# ------------------------------- # Malwarebytes AdwCleaner 7.2.7.0 # ------------------------------- # Build: 01-30-2019 # Database: 2019-02-06.2 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 02-08-2019 # Duration: 00:00:12 # OS: Windows 10 Home # Cleaned: 25 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobogenie3 ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKLM\SOFTWARE\Classes\Applications\iMeshSetup-r1484-w-bf.exe Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\winrar packages Deleted HKU\S-1-5-18\Software\Mobogenie Deleted HKU\.DEFAULT\Software\Mobogenie Deleted HKLM\Software\Wow6432Node\Mobogenie3 Deleted HKLM\Software\Classes\MobogenieAPKFile Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.teatrolafenice.it Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\teatrolafenice.it Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.teatrolafenice.it Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\teatrolafenice.it Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Deleted HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon|Userinit ***** [ Chromium (and derivatives) ] ***** Deleted lmnbobhffedhdhfpcjkjphcfpeeiocdn ***** [ Chromium URLs ] ***** Deleted http://start.mysearchdial.com/?f=1&a=ir_14_15_ch&cd=2XzuyEtN2Y1L1QzutCyE0D0A0Ezy0DzytCtByC0EyD0Azy0DtN0D0Tzu0SzztByBtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0EyCtCtByCzy0DtGtDzyyB0EtGyD0B0B0FtGtDyC0FzytGyCyBtC0B0DyEtD0B0B0AzztC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDyBzyzy0DyBtB0EtGyDyE0D0AtGtA0AyCzytG0EtDtAyEtGyE0Czzzy0ByCtD0CtAtC0E0E2Q&cr=1221899731&ir= Deleted Mysearchdial Deleted http://www.awesomehp.com/?type=hp&ts=1393531869&from=ild&uid=ST9500325AS_6VEW5YG9XXXX6VEW5YG9 Deleted awesomehp Deleted http://start.mysearchdial.com/?f=1&a=ir_14_15_ch&cd=2XzuyEtN2Y1L1QzutCyE0D0A0Ezy0DzytCtByC0EyD0Azy0DtN0D0Tzu0SzztByBtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0EyCtCtByCzy0DtGtDzyyB0EtGyD0B0B0FtGtDyC0FzytGyCyBtC0B0DyEtD0B0B0AzztC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDyBzyzy0DyBtB0EtGyDyE0D0AtGtA0AyCzytG0EtDtAyEtGyE0Czzzy0ByCtD0CtAtC0E0E2Q&cr=1221899731&ir= Deleted Mysearchdial Deleted Softonic NL Deleted Softonic NL Deleted Softonic EN ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [4393 octets] - [08/02/2019 13:07:54] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########