# ------------------------------- # Malwarebytes AdwCleaner 7.2.7.0 # ------------------------------- # Build: 01-30-2019 # Database: 2019-01-31.3 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 02-03-2019 # Duration: 00:00:04 # OS: Windows 7 Home Premium # Cleaned: 58 # Failed: 0 ***** [ Services ] ***** Deleted tscmon Deleted Partner Service ***** [ Folders ] ***** Deleted C:\ProgramData\IOLO\SCU Deleted C:\Program Files (x86)\iolo\System Checkup Deleted C:\Users\Public\Documents\Downloaded Installers Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\AVG Secure Search ***** [ Files ] ***** Deleted C:\Users\Dumé\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Advanced System Repair Pro.lnk Deleted C:\Windows\System32\drivers\asrdmon.sys Deleted C:\Windows\SysWOW64\rnd_chunk.bin Deleted C:\Windows\System32\drivers\swdumon.sys ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** Deleted C:\Windows\System32\Tasks\iolo SCU task one ***** [ Registry ] ***** Deleted HKCU\SOFTWARE\96dad1e03dba43 Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} Deleted HKLM\Software\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} Deleted HKCU\Software\Microsoft\Internet Explorer\TabbedBrowsing|bProtectShowTabsWelcome Deleted HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\ByteFence.exe Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2976CB66-3C7E-470D-9665-83EA26712E01} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2976CB66-3C7E-470D-9665-83EA26712E01} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\iolo SCU task one Deleted HKCU\Software\Yahoo\Companion Deleted HKCU\Software\ImInstaller Deleted HKLM\Software\Wow6432Node\Classes\AppID\{7D831388-D405-4272-9511-A07440AD2927} Deleted HKLM\Software\Classes\AppID\{7D831388-D405-4272-9511-A07440AD2927} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{F51C15D4-3D0A-4DBA-A095-EBCC09F24DA2} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{D879A501-50A7-BEFC-A4C5-32DC6E0CB208} Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{B722ED8B-0B38-408E-BB89-260C73BCF3D4} Deleted HKLM\Software\Classes\TypeLib\{B722ED8B-0B38-408E-BB89-260C73BCF3D4} Deleted HKLM\Software\Wow6432Node\Classes\Interface\{8233093C-178B-484B-979E-3C6B5B147DBC} Deleted HKLM\Software\Classes\Interface\{8233093C-178B-484B-979E-3C6B5B147DBC} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17} Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{86676E13-D6D8-4652-9FCF-F2047F1FB000} Deleted HKLM\Software\Classes\TypeLib\{86676E13-D6D8-4652-9FCF-F2047F1FB000} Deleted HKLM\Software\Wow6432Node\Classes\AppID\{28A88B70-D874-4F73-BBBA-9B2B222FB7D6} Deleted HKLM\Software\Classes\AppID\{28A88B70-D874-4F73-BBBA-9B2B222FB7D6} Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar|{25A3A431-30BB-47C8-AD6A-E1063801134F} Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F} Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F} Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1D970ED5-3EDA-438D-BFFD-715931E2775B} Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D} Deleted HKLM\Software\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D} Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4} Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4} Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4} Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4} Deleted HKLM\Software\Classes\CLSID\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4} Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762} Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main|Start Page Deleted HKLM\Software\Microsoft\Internet Explorer\Main|Start Page Deleted HKLM\Software\Wow6432Node\SlimWare Utilities Inc Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{9517FB66-3DCF-44eb-8CE5-1A0F8A058D12} Deleted HKLM\Software\Classes\CLSID\{9517FB66-3DCF-44eb-8CE5-1A0F8A058D12} ***** [ Chromium (and derivatives) ] ***** Deleted Vosteran New Tab ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [7227 octets] - [03/02/2019 23:09:47] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########