# ------------------------------- # Malwarebytes AdwCleaner 8.0.4.0 # ------------------------------- # Build: 04-03-2020 # Database: 2020-04-03.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 04-03-2020 # Duration: 00:00:03 # OS: Windows 10 Home # Cleaned: 74 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** Deleted C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare Deleted C:\Program Files (x86)\IObit\Advanced SystemCare Deleted C:\ProgramData\IObit\Advanced SystemCare Deleted C:\ProgramData\SecuritySuite Deleted C:\ProgramData\TotalAV Deleted C:\Users\Luna\AppData\LocalLow\IObit\Advanced SystemCare Deleted C:\Users\Luna\AppData\Roaming\IObit\Advanced SystemCare Deleted C:\Users\Luna\Documents\TotalAV Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare ***** [ Files ] ***** Deleted C:\Windows\Reimage.ini ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKCU\Software\IObit\Advanced SystemCare Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Advanced SystemCare 12 Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484} Deleted HKCU\Software\Reimage Deleted HKCU\Software\SSProtect Deleted HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL Deleted HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.totalav.passwordvaultassistant Deleted HKLM\SOFTWARE\Mozilla\NativeMessagingHosts\com.totalav.passwordvaultassistant Deleted HKLM\Software\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A} Deleted HKLM\Software\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484} Deleted HKLM\Software\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB} Deleted HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4} Deleted HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546} Deleted HKLM\Software\Classes\REI_AxControl.ReiEngine Deleted HKLM\Software\Classes\REI_AxControl.ReiEngine.1 Deleted HKLM\Software\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36} Deleted HKLM\Software\Reimage Deleted HKLM\Software\Wow6432Node\IOBIT\ASC Deleted HKLM\Software\Wow6432Node\IObit\Advanced SystemCare Deleted HKLM\Software\Wow6432Node\IObit\RealTimeProtector Deleted HKLM\Software\Wow6432Node\\Classes\AppID\REI_AxControl.DLL Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A} Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4} Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546} Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36} Deleted HKLM\Software\Wow6432Node\\Google\Chrome\NativeMessagingHosts\com.ascplugin.protect Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} ***** [ Chromium (and derivatives) ] ***** Deleted IObit Surfing Protection & Ads Removal - bbmegnmpleoagolcnjnejdacakedpcgd ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ***** [ Hosts File Entries ] ***** No malicious hosts file entries cleaned. ***** [ Preinstalled Software ] ***** Deleted Preinstalled.HPAudioSwitch Folder C:\Program Files (x86)\HP\HPAUDIOSWITCH Deleted Preinstalled.HPAudioSwitch Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{339EA3ED-AC5F-496B-AE9B-88BA89FCD7B3} Deleted Preinstalled.HPAudioSwitch Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPAudioSwitch Deleted Preinstalled.HPAudioSwitch Task C:\Windows\System32\Tasks\HPAUDIOSWITCH Deleted Preinstalled.HPCoolSense Folder C:\Program Files (x86)\HP\HP COOLSENSE Deleted Preinstalled.HPCoolSense Folder C:\Users\Luna\AppData\Local\HP\HP COOLSENSE Deleted Preinstalled.HPCoolSense Folder C:\Windows\System32\Tasks\HP\HP COOLSENSE Deleted Preinstalled.HPCoolSense Registry HKLM\Software\Classes\CLSID\{224695A4-BD5E-4C38-B354-A4C828E61BF7} Deleted Preinstalled.HPJumpStartBridge Folder C:\Program Files (x86)\HP\HP JUMPSTART BRIDGE Deleted Preinstalled.HPJumpStartLaunch Folder C:\Program Files (x86)\HP\HP JUMPSTART LAUNCH Deleted Preinstalled.HPJumpStartLaunch Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7121EEC-4B48-497D-B750-DE3EDD6B0AAB} Deleted Preinstalled.HPJumpStartLaunch Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPJumpStartLaunch Deleted Preinstalled.HPJumpStartLaunch Task C:\Windows\System32\Tasks\HPJUMPSTARTLAUNCH Deleted Preinstalled.HPRegistrationService Folder C:\Program Files (x86)\HP\HP REGISTRATION SERVICE Deleted Preinstalled.HPRegistrationService Folder C:\ProgramData\HP\HP REGISTRATION SERVICE Deleted Preinstalled.HPSupportAssistant Folder C:\HP\SUPPORT Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP CUSTOMER FEEDBACK Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS Deleted Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK Deleted Preinstalled.HPSupportAssistant Folder C:\Users\Luna\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK Deleted Preinstalled.HPSupportAssistant Folder C:\Users\Luna\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4AAC4B07-77EF-4BCF-88DC-D24E4DE683E8} Deleted Preinstalled.HPSureConnect Folder C:\Program Files\HPCOMMRECOVERY Deleted Preinstalled.HPSureConnect Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{6468C4A5-E47E-405F-B675-A70A70983EA6} Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES\SHORTCUTPROVIDER Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{80831F60-19D7-43B3-A60C-5CAF8C478DF6} Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{A39303AB-4898-4F12-BAA0-0B8630F86DB4} ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [8859 octets] - [03/04/2020 18:14:59] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########