# ------------------------------- # Malwarebytes AdwCleaner 7.2.4.0 # ------------------------------- # Build: 09-25-2018 # Database: 2018-11-19.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 11-21-2018 # Duration: 00:00:11 # OS: Windows 10 Home # Cleaned: 42 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** Deleted C:\Program Files (x86)\BUYNSAAVE Deleted C:\ProgramData\IObit\Advanced SystemCare V7 Deleted C:\Users\henk\AppData\LocalLow\IObit\Advanced SystemCare V7 Deleted C:\Users\henk\AppData\Roaming\IObit\Advanced SystemCare V7 Deleted C:\Users\henk\Documents\TotalAV Deleted C:\Users\henk\Documents\ScanGuard Deleted C:\Program Files\Enigma Software Group ***** [ Files ] ***** Deleted C:\Windows\pss\tcbhn.lnk.Startup ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKLM\Software\Wow6432Node\IObit\RealTimeProtector Deleted HKLM\Software\Wow6432Node\IOBIT\ASC Deleted HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1716136967-1173365762-3251464594-1000\Software\bbrs_002.tb Deleted HKCU\Software\csastats Deleted HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1716136967-1173365762-3251464594-1000\Software\Blabbers Deleted HKCU\Software\ForumerIT Deleted HKU\S-1-5-18\Software\BrowserMngr Deleted HKU\.DEFAULT\Software\BrowserMngr Deleted HKLM\Software\Wow6432Node\SiteSee Deleted HKCU\Software\Appscion Deleted HKCU\Software\AppDataLow\Software\IObit Apps Deleted HKCU\Software\IObit Apps Deleted HKLM\Software\Wow6432Node\IObit Apps Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509 Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024 Deleted HKLM\Software\Wow6432Node\Classes\AppID\iedll.dll Deleted HKLM\SOFTWARE\Classes\AppID\iedll.dll Deleted HKLM\Software\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{5D637FAD-E202-48D1-8F18-5B9C459BD1E3} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{5D637FAD-E202-48D1-8F18-5B9C459BD1E3} Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{00CBB66B-1D3B-46D3-9577-323A336ACB50} Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{00CBB66B-1D3B-46D3-9577-323A336ACB50} Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87934C42-161D-45BC-8CEF-EF18ABE2A30C} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WOT WFRI1 Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WOT WMON1 Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WOT WWED1 Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WOT WTUE1 Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WOT WTHUR1 Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WOT N Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WOT T Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Search Page Deleted HKCU\Software\PRODUCTSETUP Deleted HKLM\Software\EnigmaSoftwareGroup Deleted HKLM\SOFTWARE\Mozilla\NativeMessagingHosts\com.totalav.passwordvaultassistant Deleted HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.totalav.passwordvaultassistant ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [5245 octets] - [21/11/2018 13:10:27] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########