# ------------------------------- # Malwarebytes AdwCleaner 8.3.1.0 # ------------------------------- # Build: 11-18-2021 # Database: 2021-12-02.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 01-27-2022 # Duration: 00:00:17 # OS: Windows 10 Pro # Cleaned: 62 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** Deleted C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare Deleted C:\Program Files\Advanced SystemCare Deleted C:\ProgramData\BSD\DriverHive Deleted C:\ProgramData\BSD\DriverHiveEngine Deleted C:\Users\Application Data\IObit\Advanced SystemCare Deleted C:\Users\Public\Documents\Downloaded Installers Deleted C:\Users\TEMP\AppData\Roaming\IObit\Advanced SystemCare Deleted C:\Users\V811s01\AppData\Local\slimware utilities inc Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare ***** [ Files ] ***** Deleted C:\Users\V811s01\AppData\Roaming\Mozilla\Firefox\Profiles\2koosv4a.test aug 20\invalidprefs.js Deleted C:\Users\V811s01\AppData\Roaming\Mozilla\Firefox\Profiles\amefoag1.default-release\invalidprefs.js Deleted C:\Users\V811s01\AppData\Roaming\Mozilla\Firefox\Profiles\jiy63axi.Willy nov 19\invalidprefs.js Deleted C:\Users\V811s01\AppData\Roaming\Mozilla\Firefox\Profiles\sew9ucav.default\invalidprefs.js Deleted C:\Users\V811s01\AppData\Roaming\Mozilla\Firefox\Profiles\xhy1dvln.default-release\invalidprefs.js Deleted C:\Users\V811s01\AppData\Roaming\Mozilla\Firefox\Profiles\zlm5tc6z.profile nov 19-1611949785812\invalidprefs.js Deleted C:\Windows\Reimage.ini Deleted C:\Windows\System32\REGISTRYDEFRAGBOOTTIME.EXE Deleted C:\Windows\System32\drivers\swdumon.sys Deleted C:\Windows\restoro.ini ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKCU\Software\IObit\Advanced SystemCare Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} Deleted HKCU\Software\Restoro Key Deleted HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare Deleted HKLM\SOFTWARE\Classes\.URL\OpenWithList\Torch.exe Deleted HKLM\SOFTWARE\Classes\.bmp\OpenWithList\Torch.exe Deleted HKLM\SOFTWARE\Classes\.dib\OpenWithList\Torch.exe Deleted HKLM\SOFTWARE\Classes\.gif\OpenWithList\Torch.exe Deleted HKLM\SOFTWARE\Classes\.htm\OpenWithList\Torch.exe Deleted HKLM\SOFTWARE\Classes\.html\OpenWithList\Torch.exe Deleted HKLM\SOFTWARE\Classes\.ico\OpenWithList\Torch.exe Deleted HKLM\SOFTWARE\Classes\.jfif\OpenWithList\Torch.exe Deleted HKLM\SOFTWARE\Classes\.jpe\OpenWithList\Torch.exe Deleted HKLM\SOFTWARE\Classes\.jpg\OpenWithList\Torch.exe Deleted HKLM\SOFTWARE\Classes\.pdf\OpenWithList\Torch.exe Deleted HKLM\SOFTWARE\Classes\.png\OpenWithList\Torch.exe Deleted HKLM\SOFTWARE\Classes\.shtml\OpenWithList\Torch.exe Deleted HKLM\SOFTWARE\Classes\.webm\OpenWithList\Torch.exe Deleted HKLM\SOFTWARE\Classes\.xht\OpenWithList\Torch.exe Deleted HKLM\SOFTWARE\Classes\.xhtml\OpenWithList\Torch.exe Deleted HKLM\SOFTWARE\Classes\Applications\TorchSetupstub.exe Deleted HKLM\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\Advanced SystemCare Deleted HKLM\SYSTEM\Setup\FirstBoot\Services\SWDUMon Deleted HKLM\Software\Classes\Interface\{23387882-DEAA-4971-2222-5D5046F2B3BB} Deleted HKLM\Software\Classes\Interface\{2532D782-C4FC-4ED8-2222-D654E27AF7F8} Deleted HKLM\Software\Classes\Interface\{2F343382-EFC2-49C9-2222-FC0C403B0EBB} Deleted HKLM\Software\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99} Deleted HKLM\Software\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B} Deleted HKLM\Software\Wow6432Node\BSD Deleted HKLM\Software\Wow6432Node\IOBIT\ASC Deleted HKLM\Software\Wow6432Node\IObit\Advanced SystemCare Deleted HKLM\Software\Wow6432Node\IObit\RealTimeProtector Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99} Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B} Deleted HKLM\Software\Wow6432Node\\Google\Chrome\NativeMessagingHosts\com.ascplugin.protect Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Advanced SystemCare_is1 ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** Deleted Smart Defender - {b84eec0c-f44b-420f-b2ee-db2a585be7fc} ***** [ Firefox URLs ] ***** Deleted Bing Default Search Deleted Bing Default Search Deleted https://defaultsearch.co/homepage?hp=1&pId=IC150206&iDate=2020-08-22 06:24:06&bName=&bitmask=0600 Deleted https://defaultsearch.co/homepage?hp=1&pId=IC150206&iDate=2020-08-22 06:24:06&bName=&bitmask=0600 ***** [ Hosts File Entries ] ***** No malicious hosts file entries cleaned. ***** [ Preinstalled Software ] ***** No Preinstalled Software cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [7099 octets] - [27/01/2022 17:11:30] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########