# ------------------------------- # Malwarebytes AdwCleaner 7.2.2.0 # ------------------------------- # Build: 07-17-2018 # Database: 2018-07-16.3 # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 07-18-2018 # Duration: 00:00:10 # OS: Windows 10 Home # Cleaned: 63 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** Deleted C:\Users\TOLHANSEN\AppData\LocalLow\IObit\Advanced SystemCare Deleted C:\Users\hansd\AppData\Roaming\Carambis Deleted C:\Users\hansd\AppData\Roaming\DRPSu Deleted C:\Users\TOLHANSEN\AppData\Roaming\DriverCure Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverFinder Deleted C:\Program Files (x86)\DriverFinder Deleted C:\Users\TOLHANSEN\AppData\Roaming\DriverFinder Deleted C:\Program Files\Hola Deleted C:\Users\hansd\AppData\Roaming\Hola Deleted C:\Users\TOLHANSEN\AppData\Roaming\Hola Deleted C:\Users\TOLHANSEN\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp Deleted C:\ProgramData\PARETOLOGIC Deleted C:\Users\TOLHANSEN\AppData\Roaming\PARETOLOGIC Deleted C:\ProgramData\Solvusoft Deleted C:\Program Files\Enigma Software Group ***** [ Files ] ***** Deleted C:\Users\hansd\Downloads\DriverToolkitInstaller.exe Deleted C:\Users\hansd\Downloads\Hola-Setup.exe Deleted C:\Windows\Reimage.ini ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** Deleted C:\Windows\System32\Tasks\DllKitPRO Deleted C:\Windows\System32\Tasks\DriverFinder ***** [ Registry ] ***** Deleted HKLM\Software\Wow6432Node\IObit\RealTimeProtector Deleted HKU\S-1-5-18\Software\Auslogics Deleted HKU\.DEFAULT\Software\Auslogics Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AEB625FF-8CE5-415C-9C32-E2EE24A9EB3A} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DllKitPRO Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|DriverAgent Plus Deleted HKCU\Software\drpsu Deleted HKLM\Software\Wow6432Node\drpsu Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\drp.su Deleted HKCU\Software\csastats Deleted HKU\S-1-5-21-1418365825-3294327862-2350165910-1003\Software\csastats Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|hola Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\TosSENotify Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\ToshibaServiceStation Deleted HKU\S-1-5-18\Software\Hola Deleted HKU\.DEFAULT\Software\Hola Deleted HKLM\Software\Hola Deleted HKU\S-1-5-21-1418365825-3294327862-2350165910-1003\Software\ParetoLogic Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DriverFinder Deleted HKU\S-1-5-21-1418365825-3294327862-2350165910-1003\Software\DriverFinder Deleted HKLM\Software\Wow6432Node\DriverFinder Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\hola.org Deleted HKU\S-1-5-21-1418365825-3294327862-2350165910-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\hola.org Deleted HKLM\Software\Wow6432Node\RegisteredApplications|jZip Deleted HKLM\SOFTWARE\RegisteredApplications|jZip Deleted HKLM\Software\Wow6432Node\Classes\AppID\jZipShell.DLL Deleted HKLM\SOFTWARE\Classes\AppID\jZipShell.DLL Deleted HKLM\Software\Wow6432Node\Classes\AppID\{3ED98568-A949-49CB-8ED0-3A703F6D4166} Deleted HKLM\Software\Classes\AppID\{3ED98568-A949-49CB-8ED0-3A703F6D4166} Deleted HKLM\Software\Wow6432Node\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A} Deleted HKLM\Software\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A} Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36} Deleted HKLM\Software\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36} Deleted HKLM\Software\Wow6432Node\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546} Deleted HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546} Deleted HKLM\Software\Wow6432Node\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4} Deleted HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4} Deleted HKU\S-1-5-21-1418365825-3294327862-2350165910-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484} Deleted HKLM\Software\Classes\uus3url-pl Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E1907701-70E4-4605-8494-42B9A867FCE3} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DriverFinder Deleted HKU\S-1-5-21-1418365825-3294327862-2350165910-1003\Software\Microsoft\Internet Explorer\SearchScopes\{26080cad-4adc-49ac-8c63-eda16e595cbd} Deleted HKU\S-1-5-21-1418365825-3294327862-2350165910-1003\Software\PRODUCTSETUP ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [7015 octets] - [18/07/2018 17:58:58] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########