# AdwCleaner 7.0.3.1 - Logfile created on Fri Oct 13 15:42:57 2017 # Updated on 2017/29/09 by Malwarebytes # Database: 10-12-2017.1 # Running on Windows 10 Pro (X64) # Mode: scan # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** PUP.Optional.Legacy, C:\Users\All Users\Documents\XMUpdate PUP.Optional.Legacy, C:\Users\Public\Documents\XMUpdate Adware.NeoBar, C:\Program Files (x86)\AvMVIUoBwtUn Adware.NeoBar, C:\Program Files (x86)\CKCpTyVyQIE PUP.Optional.StartPage, C:\Users\Walid\AppData\Roaming\BROWSERMODULE PUP.Optional.MirageISO, C:\Users\Public\Documents\XMUpdate PUP.Adware.Heuristic, C:\ProgramData\42993e9f PUP.Adware.Heuristic, C:\ProgramData\53563c05-1415-0 PUP.Adware.Heuristic, C:\ProgramData\53563c05-32c1-0 PUP.Adware.Heuristic, C:\ProgramData\53563c05-5bd3-1 PUP.Adware.Heuristic, C:\ProgramData\848f0cf2-4921-0 PUP.Adware.Heuristic, C:\ProgramData\848f0cf2-5365-1 PUP.Adware.Heuristic, C:\ProgramData\{12ea6476-312c-0} PUP.Adware.Heuristic, C:\ProgramData\{30bd6ccc-212c-1} PUP.Adware.Heuristic, C:\ProgramData\{415807db-712c-0} PUP.Adware.Heuristic, C:\ProgramData\{5a640756-012c-1} ***** [ Files ] ***** PUP.Optional.Legacy, C:\Users\Walid\appdata\local\installationconfiguration.xml PUP.Optional.ChinAd, C:\Windows\SysNative\drivers\wfcre.sys ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** PUP.Optional.Legacy, DRIVERTOOLKIT AUTORUN Adware.NeoBar, jJKowXmxzIFxIuj Adware.NeoBar, jJKowXmxzIFxIuj2 Adware.NeoBar, LSjUFtTofwjkxN PUP.Adware.Heuristic, a005b2a6a3b47237e60b7827073d1f8b ***** [ Registry ] ***** PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\d19tqk5t6qcjac.cloudfront.net PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\utop.it PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\d19tqk5t6qcjac.cloudfront.net PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\utop.it PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchy PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{24F5E422-6A70-4FAA-8CAD-E23D5DC1DAE6} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DD0688A5-FC8B-4E93-A485-CBF606A56D49} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\DMunversion PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{2D9B1B31-D034-4738-8F6E-40F0AFCC742C} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\{3A188115-B81B-48F2-A958-F974C8F3F309} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{43769158-3B03-4932-8D8A-8F0F344BF024} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{78CE34FD-F6D4-4866-B79C-A37268D06A04} PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A89A7E3-6ADD-4EF9-8EE7-A3C3B7D83BB0} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{80904944-C726-4C7D-A452-3FFF2A882095} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\SMBarBroker.EXE PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing PUP.Optional.Wajam, [Key] - HKLM\SOFTWARE\SrcAAAesom Browser Enhancer PUP.Optional.Wajam, [Key] - HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9 Adware.DNSUnlocker, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564 Adware.NeoBar, [Key] - HKLM\SOFTWARE\Classes\CLSID\{C0D38E5A-7CF8-4105-8FE8-31B81443A114} Adware.NeoBar, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C0D38E5A-7CF8-4105-8FE8-31B81443A114} PUP.Optional.NeoBar.ChrPRST, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\E3605470-291B-44EB-8648-745EE356599A PUP.Optional.Tuto4PC, [Key] - HKU\S-1-5-21-245908911-1926491962-559848965-1001\Software\MICROSOFT\wewewe PUP.Optional.Tuto4PC, [Key] - HKCU\Software\MICROSOFT\wewewe PUP.Optional.WeatherAlerts, [Key] - HKLM\SOFTWARE\Microsoft\APreSam PUP.Optional.WeatherAlerts, [Key] - HKLM\SOFTWARE\Microsoft\NSaveA PUP.Optional.WeatherAlerts, [Key] - HKLM\SOFTWARE\Microsoft\PrAmNP PUP.Optional.WeatherAlerts, [Key] - HKLM\SOFTWARE\Microsoft\MPrForShutT PUP.Optional.WeatherAlerts, [Key] - HKLM\SOFTWARE\Microsoft\PrIncub PUP.Optional.WeatherAlerts, [Key] - HKU\S-1-5-21-245908911-1926491962-559848965-1001\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d} PUP.Optional.WeatherAlerts, [Key] - HKCU\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d} PUP.Optional.DNSUnlocker, [Key] - HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries. ************************* ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########