# ------------------------------- # Malwarebytes AdwCleaner 8.0.9.1 # ------------------------------- # Build: 01-20-2021 # Database: 2021-01-26.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 02-06-2021 # Duration: 00:00:21 # OS: Windows 10 Home # Cleaned: 170 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** Deleted C:\Program Files (x86)\Yahoo!\Companion Deleted C:\ProgramData\Speedbit Deleted C:\ProgramData\Yahoo! Companion Deleted C:\Users\Public\Documents\Downloaded Installers Deleted C:\Users\R.lessard\AppData\LocalLow\Speedbit Deleted C:\Users\R.lessard\AppData\Roaming\Speedbit Deleted C:\Users\R.lessard\AppData\Roaming\Yahoo!\Companion ***** [ Files ] ***** Deleted C:\Program Files (x86)\Yahoo!\Common\unyt.exe Deleted C:\Windows\System32\drivers\swdumon.sys ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{EF99BD32-C1FB-11D2-892F-0090271D4F88} Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} Deleted HKCU\Software\SpeedBit Deleted HKLM\SOFTWARE\Classes\AppID\YCAPlugin.DLL Deleted HKLM\SOFTWARE\Classes\AppID\YPUBC.DLL Deleted HKLM\SOFTWARE\Classes\AppID\YTBM.DLL Deleted HKLM\SOFTWARE\Classes\AppID\YTMsgr.DLL Deleted HKLM\SOFTWARE\Classes\AppID\YTNavAssist.DLL Deleted HKLM\SOFTWARE\Classes\AppID\YTSingleInstance.DLL Deleted HKLM\SOFTWARE\Classes\AppID\YTabBar.DLL Deleted HKLM\SOFTWARE\Classes\AppID\yt.DLL Deleted HKLM\SOFTWARE\Classes\AppID\ytbbroker.EXE Deleted HKLM\SYSTEM\Setup\FirstBoot\Services\SWDUMon Deleted HKLM\Software\Classes\AppID\{07CDAAD9-1226-4C6D-B774-C00E7B323484} Deleted HKLM\Software\Classes\AppID\{1CAE874F-F5C7-4BCC-BA46-9AD26DF35B93} Deleted HKLM\Software\Classes\AppID\{35860EFB-1589-4F32-A618-99E847A502B2} Deleted HKLM\Software\Classes\AppID\{39DCCEAF-C749-4390-9953-527CF916935C} Deleted HKLM\Software\Classes\AppID\{41D7CEE0-D91F-498C-BC88-4A6BEE46C2BC} Deleted HKLM\Software\Classes\AppID\{7D831388-D405-4272-9511-A07440AD2927} Deleted HKLM\Software\Classes\AppID\{9EDCCD11-960D-49AE-B523-C6B5AB7E1345} Deleted HKLM\Software\Classes\AppID\{EB2BA65E-41F6-4F64-92A6-216CDFFDF577} Deleted HKLM\Software\Classes\AppID\{EFC0651C-B6D7-49CD-A6E0-B1CE9AB5FE46} Deleted HKLM\Software\Classes\AppID\{FFFFE1D1-E40D-49a1-9622-BC59BD1879C3} Deleted HKLM\Software\Classes\Interface\{11D5E9EA-3117-4389-8E58-742F0975C980} Deleted HKLM\Software\Classes\Interface\{12D3E096-0FDF-42CC-8F44-04944F9C1648} Deleted HKLM\Software\Classes\Interface\{22389F39-2CF4-47C4-B8B2-273BB16BF70C} Deleted HKLM\Software\Classes\Interface\{23E3CEB3-D63A-433E-A5D0-4DB1C501B915} Deleted HKLM\Software\Classes\Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB} Deleted HKLM\Software\Classes\Interface\{2723E96B-905F-4C64-8999-D868A08E6370} Deleted HKLM\Software\Classes\Interface\{29E3319C-4B3C-479F-8692-BDD2CA30BEDD} Deleted HKLM\Software\Classes\Interface\{2FCB4E7E-E5C7-4D07-BB2C-78DF2DA867AD} Deleted HKLM\Software\Classes\Interface\{367BD1CD-74A3-451F-B1A4-6A2DE4129A2D} Deleted HKLM\Software\Classes\Interface\{38552F25-8DED-4206-BB21-041EF53328F9} Deleted HKLM\Software\Classes\Interface\{3D592FCB-FEFD-43A6-9A4F-BDE2D4607D07} Deleted HKLM\Software\Classes\Interface\{49F018EE-F362-4B5B-8EC8-BCF9246ABF21} Deleted HKLM\Software\Classes\Interface\{63B73044-FC1A-4FE1-991B-FDBD4CDAA868} Deleted HKLM\Software\Classes\Interface\{67E5E37C-E6B8-4782-877D-E9437C4CD982} Deleted HKLM\Software\Classes\Interface\{686D40BC-FA43-4317-8474-E634E6B487F2} Deleted HKLM\Software\Classes\Interface\{7207E52B-821E-4C05-A8D6-2965B2BE77CF} Deleted HKLM\Software\Classes\Interface\{8233093C-178B-484B-979E-3C6B5B147DBC} Deleted HKLM\Software\Classes\Interface\{863FCF5D-DC39-4DA9-AF32-CB0025990EEE} Deleted HKLM\Software\Classes\Interface\{A310B105-FB7D-4497-A7E8-E046462B012F} Deleted HKLM\Software\Classes\Interface\{B09E015A-4D4E-4F8D-A436-95E19140947D} Deleted HKLM\Software\Classes\Interface\{B1E712C4-03AA-495F-B0F5-0F057E126E2A} Deleted HKLM\Software\Classes\Interface\{D13DC65C-C77B-4986-9078-DEA3D34C71BB} Deleted HKLM\Software\Classes\Interface\{DF522774-8CA0-4B15-A93A-5F61AB95DA1C} Deleted HKLM\Software\Classes\Interface\{F56ACA29-1C99-40F1-AC64-2E44C4F6BC71} Deleted HKLM\Software\Classes\Interface\{F9A10D86-182A-4946-869B-70C3D109D14D} Deleted HKLM\Software\Classes\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002} Deleted HKLM\Software\Classes\TypeLib\{0548C79F-7B8C-455D-B228-97D35371BB62} Deleted HKLM\Software\Classes\TypeLib\{4A1E52AC-64F2-49E9-BFD7-0806D9494DBB} Deleted HKLM\Software\Classes\TypeLib\{61A2027D-B837-4080-A925-6E30E10DEF32} Deleted HKLM\Software\Classes\TypeLib\{78DB07DF-483E-4829-AB44-ED7952083584} Deleted HKLM\Software\Classes\TypeLib\{8A1AB044-787D-4309-8410-709768E484AB} Deleted HKLM\Software\Classes\TypeLib\{A2C55651-A23E-43CA-B63D-C10B99EFF7E0} Deleted HKLM\Software\Classes\TypeLib\{A31F34A1-EBD2-45A2-BF6D-231C1B987CC8} Deleted HKLM\Software\Classes\TypeLib\{AD34BE7D-2603-43DD-8D1F-E4431D42C44E} Deleted HKLM\Software\Classes\TypeLib\{B722ED8B-0B38-408E-BB89-260C73BCF3D4} Deleted HKLM\Software\Classes\TypeLib\{B82D18E0-1649-48DE-92D7-AA89BBB5F0AD} Deleted HKLM\Software\Classes\TypeLib\{D2EA97F6-6235-4B2D-B5AA-A4472B9CE557} Deleted HKLM\Software\Classes\Yahoo.AntiSpyPlugin Deleted HKLM\Software\Classes\Yahoo.PopupBlockerPlugin Deleted HKLM\Software\Classes\yt.CacheLoader Deleted HKLM\Software\Classes\yt.Clickstream Deleted HKLM\Software\Classes\yt.YTHelper Deleted HKLM\Software\Classes\yt.YToolbarBand Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ProductUpdater Deleted HKLM\Software\Wow6432Node\\Classes\AppID\YCAPlugin.DLL Deleted HKLM\Software\Wow6432Node\\Classes\AppID\YPUBC.DLL Deleted HKLM\Software\Wow6432Node\\Classes\AppID\YTBM.DLL Deleted HKLM\Software\Wow6432Node\\Classes\AppID\YTMsgr.DLL Deleted HKLM\Software\Wow6432Node\\Classes\AppID\YTNavAssist.DLL Deleted HKLM\Software\Wow6432Node\\Classes\AppID\YTSingleInstance.DLL Deleted HKLM\Software\Wow6432Node\\Classes\AppID\YTabBar.DLL Deleted HKLM\Software\Wow6432Node\\Classes\AppID\yt.DLL Deleted HKLM\Software\Wow6432Node\\Classes\AppID\ytbbroker.EXE Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{07CDAAD9-1226-4C6D-B774-C00E7B323484} Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{1CAE874F-F5C7-4BCC-BA46-9AD26DF35B93} Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{35860EFB-1589-4F32-A618-99E847A502B2} Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{39DCCEAF-C749-4390-9953-527CF916935C} Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{41D7CEE0-D91F-498C-BC88-4A6BEE46C2BC} Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{7D831388-D405-4272-9511-A07440AD2927} Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{9EDCCD11-960D-49AE-B523-C6B5AB7E1345} Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{EB2BA65E-41F6-4F64-92A6-216CDFFDF577} Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{EFC0651C-B6D7-49CD-A6E0-B1CE9AB5FE46} Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{FFFFE1D1-E40D-49a1-9622-BC59BD1879C3} Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{1147DC83-6208-4dca-8E88-DD45BAAB3043} Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{11CB4723-D5A1-4a55-8D1D-5C2679D54CF5} Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{1E57256D-9F39-4267-AB39-D7813D644C5A} Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{31371420-098D-4C0E-A11E-EBEC2305DD01} Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{37B8167C-B9A4-4316-94B2-67B64BB2BA7C} Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{3A06AA27-D94B-48C2-BB55-9FD0FF2120E3} Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{46140CE4-76FE-440E-AE88-4C2272BC05C7} Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{6E40017D-FB6A-4804-BDE4-3BB09F1719C1} Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{6EB4349D-4333-442F-ACA4-4C72AF28B6ED} Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F} Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{9F9C4C5C-2BA8-4E00-A697-9F710BB1026B} Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{B7A0E898-93E5-43f4-B99A-6C70B303699C} Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{C60CCE95-6AF9-4E74-B66B-3212D19F1D2F} Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{D40A62D1-8FC0-4F03-90C4-0DE03BE73A41} Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{DDCED22E-D018-471D-9A5C-A4EA2F21133D} Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{E1A2D448-6334-45ec-8800-6D7F71DC87FC} Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{F51C15D4-3D0A-4DBA-A095-EBCC09F24DA2} Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{F9A10D86-182A-4946-869B-70C3D109D14D} Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{FBE30D66-39A2-4b72-8B43-6D4C335A6F34} Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{11D5E9EA-3117-4389-8E58-742F0975C980} Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{12D3E096-0FDF-42CC-8F44-04944F9C1648} Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{22389F39-2CF4-47C4-B8B2-273BB16BF70C} Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{23E3CEB3-D63A-433E-A5D0-4DB1C501B915} Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB} Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{2723E96B-905F-4C64-8999-D868A08E6370} Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{29E3319C-4B3C-479F-8692-BDD2CA30BEDD} Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{2FCB4E7E-E5C7-4D07-BB2C-78DF2DA867AD} Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{367BD1CD-74A3-451F-B1A4-6A2DE4129A2D} Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{38552F25-8DED-4206-BB21-041EF53328F9} Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{3D592FCB-FEFD-43A6-9A4F-BDE2D4607D07} Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{49F018EE-F362-4B5B-8EC8-BCF9246ABF21} Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{63B73044-FC1A-4FE1-991B-FDBD4CDAA868} Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{67E5E37C-E6B8-4782-877D-E9437C4CD982} Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{686D40BC-FA43-4317-8474-E634E6B487F2} Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{7207E52B-821E-4C05-A8D6-2965B2BE77CF} Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{8233093C-178B-484B-979E-3C6B5B147DBC} Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{863FCF5D-DC39-4DA9-AF32-CB0025990EEE} Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{A310B105-FB7D-4497-A7E8-E046462B012F} Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{B09E015A-4D4E-4F8D-A436-95E19140947D} Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{B1E712C4-03AA-495F-B0F5-0F057E126E2A} Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{D13DC65C-C77B-4986-9078-DEA3D34C71BB} Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{DF522774-8CA0-4B15-A93A-5F61AB95DA1C} Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{F56ACA29-1C99-40F1-AC64-2E44C4F6BC71} Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{F9A10D86-182A-4946-869B-70C3D109D14D} Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002} Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{0548C79F-7B8C-455D-B228-97D35371BB62} Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{4A1E52AC-64F2-49E9-BFD7-0806D9494DBB} Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{61A2027D-B837-4080-A925-6E30E10DEF32} Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{78DB07DF-483E-4829-AB44-ED7952083584} Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{8A1AB044-787D-4309-8410-709768E484AB} Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{A2C55651-A23E-43CA-B63D-C10B99EFF7E0} Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{A31F34A1-EBD2-45A2-BF6D-231C1B987CC8} Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{AD34BE7D-2603-43DD-8D1F-E4431D42C44E} Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{B722ED8B-0B38-408E-BB89-260C73BCF3D4} Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{B82D18E0-1649-48DE-92D7-AA89BBB5F0AD} Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{D2EA97F6-6235-4B2D-B5AA-A4472B9CE557} Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EFC0651C-B6D7-49CD-A6E0-B1CE9AB5FE46} Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Toolbar|{EF99BD32-C1FB-11D2-892F-0090271D4F88} Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|ProductUpdater Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ***** [ Hosts File Entries ] ***** No malicious hosts file entries cleaned. ***** [ Preinstalled Software ] ***** Deleted Preinstalled.HPSupportAssistant Folder C:\Users\R.lessard\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{1E14ACF0-1480-4467-A73D-67C4FD35A5F4} ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [19278 octets] - [06/02/2021 11:27:02] AdwCleaner[S01].txt - [19340 octets] - [06/02/2021 11:31:07] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########