# ------------------------------- # Malwarebytes AdwCleaner 8.3.0.0 # ------------------------------- # Build: 06-29-2021 # Database: 2021-09-09.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 09-10-2021 # Duration: 00:10:43 # OS: Windows 10 Home # Cleaned: 77 # Failed: 0 ***** [ Services ] ***** Deleted SAntivirusIC Deleted chromium Deleted chromiumm ***** [ Folders ] ***** Deleted C:\Program Files (x86)\Chromium Deleted C:\Program Files (x86)\Digital Communications Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAntivirus Deleted C:\ProgramData\SAntivirus Deleted C:\Users\model\AppData\Local\Assistant Deleted C:\Users\model\AppData\Local\WallpaperSuite Deleted C:\Users\model\AppData\Roaming\santivirusclient ***** [ Files ] ***** Deleted C:\Users\model\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search Powered by Yahoo!.lnk ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** Deleted C:\Windows\System32\Tasks\CHROMIUMUPDATETASKMACHINECORE Deleted C:\Windows\System32\Tasks\CHROMIUMUPDATETASKMACHINEUA ***** [ Registry ] ***** Deleted HKCU\Software\Classes\CLSID\{47E44C3B-0AC6-49C7-A7FD-CCE4B532EE5B} Deleted HKCU\Software\Classes\CLSID\{D8E0CDAD-2FAE-40EB-8433-7F5A79714FB8} Deleted HKCU\Software\Classes\Chromium.OneClickCtrl.9 Deleted HKCU\Software\Classes\Chromium.OneClickProcessLauncherUser Deleted HKCU\Software\Classes\Chromium.OneClickProcessLauncherUser.1.0 Deleted HKCU\Software\Classes\Chromium.Update3WebControl.3 Deleted HKCU\Software\Classes\ChromiumUpdate.CredentialDialogUser Deleted HKCU\Software\Classes\ChromiumUpdate.CredentialDialogUser.1.0 Deleted HKCU\Software\Classes\ChromiumUpdate.OnDemandCOMClassUser Deleted HKCU\Software\Classes\ChromiumUpdate.OnDemandCOMClassUser.1.0 Deleted HKCU\Software\Classes\ChromiumUpdate.Update3COMClassUser Deleted HKCU\Software\Classes\ChromiumUpdate.Update3COMClassUser.1.0 Deleted HKCU\Software\Classes\ChromiumUpdate.Update3WebUser Deleted HKCU\Software\Classes\ChromiumUpdate.Update3WebUser.1.0 Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D38058A-29DC-4608-B481-DDF3748F0B10} Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{419E90E1-1BDB-4D2A-9D36-2DFD56D564F4} Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D57D808A-EC29-43C7-A9ED-F0B6CB8E7D84} Deleted HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.exe Deleted HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.vshost.exe Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0707532E-824D-43F5-AF0F-573C45682CDC} Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f} Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Chromium Update Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|WallpaperSuite Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{2D38058A-29DC-4608-B481-DDF3748F0B10} Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{D57D808A-EC29-43C7-A9ED-F0B6CB8E7D84} Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2D38058A-29DC-4608-B481-DDF3748F0B10} Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D57D808A-EC29-43C7-A9ED-F0B6CB8E7D84} Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Chromium Update Deleted HKCU\Software\PRODUCTSETUP Deleted HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1G1R1P1V0A1Q1Q0O1G Deleted HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F Deleted HKCU\Software\csastats Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.exe Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.vshost.exe Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BE7F9CD4-8B5D-4502-9168-6C9B019214A2} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE7F9CD4-8B5D-4502-9168-6C9B019214A2} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3160531-931C-4860-AA0C-137378DFCF01} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ChromiumUpdateTaskMachineCore Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ChromiumUpdateTaskMachineUA Deleted HKLM\SOFTWARE\Microsoft\Windows\SAntivirus Deleted HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Deleted HKLM\Software\SAntivirus Deleted HKLM\Software\SegOption Deleted HKLM\Software\Wow6432Node\SAntivirus Deleted HKLM\Software\Wow6432Node\SAntivirusProduct Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.exe Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.vshost.exe Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\SAntivirus Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\SAntivirus Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\SAntivirusSvc Deleted HKLM\System\Setup\FirstBoot\Services\SANTIVIRUSKD Deleted HKLM\System\Setup\FirstBoot\Services\SAntivirusIC Deleted HKLM\System\Setup\FirstBoot\Services\SAntivirusSvc Deleted HKLM\System\Setup\FirstBoot\Services\chromium Deleted HKLM\System\Setup\FirstBoot\Services\chromiumm Deleted HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.exe Deleted HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.vshost.exe Deleted HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.exe Deleted HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.vshost.exe ***** [ Chromium (and derivatives) ] ***** Deleted EverydayMemo - adckfafdhcboapeijcednfglkfongclf Deleted FromDocToPDF (BETA) - mallpejgeafdahhflmliiahjdpgbegpk Deleted Search Manager - nahhmpbckpgdidfnmfkfgiflpjijilce Deleted nahhmpbckpgdidfnmfkfgiflpjijilce ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ***** [ Hosts File Entries ] ***** No malicious hosts file entries cleaned. ***** [ Preinstalled Software ] ***** No Preinstalled Software cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [13298 octets] - [10/09/2021 11:54:04] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########