# AdwCleaner 7.0.2.1 - Logfile created on Sat Sep 09 07:12:27 2017 # Updated on 2017/29/08 by Malwarebytes # Database: 09-08-2017.1 # Running on Windows 7 Professional (X64) # Mode: scan # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** PUP.Optional.Legacy, C:\Program Files (x86)\WindowsTM PUP.Optional.Legacy, C:\Users\All Users\Documents\XMUpdate PUP.Optional.Legacy, C:\Users\Public\Documents\XMUpdate Adware.Tuto4PC, C:\Program Files (x86)\ShutdownTime ***** [ Files ] ***** PUP.Optional.Legacy, C:\Users\Adrian\appdata\local\installationconfiguration.xml Adware.Linkury, C:\Users\Adrian\AppData\Local\PO.DB PUP.Optional.SpyHunter, C:\Windows\SysNative\drivers\EsgScanner.sys ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** PUP.Optional.Legacy, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk - http:\\www.yeadesktop.com\ PUP.Optional.Legacy, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - http:\\www.yeadesktop.com\ ***** [ Tasks ] ***** PUP.Optional.Legacy, Online Application V2G1 PUP.Optional.Legacy, Online Application V2G3 PUP.Optional.Legacy, Online Application V2G2 PUP.Optional.Legacy, Doroghtshejas Module PUP.Optional.OnlineIO, Updater_Online_Application ***** [ Registry ] ***** Adware.Elex, [Value] - HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER | ENABLESHELLEXECUTEHOOKS PUP.Optional.Legacy, [Data] - HKCU\Software\Microsoft\Internet Explorer\Main | ImageStoreRandomFolder [yev9pur] PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-4055709356-1465872850-4113285666-1000\Software\PopWnd PUP.Optional.Legacy, [Key] - HKCU\Software\PopWnd PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83} PUP.Optional.Legacy, [Key] - HKU\.DEFAULT\Software\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83} PUP.Optional.Legacy, [Key] - HKU\S-1-5-18\Software\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchy PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{24F5E422-6A70-4FAA-8CAD-E23D5DC1DAE6} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DD0688A5-FC8B-4E93-A485-CBF606A56D49} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{22511E2E-7970-414E-BC7C-28D16C4AF54D} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{23C5311E-016D-4999-BCB1-499898429D6C} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{2C4B6DB8-6413-403B-A038-16A352CFE8B9} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{46803190-228D-470E-90FE-F5E0CEA9C4F2} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{5180FE16-2E09-497B-9C8B-5A6F029ECECB} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{A4F6E1B3-469E-46EF-A936-FBA9D5EFD2B9} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{C97AF157-6A27-4F57-9D47-E2D3E4761B77} PUP.Optional.YeaDesktop, [Value] - HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION | YeaDesktop.exe PUP.Optional.YeaDesktop, [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION | YeaDesktop.exe PUP.Optional.BitCoinMiner, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\vnlgp ***** [ Firefox (and derivatives) ] ***** PUP.Optional.Legacy, Plugin found: Ant Video Downloader - Ant.com ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries. ************************* C:/AdwCleaner/AdwCleaner[C1].txt - [5976 B] - [2016/6/4 11:40:40] C:/AdwCleaner/AdwCleaner[C2].txt - [1179 B] - [2016/6/11 14:26:20] C:/AdwCleaner/AdwCleaner[S1].txt - [6039 B] - [2016/6/4 11:37:41] C:/AdwCleaner/AdwCleaner[S2].txt - [1082 B] - [2016/6/11 14:24:2] ########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt ##########