# AdwCleaner v6.043 - Logfile created 30/01/2017 at 10:59:42 # Updated on 27/01/2017 by Malwarebytes # Database : 2017-01-30.2 [Server] # Operating System : Windows 10 Home (X64) # Username : Brad - BRAD-PC # Running from : C:\Users\Brad\Desktop\adwcleaner_6.043.exe # Mode: Clean # Support : https://www.malwarebytes.com/support ***** [ Services ] ***** ***** [ Folders ] ***** ***** [ Files ] ***** ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled Tasks ] ***** ***** [ Registry ] ***** [-] Key deleted: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\CpuHeatMapping [#] Key deleted on reboot: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\CpuHeatMapping [-] Key deleted: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\CpuEssentials [#] Key deleted on reboot: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\CpuEssentials [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{AF141839-3CC0-4ED3-A8FF-BC95B9341C43} [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{E98F6ADA-0655-45F4-9141-9F7A18C5B46B} [-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{5DC6C679-3C7F-49C7-A12D-4D9E9DB8274B} [-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{294BC5A4-7157-4131-AB81-1DEC393D0F0A} [-] Key deleted: HKU\S-1-5-21-1061724313-1516444972-2292327885-1000\Software\AppDataLow\Software\UltimateSpeedTester [#] Key deleted on reboot: HKCU\Software\AppDataLow\Software\UltimateSpeedTester [-] Key deleted: HKLM\SOFTWARE\dllpop100 [-] Key deleted: HKLM\SOFTWARE\IDOT [#] Key deleted on reboot: [x64] HKCU\Software\AppDataLow\Software\UltimateSpeedTester [-] Key deleted: [x64] HKLM\SOFTWARE\IDOT [-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2} [-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\itibitiphone.com [-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\mpc.am [-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\search.mpc.am [-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\bestpriceninja.com [-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cmptch.com [-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\pstatic.bestpriceninja.com [-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.cmptch.com [-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\bestpriceninja.com [-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cmptch.com [-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\pstatic.bestpriceninja.com [-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.cmptch.com [#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\itibitiphone.com [#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\mpc.am [#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\search.mpc.am [#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\bestpriceninja.com [#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cmptch.com [#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\pstatic.bestpriceninja.com [#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.cmptch.com [#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\bestpriceninja.com [#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cmptch.com [#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\pstatic.bestpriceninja.com [#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.cmptch.com [-] Value deleted: HKU\S-1-5-21-1061724313-1516444972-2292327885-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [fastweb] [-] Value deleted: HKU\S-1-5-21-1061724313-1516444972-2292327885-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [WinResSync] ***** [ Web browsers ] ***** [-] [C:\Users\Brad\AppData\Local\Chromium\User Data\Default\Web data] [Search Provider] Deleted: yahoo! powered [-] [C:\Users\Brad\AppData\Local\Chromium\User Data\Default] [startup_urls] Deleted: hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=mnn_ir_16_49¶m1=1¶m2=f%3D7%26b%3Dchmm%26cc%3Dus%26pa%3Dminio%26cd%3D2XzuyEtN2Y1L1QzuzzzzyDtAtB0EtAtCtB0AzzyBtCtBtAyEtN0D0Tzu0StCzztDyCtN1L2XzutAtFtByEtFtByBtFyDyBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StD0B0A0Fzy0F0E0EtGyDtCzyyBtGtDyBtAyBtGyBtD0CtBtG0E0AzztDtCtD0CtCtCzzzzyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0ByByE0D0E0Ezz0FtG0E0B0AyDtGyE0FyE0AtG0AyD0EyCtGzz0AtD0EtAyE0AtA0C0B0E0F2QtN0A0LzutB%26cr%3D1647291669%26a%3Dmnn_ir_16_49%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome [-] [C:\Users\Brad\AppData\Local\Chromium\User Data\Default] [homepage] Deleted: hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=mnn_ir_16_49¶m1=1¶m2=f%3D1%26b%3Dchmm%26cc%3Dus%26pa%3Dminio%26cd%3D2XzuyEtN2Y1L1QzuzzzzyDtAtB0EtAtCtB0AzzyBtCtBtAyEtN0D0Tzu0StCzztDyCtN1L2XzutAtFtByEtFtByBtFyDyBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StD0B0A0Fzy0F0E0EtGyDtCzyyBtGtDyBtAyBtGyBtD0CtBtG0E0AzztDtCtD0CtCtCzzzzyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0ByByE0D0E0Ezz0FtG0E0B0AyDtGyE0FyE0AtG0AyD0EyCtGzz0AtD0EtAyE0AtA0C0B0E0F2QtN0A0LzutB%26cr%3D1647291669%26a%3Dmnn_ir_16_49%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome ************************* :: "Tracing" keys deleted :: Winsock settings cleared ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [7782 Bytes] - [30/01/2017 10:59:42] C:\AdwCleaner\AdwCleaner[S0].txt - [6944 Bytes] - [30/01/2017 10:59:14] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [7928 Bytes] ##########