Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Windows Security Center is not getting open
Message
<blockquote data-quote="Srvs" data-source="post: 617931" data-attributes="member: 60851"><p>Hi,</p><p></p><p>I forgot to mention one thing i.e., there were so many IP addresses in the host file, i had seen when my system got infected.</p><p>Possibly, you would have seen.</p><p></p><p><em>And after running AdwCleaner > scan > clean > system has restarted and one error has come after rebooting, screenshot has been attached..</em></p><p><em></em></p><p><em>Screenshot: error1.png</em></p><p><em></em></p><p><em>And cmd prompt has come after rebooting.</em></p><p></p><p></p><p><strong></strong></p><p><strong>Note:</strong></p><p>Attached files are </p><p></p><p>Fixlog.txt</p><p>error1.png</p><p>AdwCleaner[C0].txt</p><p>AdwCleaner[S0].txt</p><p>------------------------</p><p></p><p></p><p><strong>AdwCleaner log:</strong></p><p></p><p></p><p># AdwCleaner v6.045 - Logfile created 11/04/2017 at 19:53:14</p><p># Updated on 28/03/2017 by Malwarebytes</p><p># Database : 2017-04-10.2 [Server]</p><p># Operating System : Windows 10 Home Single Language (X64)</p><p># Username : shail_000 - IDEABOX</p><p># Running from : C:\Saurabh\Safety Tools\AdwCleaner.exe</p><p># Mode: Clean</p><p># Support : <a href="https://www.malwarebytes.com/support" target="_blank">Customer Support & Help Center</a></p><p></p><p></p><p></p><p>***** [ Services ] *****</p><p></p><p>[-] Service deleted: SNARER</p><p></p><p></p><p>***** [ Folders ] *****</p><p></p><p>[-] Folder deleted: C:\Users\shail_000\AppData\Local\PackageAware</p><p>[-] Folder deleted: C:\Users\shail_000\AppData\Local\SNARER</p><p>[-] Folder deleted: C:\Users\shail_000\AppData\Roaming\RHEng</p><p></p><p></p><p>***** [ Files ] *****</p><p></p><p>[-] File deleted: C:\Users\shail_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\UC浏览器.lnk</p><p>[-] File deleted: C:\WINDOWS\SysNative\log\iSafeKrnlCall.log</p><p>[-] File deleted: C:\END</p><p>[-] File deleted: C:\TOSTACK</p><p>[-] File deleted: C:\Users\Public\Documents\temp.dat</p><p>[-] File deleted: C:\Users\Public\Documents\report.dat</p><p></p><p></p><p>***** [ DLL ] *****</p><p></p><p></p><p></p><p>***** [ WMI ] *****</p><p></p><p></p><p></p><p>***** [ Shortcuts ] *****</p><p></p><p>[-] Shortcut disinfected: C:\Users\shail_000\Desktop\Tor Browser\Start Tor Browser.lnk</p><p></p><p></p><p>***** [ Scheduled Tasks ] *****</p><p></p><p></p><p></p><p>***** [ Registry ] *****</p><p></p><p>[-] Key deleted: HKLM\SOFTWARE\Classes\UCHTML</p><p>[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\GoogleChromeUpService</p><p>[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\SkypeUpdateEx</p><p>[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\ed2kidle</p><p>[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\WMPNetworkAcSvc</p><p>[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\wmpnetworkacsvc</p><p>[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\googlechromeupservice</p><p>[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\SNARER</p><p>[#] Key deleted on reboot: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\SNARER</p><p>[-] Key deleted: HKU\.DEFAULT\Software\UpgSvr</p><p>[-] Key deleted: HKU\S-1-5-21-2273034955-3136679368-1736891683-1002\Software\Installer</p><p>[-] Key deleted: HKU\S-1-5-21-2273034955-3136679368-1736891683-1002\Software\AutoTime</p><p>[-] Key deleted: HKU\S-1-5-21-2273034955-3136679368-1736891683-1002\Software\SNDA</p><p>[-] Key deleted: HKU\S-1-5-21-2273034955-3136679368-1736891683-1002\Software\PopWnd</p><p>[-] Key deleted: HKU\S-1-5-21-2273034955-3136679368-1736891683-1002\Software\UpgSvr</p><p>[-] Key deleted: HKU\S-1-5-21-2273034955-3136679368-1736891683-1002\Software\deskapp</p><p>[#] Key deleted on reboot: HKU\S-1-5-18\Software\UpgSvr</p><p>[#] Key deleted on reboot: HKCU\Software\Installer</p><p>[#] Key deleted on reboot: HKCU\Software\AutoTime</p><p>[#] Key deleted on reboot: HKCU\Software\SNDA</p><p>[#] Key deleted on reboot: HKCU\Software\PopWnd</p><p>[#] Key deleted on reboot: HKCU\Software\UpgSvr</p><p>[#] Key deleted on reboot: HKCU\Software\deskapp</p><p>[-] Key deleted: HKLM\SOFTWARE\SkypeUpdateEx</p><p>[-] Key deleted: HKLM\SOFTWARE\ScreenShot</p><p>[-] Key deleted: HKLM\SOFTWARE\WMPNetworkAcSvc</p><p>[-] Key deleted: HKLM\SOFTWARE\msServer</p><p>[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{59B5A9CD-253D-4C41-A073-B387D4C9672D}</p><p>[#] Key deleted on reboot: [x64] HKCU\Software\Installer</p><p>[#] Key deleted on reboot: [x64] HKCU\Software\AutoTime</p><p>[#] Key deleted on reboot: [x64] HKCU\Software\SNDA</p><p>[#] Key deleted on reboot: [x64] HKCU\Software\PopWnd</p><p>[#] Key deleted on reboot: [x64] HKCU\Software\UpgSvr</p><p>[#] Key deleted on reboot: [x64] HKCU\Software\deskapp</p><p>[-] Key deleted: [x64] HKLM\SOFTWARE\SkypeUpdateEx</p><p>[-] Key deleted: [x64] HKLM\SOFTWARE\InterSect Alliance</p><p>[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\foxi69.tlscdn.com</p><p>[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\nova.rambler.ru</p><p>[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\rambler.ru</p><p>[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\tlscdn.com</p><p>[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\foxi69.tlscdn.com</p><p>[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\nova.rambler.ru</p><p>[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\rambler.ru</p><p>[-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\tlscdn.com</p><p>[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\foxi69.tlscdn.com</p><p>[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\nova.rambler.ru</p><p>[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\rambler.ru</p><p>[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\tlscdn.com</p><p>[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\foxi69.tlscdn.com</p><p>[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\nova.rambler.ru</p><p>[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\rambler.ru</p><p>[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\tlscdn.com</p><p>[-] Value deleted: HKU\S-1-5-21-2273034955-3136679368-1736891683-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [apphide]</p><p>[-] Value deleted: HKU\S-1-5-21-2273034955-3136679368-1736891683-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [msiql]</p><p>[-] Value deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [gplyra]</p><p>[-] Value deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [DiskPower]</p><p>[-] Value deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [MyMemory]</p><p>[-] Value deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [BestCleaner]</p><p>[-] Value deleted: HKU\S-1-5-21-2273034955-3136679368-1736891683-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [svchost0]</p><p>[-] Key deleted: HKLM\SOFTWARE\Classes\DesktopBackground\Shell\Add event reminder</p><p>[-] Key deleted: HKLM\SOFTWARE\Classes\Directory\Background\shell\Add event reminder</p><p>[-] Key deleted: HKLM\SOFTWARE\Classes\Directory\shell\Add event reminder</p><p>[-] Value deleted: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [WinSAPSvc]</p><p>[-] Key deleted: HKLM\SOFTWARE\Classes\*\shell\Add event reminder</p><p>[-] Value deleted: HKCU\SOFTWARE\Classes\.crx\OpenWithProgids [UCHTML.AssocFile.CRX]</p><p>[-] Value deleted: HKCU\SOFTWARE\Classes\.mht\OpenWithProgids [UCHTML.AssocFile.MHT]</p><p>[-] Value deleted: HKCU\SOFTWARE\Classes\.shtm\OpenWithProgids [UCHTML.AssocFile.SHTM]</p><p>[-] Value deleted: HKCU\SOFTWARE\Classes\.webp\OpenWithProgids [UCHTML.AssocFile.WEBP]</p><p>[-] Value deleted: HKLM\SOFTWARE\Classes\.htm\OpenWithProgids [UCHTML.AssocFile.HTM]</p><p>[-] Value deleted: HKLM\SOFTWARE\Classes\.html\OpenWithProgids [UCHTML.AssocFile.HTML]</p><p>[-] Value deleted: HKLM\SOFTWARE\Classes\.mht\OpenWithProgids [UCHTML.AssocFile.MHT]</p><p>[-] Value deleted: HKLM\SOFTWARE\Classes\.shtm\OpenWithProgids [UCHTML.AssocFile.SHTM]</p><p>[-] Value deleted: HKLM\SOFTWARE\Classes\.shtml\OpenWithProgids [UCHTML.AssocFile.SHTML]</p><p>[-] Value deleted: HKLM\SOFTWARE\Classes\.webp\OpenWithProgids [UCHTML.AssocFile.WEBP]</p><p>[-] Value deleted: HKLM\SOFTWARE\Classes\.xht\OpenWithProgids [UCHTML.AssocFile.XHT]</p><p>[-] Value deleted: HKLM\SOFTWARE\Classes\.xhtml\OpenWithProgids [UCHTML.AssocFile.XHTML]</p><p></p><p></p><p>***** [ Web browsers ] *****</p><p></p><p>[-] [C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: aol.com</p><p>[-] [C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: ask.com</p><p></p><p></p><p>*************************</p><p></p><p>:: "Tracing" keys deleted</p><p>:: Winsock settings cleared</p><p></p><p>*************************</p><p></p><p>C:\AdwCleaner\AdwCleaner[C0].txt - [9929 Bytes] - [11/04/2017 19:53:14]</p><p>C:\AdwCleaner\AdwCleaner[S0].txt - [9635 Bytes] - [11/04/2017 19:50:41]</p><p></p><p>########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [10075 Bytes] ##########</p><p></p><p></p><p>-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------</p><p></p><p></p><p>Thanks for your valuable time.</p></blockquote><p></p>
[QUOTE="Srvs, post: 617931, member: 60851"] Hi, I forgot to mention one thing i.e., there were so many IP addresses in the host file, i had seen when my system got infected. Possibly, you would have seen. [I]And after running AdwCleaner > scan > clean > system has restarted and one error has come after rebooting, screenshot has been attached.. Screenshot: error1.png And cmd prompt has come after rebooting.[/I] [B] Note:[/B] Attached files are Fixlog.txt error1.png AdwCleaner[C0].txt AdwCleaner[S0].txt ------------------------ [B]AdwCleaner log:[/B] # AdwCleaner v6.045 - Logfile created 11/04/2017 at 19:53:14 # Updated on 28/03/2017 by Malwarebytes # Database : 2017-04-10.2 [Server] # Operating System : Windows 10 Home Single Language (X64) # Username : shail_000 - IDEABOX # Running from : C:\Saurabh\Safety Tools\AdwCleaner.exe # Mode: Clean # Support : [URL="https://www.malwarebytes.com/support"]Customer Support & Help Center[/URL] ***** [ Services ] ***** [-] Service deleted: SNARER ***** [ Folders ] ***** [-] Folder deleted: C:\Users\shail_000\AppData\Local\PackageAware [-] Folder deleted: C:\Users\shail_000\AppData\Local\SNARER [-] Folder deleted: C:\Users\shail_000\AppData\Roaming\RHEng ***** [ Files ] ***** [-] File deleted: C:\Users\shail_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\UC浏览器.lnk [-] File deleted: C:\WINDOWS\SysNative\log\iSafeKrnlCall.log [-] File deleted: C:\END [-] File deleted: C:\TOSTACK [-] File deleted: C:\Users\Public\Documents\temp.dat [-] File deleted: C:\Users\Public\Documents\report.dat ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Shortcuts ] ***** [-] Shortcut disinfected: C:\Users\shail_000\Desktop\Tor Browser\Start Tor Browser.lnk ***** [ Scheduled Tasks ] ***** ***** [ Registry ] ***** [-] Key deleted: HKLM\SOFTWARE\Classes\UCHTML [-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\GoogleChromeUpService [-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\SkypeUpdateEx [-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\ed2kidle [-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\WMPNetworkAcSvc [#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\wmpnetworkacsvc [#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\googlechromeupservice [-] Key deleted: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\SNARER [#] Key deleted on reboot: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\SNARER [-] Key deleted: HKU\.DEFAULT\Software\UpgSvr [-] Key deleted: HKU\S-1-5-21-2273034955-3136679368-1736891683-1002\Software\Installer [-] Key deleted: HKU\S-1-5-21-2273034955-3136679368-1736891683-1002\Software\AutoTime [-] Key deleted: HKU\S-1-5-21-2273034955-3136679368-1736891683-1002\Software\SNDA [-] Key deleted: HKU\S-1-5-21-2273034955-3136679368-1736891683-1002\Software\PopWnd [-] Key deleted: HKU\S-1-5-21-2273034955-3136679368-1736891683-1002\Software\UpgSvr [-] Key deleted: HKU\S-1-5-21-2273034955-3136679368-1736891683-1002\Software\deskapp [#] Key deleted on reboot: HKU\S-1-5-18\Software\UpgSvr [#] Key deleted on reboot: HKCU\Software\Installer [#] Key deleted on reboot: HKCU\Software\AutoTime [#] Key deleted on reboot: HKCU\Software\SNDA [#] Key deleted on reboot: HKCU\Software\PopWnd [#] Key deleted on reboot: HKCU\Software\UpgSvr [#] Key deleted on reboot: HKCU\Software\deskapp [-] Key deleted: HKLM\SOFTWARE\SkypeUpdateEx [-] Key deleted: HKLM\SOFTWARE\ScreenShot [-] Key deleted: HKLM\SOFTWARE\WMPNetworkAcSvc [-] Key deleted: HKLM\SOFTWARE\msServer [-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{59B5A9CD-253D-4C41-A073-B387D4C9672D} [#] Key deleted on reboot: [x64] HKCU\Software\Installer [#] Key deleted on reboot: [x64] HKCU\Software\AutoTime [#] Key deleted on reboot: [x64] HKCU\Software\SNDA [#] Key deleted on reboot: [x64] HKCU\Software\PopWnd [#] Key deleted on reboot: [x64] HKCU\Software\UpgSvr [#] Key deleted on reboot: [x64] HKCU\Software\deskapp [-] Key deleted: [x64] HKLM\SOFTWARE\SkypeUpdateEx [-] Key deleted: [x64] HKLM\SOFTWARE\InterSect Alliance [-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\foxi69.tlscdn.com [-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\nova.rambler.ru [-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\rambler.ru [-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\tlscdn.com [-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\foxi69.tlscdn.com [-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\nova.rambler.ru [-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\rambler.ru [-] Key deleted: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\tlscdn.com [#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\foxi69.tlscdn.com [#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\nova.rambler.ru [#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\rambler.ru [#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\tlscdn.com [#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\foxi69.tlscdn.com [#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\nova.rambler.ru [#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\rambler.ru [#] Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\tlscdn.com [-] Value deleted: HKU\S-1-5-21-2273034955-3136679368-1736891683-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [apphide] [-] Value deleted: HKU\S-1-5-21-2273034955-3136679368-1736891683-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [msiql] [-] Value deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [gplyra] [-] Value deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [DiskPower] [-] Value deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [MyMemory] [-] Value deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [BestCleaner] [-] Value deleted: HKU\S-1-5-21-2273034955-3136679368-1736891683-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [svchost0] [-] Key deleted: HKLM\SOFTWARE\Classes\DesktopBackground\Shell\Add event reminder [-] Key deleted: HKLM\SOFTWARE\Classes\Directory\Background\shell\Add event reminder [-] Key deleted: HKLM\SOFTWARE\Classes\Directory\shell\Add event reminder [-] Value deleted: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [WinSAPSvc] [-] Key deleted: HKLM\SOFTWARE\Classes\*\shell\Add event reminder [-] Value deleted: HKCU\SOFTWARE\Classes\.crx\OpenWithProgids [UCHTML.AssocFile.CRX] [-] Value deleted: HKCU\SOFTWARE\Classes\.mht\OpenWithProgids [UCHTML.AssocFile.MHT] [-] Value deleted: HKCU\SOFTWARE\Classes\.shtm\OpenWithProgids [UCHTML.AssocFile.SHTM] [-] Value deleted: HKCU\SOFTWARE\Classes\.webp\OpenWithProgids [UCHTML.AssocFile.WEBP] [-] Value deleted: HKLM\SOFTWARE\Classes\.htm\OpenWithProgids [UCHTML.AssocFile.HTM] [-] Value deleted: HKLM\SOFTWARE\Classes\.html\OpenWithProgids [UCHTML.AssocFile.HTML] [-] Value deleted: HKLM\SOFTWARE\Classes\.mht\OpenWithProgids [UCHTML.AssocFile.MHT] [-] Value deleted: HKLM\SOFTWARE\Classes\.shtm\OpenWithProgids [UCHTML.AssocFile.SHTM] [-] Value deleted: HKLM\SOFTWARE\Classes\.shtml\OpenWithProgids [UCHTML.AssocFile.SHTML] [-] Value deleted: HKLM\SOFTWARE\Classes\.webp\OpenWithProgids [UCHTML.AssocFile.WEBP] [-] Value deleted: HKLM\SOFTWARE\Classes\.xht\OpenWithProgids [UCHTML.AssocFile.XHT] [-] Value deleted: HKLM\SOFTWARE\Classes\.xhtml\OpenWithProgids [UCHTML.AssocFile.XHTML] ***** [ Web browsers ] ***** [-] [C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: aol.com [-] [C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: ask.com ************************* :: "Tracing" keys deleted :: Winsock settings cleared ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [9929 Bytes] - [11/04/2017 19:53:14] C:\AdwCleaner\AdwCleaner[S0].txt - [9635 Bytes] - [11/04/2017 19:50:41] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [10075 Bytes] ########## ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Thanks for your valuable time. [/QUOTE]
Insert quotes…
Verification
Post reply
Top