# AdwCleaner 7.0.3.1 - Logfile created on Tue Oct 24 16:16:04 2017 # Updated on 2017/29/09 by Malwarebytes # Running on Windows 10 Home (X64) # Mode: clean # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services deleted. ***** [ Folders ] ***** Deleted: C:\Users\rita\AppData\Local\VirtualStore\Program Files (x86)\Movies App ***** [ Files ] ***** No malicious files deleted. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** Deleted: HP AR Program Upload - 5e38dde98352466ea013aa9342be81b3dcd70564e02d46149edde24b9c2a6d66 Deleted: HP AR Program Upload - e3d50a65199b440ab997415d1e5e739e4065d4b0cb2e428ba1d966407de3867d ***** [ Registry ] ***** Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\mail.ru Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\mail.ru Deleted: [Key] - HKLM\SOFTWARE\Universal Deleted: [Key] - HKU\.DEFAULT\Software\AVG Nation toolbar Deleted: [Key] - HKU\S-1-5-18\Software\AVG Nation toolbar Deleted: [Key] - HKU\S-1-5-21-455634102-3971962441-1493714179-1001\Software\ForumerIT Deleted: [Key] - HKCU\Software\ForumerIT Deleted: [Key] - HKLM\SOFTWARE\MaxPower Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298} Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132} Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D007D90B-423F-40A5-BE43-05BC2ABCA970} Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|AnyProtect Scanner Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ApnTBMon Deleted: [Value] - HKU\S-1-5-21-455634102-3971962441-1493714179-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Optimizer Pro Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|CrashMon Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|Salus CrashMon Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|Salus Deleted: [Value] - HKU\S-1-5-21-455634102-3971962441-1493714179-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|iLivid Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6} Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E} Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24} Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9} Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext|DisableAddonLoadTimePerformanceNotifications Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{181480C8-90AC-3430-B39A-CD121E034A1A} Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{8F54FA54-1DF8-3B20-890C-CDD95364BC95} Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Deleted: [Value] - HKU\S-1-5-21-455634102-3971962441-1493714179-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Softonic For Windows Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP AR Program Upload - 5e38dde98352466ea013aa9342be81b3dcd70564e02d46149edde24b9c2a6d66 Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP AR Program Upload - e3d50a65199b440ab997415d1e5e739e4065d4b0cb2e428ba1d966407de3867d ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries deleted. ***** [ Chromium (and derivatives) ] ***** Plugin deleted: Avira SafeSearch Plus - SearchProvider deleted: Ask - ask.com SearchProvider deleted: Ask Search - ask search ************************* ::Tracing keys deleted ::Winsock settings cleared ::Additional Actions: 0 ************************* C:/AdwCleaner/AdwCleaner[S0].txt - [5288 B] - [2017/10/24 16:14:42] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########