# ------------------------------- # Malwarebytes AdwCleaner 8.0.7.0 # ------------------------------- # Build: 07-22-2020 # Database: 2020-07-20.1 (Local) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 09-03-2020 # Duration: 00:01:17 # OS: Windows 7 Ultimate # Cleaned: 35 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** Deleted C:\Program Files (x86)\DriverToolkit Deleted C:\Program Files (x86)\TweakBit Deleted C:\ProgramData\BSD\DriverHive Deleted C:\ProgramData\BSD\DriverHiveEngine Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TweakBit Deleted C:\ProgramData\Outbyte Deleted C:\ProgramData\TweakBit Deleted C:\Users\Public\Documents\Downloaded Installers Deleted C:\Users\Todopcsofware\AppData\Local\DriverToolkit Deleted C:\Users\Todopcsofware\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG Deleted C:\Users\Todopcsofware\AppData\Local\slimware utilities inc Deleted C:\Users\Todopcsofware\AppData\Roaming\DRPSu ***** [ Files ] ***** Deleted C:\END Deleted C:\Users\Pokinga\AppData\Local\Google\Chrome\User Data\Default\LOCAL STORAGE\HTTP_FROMDOCTOPDF.DL.MYWAY.COM_0.LOCALSTORAGE Deleted C:\Users\Pokinga\AppData\Local\Google\Chrome\User Data\Default\LOCAL STORAGE\HTTP_FROMDOCTOPDF.DL.MYWAY.COM_0.LOCALSTORAGE-JOURNAL Deleted C:\Users\Pokinga\AppData\Local\Google\Chrome\User Data\Default\LOCAL STORAGE\HTTP_FROMDOCTOPDF.DL.TB.ASK.COM_0.LOCALSTORAGE Deleted C:\Users\Pokinga\AppData\Local\Google\Chrome\User Data\Default\LOCAL STORAGE\HTTP_FROMDOCTOPDF.DL.TB.ASK.COM_0.LOCALSTORAGE-JOURNAL Deleted C:\Windows\System32\drivers\swdumon.sys Deleted C:\Windows\a.bat ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKCU\SOFTWARE\87302d7a234a39d6e2fddae0bc6f6d05 Deleted HKCU\Software\{DAF8B7E5-449D-4180-8281-10E536E597F2} Deleted HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\WebCompanion.exe Deleted HKLM\Software\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D} Deleted HKLM\Software\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24} Deleted HKLM\Software\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044} Deleted HKLM\Software\Classes\Interface\{ED0D2C81-7DB5-4599-B7C0-1033418B5672} Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DE20CE03-D4C1-4C3F-ACEB-86F731E1A358}|DisplayName Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DE20CE03-D4C1-4C3F-ACEB-86F731E1A358}|InstallLocation Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\PokerStars.net Deleted HKLM\Software\Wow6432Node\{DAF8B7E5-449D-4180-8281-10E536E597F2} ***** [ Chromium (and derivatives) ] ***** Deleted EasyDocMerge - mabloidgodmbnmnhoenmhlcjkfelomgp Deleted EasyDocMerge - mabloidgodmbnmnhoenmhlcjkfelomgp Deleted Search Extension by Ask - lgfehfbnofiffladdncogfobimealokp ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ***** [ Hosts File Entries ] ***** No malicious hosts file entries cleaned. ***** [ Preinstalled Software ] ***** Deleted Preinstalled.ASUSProductRegistration Folder C:\Program Files (x86)\ASUS\APRP Deleted Preinstalled.ASUSProductRegistration Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188} ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [4720 octets] - [03/09/2020 14:02:55] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########