\Software\Lavasoft\Web Companion Deleted HKU\.DEFAULT\Software\Lavasoft\Web Companion Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com ***** [ Chromium (and derivatives) ] ***** Deleted User-Agent Switcher for Chrome Deleted Bazz Search SafeFinder ***** [ Chromium URLs ] ***** Deleted https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoH2TlPbfGRogFollUxK1WT4fZtNqrG7p9jF1EuPu5wBKcOgfNlNtZm_MPs_PoIa1oYZM4f_UDiCL8-ubRmHENvedXacAhVPam2RNEXWpgl72fXrvDEGHrp0x4LXozl9_YosVe2NcuUpkorUBseOhqA_NgpQe82J9Rch5rkhx0shI Deleted https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoH2TlPbfGRogFollUxK1WT4fZtNqrG7p9jF1EuPu5wBKcOgfNlNtZm_MPs_PoIa1oYZM4f_UDiCL8-ubRmHENvedXacAhVPam2RNEXWpgl72fXrvDEGHrp0x4LXozl9_YosVe2NcuUpkorUBseOhqA_NgpQe82J9Rch5rkhx0shI ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** Deleted file:///C:/ProgramData/Quoteexs/ff.HP Not Deleted suggestqueries.google.com Deleted file:///C:/ProgramData/Quoteexs/ff.HP ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [6390 octets] - [24/12/2018 18:46:12] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########