# ------------------------------- # Malwarebytes AdwCleaner 7.3.0.0 # ------------------------------- # Build: 04-04-2019 # Database: 2019-04-29.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 05-08-2019 # Duration: 00:00:10 # OS: Windows 8.1 # Cleaned: 52 # Failed: 0 ***** [ Services ] ***** Deleted Update service ***** [ Folders ] ***** Deleted C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare Deleted C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare V8 Deleted C:\ProgramData\IObit\Advanced SystemCare Deleted C:\ProgramData\IObit\Advanced SystemCare V7 Deleted C:\ProgramData\IObit\Advanced SystemCare V8 Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\minergate Deleted C:\Users\Dimitry\AppData\LocalLow\IObit\Advanced SystemCare Deleted C:\Users\Dimitry\AppData\LocalLow\IObit\Advanced SystemCare V8 Deleted C:\Users\Dimitry\AppData\Local\minergate Deleted C:\Users\Dimitry\AppData\Roaming\IOBIT\Driver Booster Deleted C:\Users\Dimitry\AppData\Roaming\IObit\Advanced SystemCare Deleted C:\Users\Dimitry\AppData\Roaming\IObit\Advanced SystemCare V8 Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare V8 ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKCU\Software\IObit\Advanced SystemCare Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{621EB8AE-8BD7-4B94-AEC0-8D62CE578412} Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Advanced SystemCare 9 Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} Deleted HKCU\Software\PRODUCTSETUP Deleted HKCU\Software\SlimWare Utilities Inc Deleted HKCU\Software\csastats Deleted HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare Deleted HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare Deleted HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare Deleted HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Advanced SystemCare Deleted HKLM\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\Advanced SystemCare Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{D0930B71-485D-445A-9A9E-D3844D52688A}C:\users\dimitry\appdata\local\popcorn time\nw.exe Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{36B32CB7-0D3F-411C-B787-64FE0F1CC849}C:\users\dimitry\appdata\local\popcorn time\nw.exe Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{03630F24-EEA8-4A8C-AC9F-604EF331ABB6} Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{19D3BFC0-27F1-4CAA-907B-61D397F5478B} Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{34336990-06B4-4238-82AB-3A72FE145D06} Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{3FAE6761-1440-46F6-93CF-A7096A0D896F} Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{414A0D66-94C1-4506-BC3F-352D2FAED2EA} Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{4D43E336-F0D7-41E0-B2D5-91F8074F7498} Deleted HKLM\Software\Classes\CLSID\{2803063F-4B8D-4dc6-8874-D1802487FE2D} Deleted HKLM\Software\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99} Deleted HKLM\Software\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B} Deleted HKLM\Software\Wow6432Node\IOBIT\ASC Deleted HKLM\Software\Wow6432Node\IObit\Advanced SystemCare Deleted HKLM\Software\Wow6432Node\IObit\RealTimeProtector Deleted HKLM\Software\Wow6432Node\SlimWare Utilities Inc Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99} Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B} Deleted HKLM\Software\Wow6432Node\\Google\Chrome\NativeMessagingHosts\com.ascplugin.protect Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\MinerGate Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{FF29DC36-F53E-43E2-9743-C7F40F0FD34B}|DhcpNameServer - "192.13.128.24" ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [7045 octets] - [08/05/2019 20:15:56] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########