# AdwCleaner 7.0.7.0 - Logfile created on Fri Sep 21 16:10:06 2018 # Updated on 2018/18/01 by Malwarebytes # Database: 01-16-2018.1 # Running on Windows 7 Professional (X86) # Mode: scan # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** PUP.Optional.ByteFence, C:\ProgramData\ByteFence PUP.Optional.ByteFence, C:\ProgramData\Application Data\ByteFence PUP.Optional.ByteFence, C:\Users\All Users\ByteFence PUP.Optional.FastDataX, C:\Program Files\FastDataX PUP.Optional.Mail.Ru, C:\ProgramData\Mail.Ru PUP.Optional.Mail.Ru, C:\ProgramData\Application Data\Mail.Ru PUP.Optional.Mail.Ru, C:\Program Files\Mail.Ru PUP.Optional.Mail.Ru, C:\Windows\System32\config\systemprofile\AppData\Local\Mail.Ru PUP.Optional.Mail.Ru, C:\Users\All Users\Mail.Ru PUP.Optional.Mail.Ru, C:\Users\PC\AppData\Local\Mail.Ru PUP.Adware.Heuristic, C:\ProgramData\1a333172-5221-0 PUP.Adware.Heuristic, C:\ProgramData\1a333172-6111-1 PUP.Adware.Heuristic, C:\ProgramData\66ceb2e4-0285-0 PUP.Adware.Heuristic, C:\ProgramData\66ceb2e4-6005-1 PUP.Adware.Heuristic, C:\ProgramData\{0b087e05-712c-1} PUP.Adware.Heuristic, C:\ProgramData\{13293a8f-612c-0} PUP.Adware.Heuristic, C:\ProgramData\{33562664-112c-0} PUP.Adware.Heuristic, C:\ProgramData\{4bd029e3-612c-1} ***** [ Files ] ***** PUP.Optional.Legacy, C:\Users\PC\Favorites\Mail.Ru.url PUP.Optional.Legacy, C:\Users\PC\appdata\local\installationconfiguration.xml PUP.Optional.Legacy, C:\Users\PC\Favorites\Искать в Интернете.url PUP.Optional.Mail.Ru, C:\Users\PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** PUP.Optional.Legacy, C:\Users\PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk - url,FileProtocolHandler "http:\\www.mail.ru\cnt\20775012?gp=843035" PUP.Optional.Legacy, C:\Users\PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk - url,FileProtocolHandler "http:\\www.mail.ru\cnt\20775012?gp=843035" ***** [ Tasks ] ***** PUP.Optional.FastDataX, FastDataX Task ***** [ Registry ] ***** PUP.Optional.Legacy, [Data] - HKCU\Software\Microsoft\Internet Explorer\Main | Start Page [http:\\mail.ru\cnt\10445?gp=834423] PUP.Optional.Legacy, [Data] - HKCU\Software\Microsoft\Internet Explorer\Main | Start Page [http:\\mail.ru\cnt\10445?gp=834423] PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Lavasoft\Web Companion PUP.Optional.Legacy, [Key] - HKU\.DEFAULT\Software\Lavasoft\Web Companion PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-670565590-3538139323-3179724057-1000\Software\Lavasoft\Web Companion PUP.Optional.Legacy, [Key] - HKU\S-1-5-18\Software\Lavasoft\Web Companion PUP.Optional.Legacy, [Key] - HKCU\Software\Lavasoft\Web Companion PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\DMunversion PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{8E8F97CD-60B5-456F-A201-73065652D099} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E8F97CD-60B5-456F-A201-73065652D099} PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8E8F97CD-60B5-456F-A201-73065652D099} PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8E8F97CD-60B5-456F-A201-73065652D099} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AE298D-7E8A-4F53-BE55-15D2B065F6C0} PUP.Optional.Legacy, [Value] - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run | Web Companion PUP.Optional.Legacy, [Value] - HKU\S-1-5-21-670565590-3538139323-3179724057-1000\Software\Microsoft\Windows\CurrentVersion\Run | Web Companion PUP.Optional.Legacy, [Value] - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run | Web Companion PUP.Optional.Legacy, [Value] - HKCU\Software\Microsoft\Windows\CurrentVersion\Run | Web Companion PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com PUP.Optional.ByteFence, [Key] - HKU\.DEFAULT\Software\ByteFence PUP.Optional.ByteFence, [Key] - HKU\S-1-5-18\Software\ByteFence PUP.Optional.ByteFence, [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION | ByteFence.exe PUP.Optional.ByteFence, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence PUP.Optional.FastDataX, [Key] - HKU\S-1-5-21-670565590-3538139323-3179724057-1000\Software\FastDataX PUP.Optional.FastDataX, [Key] - HKCU\Software\FastDataX PUP.Optional.FastDataX, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FastDataX_is1 PUP.Optional.DiskPower, [Key] - HKLM\SOFTWARE\Microsoft\{6711eba6-cf08-4edw-9528-86004fa424bb} PUP.Optional.OneSystemCare, [Key] - HKU\S-1-5-21-670565590-3538139323-3179724057-1000\Software\One System Care PUP.Optional.OneSystemCare, [Key] - HKCU\Software\One System Care PUP.Optional.Mail.Ru, [Key] - HKLM\SOFTWARE\Mail.Ru PUP.Optional.Mail.Ru, [Key] - HKU\S-1-5-21-670565590-3538139323-3179724057-1000\Software\Mail.Ru PUP.Optional.Mail.Ru, [Key] - HKU\S-1-5-21-670565590-3538139323-3179724057-1000\Software\AppDataLow\Software\Mail.Ru PUP.Optional.Mail.Ru, [Key] - HKCU\Software\Mail.Ru PUP.Optional.Mail.Ru, [Key] - HKCU\Software\AppDataLow\Software\Mail.Ru PUP.Optional.Mail.Ru, [Key] - HKCU\Software\Google\Chrome\NativeMessagingHosts\ru.mail.go.ext_info_host PUP.Optional.Mail.Ru, [Key] - HKCU\Software\Mozilla\NativeMessagingHosts\ru.mail.go.ext_info_host PUP.Optional.Tuto4PC, [Key] - HKU\S-1-5-21-670565590-3538139323-3179724057-1000\Software\MICROSOFT\wewewe PUP.Optional.Tuto4PC, [Key] - HKCU\Software\MICROSOFT\wewewe PUP.Optional.BestCleaner, [Key] - HKU\S-1-5-21-670565590-3538139323-3179724057-1000\Software\Microsoft\BigTime PUP.Optional.BestCleaner, [Key] - HKCU\Software\Microsoft\BigTime PUP.Optional.DriverPack, [Key] - HKU\S-1-5-21-670565590-3538139323-3179724057-1000\Software\drpsu PUP.Optional.DriverPack, [Key] - HKCU\Software\drpsu Adware.DNSUnlocker, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564 PUP.Optional.WeatherAlerts, [Key] - HKLM\SOFTWARE\Microsoft\APreSam PUP.Optional.WeatherAlerts, [Key] - HKLM\SOFTWARE\Microsoft\NSaveA PUP.Optional.WeatherAlerts, [Key] - HKLM\SOFTWARE\Microsoft\PrAmNP PUP.Optional.WeatherAlerts, [Key] - HKLM\SOFTWARE\Microsoft\MPrForShutT PUP.Optional.WeatherAlerts, [Key] - HKLM\SOFTWARE\Microsoft\PrIncub PUP.Optional.WeatherAlerts, [Key] - HKU\S-1-5-21-670565590-3538139323-3179724057-1000\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d} PUP.Optional.WeatherAlerts, [Key] - HKCU\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d} PUP.Optional.InstallCore, [Key] - HKU\S-1-5-21-670565590-3538139323-3179724057-1000\Software\csastats PUP.Optional.InstallCore, [Key] - HKCU\Software\csastats ***** [ Firefox (and derivatives) ] ***** PUP.Optional.Legacy, Plugin found: Домашняя страница Mail.Ru - PUP.Optional.Legacy, Plugin found: Поиск Mail.Ru - PUP.Optional.Legacy, Startpage found: https://inline.go.mail.ru/homepage?inline_comp=hp&inline_hp_cnt=11956636 PUP.Optional.Mail.Ru, Plugin found: __MSG_extName__ - ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries. ************************* ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########