# AdwCleaner 7.0.0.0 - Logfile created on Wed Jul 19 11:37:07 2017 # Updated on 2017/17/07 by Malwarebytes # Database: 07-19-2017.3 # Running on Windows 7 Starter (X86) # Mode: scan # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** PUP.Adware.Heuristic, ASEC\ROOT\subscription\ActiveScriptEventConsumer ***** [ Shortcuts ] ***** PUP.Optional.YeaDesktop, C:/Users/acer/AppData/Roaming/Microsoft/Windows/Start Menu/Programs/Internet Explorer.lnk - http://www.yeadesktopbr.com/ PUP.Optional.YeaDesktop, C:/Users/acer/AppData/Roaming/Microsoft/Internet Explorer/Quick Launch/Google Chrome.lnk - --load-extension="C:\Users\acer\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" http://www.yeadesktopbr.com/ PUP.Optional.YeaDesktop, C:/Users/acer/AppData/Roaming/Microsoft/Internet Explorer/Quick Launch/Launch Internet Explorer Browser.lnk - http://www.yeadesktopbr.com/ PUP.Optional.YeaDesktop, C:/Users/acer/AppData/Roaming/Microsoft/Internet Explorer/Quick Launch/User Pinned/TaskBar/Google Chrome (2).lnk - --load-extension="C:\Users\acer\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" http://www.yeadesktopbr.com/ PUP.Optional.YeaDesktop, C:/Users/acer/AppData/Roaming/Microsoft/Internet Explorer/Quick Launch/User Pinned/TaskBar/Google Chrome.lnk - --load-extension="C:\Users\acer\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" http://www.yeadesktopbr.com/ PUP.Optional.YeaDesktop, C:/Users/Public/Desktop/Google Chrome.lnk - --load-extension="C:\Users\acer\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" http://www.yeadesktopbr.com/ ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EFC0651C-B6D7-49CD-A6E0-B1CE9AB5FE46} PUP.Optional.MoneyFriend, [Key] - HKU\S-1-5-21-3870036773-1733889631-3641599161-1000\Software\msaver PUP.Optional.MoneyFriend, [Key] - HKCU\Software\msaver ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries. ************************* C:/AdwCleaner/AdwCleaner[C1].txt - [19278 B] - [2016/7/9 15:3:31] C:/AdwCleaner/AdwCleaner[C2].txt - [5883 B] - [2017/7/11 11:57:27] C:/AdwCleaner/AdwCleaner[S1].txt - [18779 B] - [2016/7/9 14:42:35] C:/AdwCleaner/AdwCleaner[S2].txt - [5928 B] - [2017/7/11 11:55:52] ########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt ##########