# AdwCleaner v6.043 - Logfile created 23/02/2017 at 21:07:45 # Updated on 27/01/2017 by Malwarebytes # Database : 2017-02-23.4 [Server] # Operating System : Windows 7 Ultimate Service Pack 1 (X64) # Username : mati - PC # Running from : C:\Users\mati\Downloads\AdwCleaner.exe # Mode: Scan # Support : https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** Folder Found: C:\Users\mati\AppData\Local\FileViewPro Folder Found: C:\Users\mati\AppData\LocalLow\smartdownloader Folder Found: C:\Users\mati\AppData\Roaming\OpenCandy Folder Found: C:\Users\mati\AppData\Roaming\Solvusoft Folder Found: C:\Users\mati\AppData\Roaming\sweet-page Folder Found: C:\Users\Guest\AppData\Roaming\Solvusoft Folder Found: C:\Program Files\Przyspiesz Komputer Folder Found: C:\ProgramData\Solvusoft Folder Found: C:\ProgramData\Application Data\Solvusoft Folder Found: C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\AVG Secure Search ***** [ Files ] ***** File Found: C:\Users\mati\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Check PC for Errors.lnk File Found: C:\Users\mati\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Desk 365.lnk File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.funkymediatabsearch.com_0.localstorage File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.funkymediatabsearch.com_0.localstorage-journal ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious keys found. ***** [ Shortcuts ] ***** Shortcut infected: C:\Users\mati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WorldofTanks\WorldofTanks.lnk ( hxxp://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/ ) Shortcut infected: C:\Users\mati\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WorldofTanks.lnk ( hxxp://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/ ) ***** [ Scheduled Tasks ] ***** Task Found: WOT N Task Found: WOT T Task Found: WOT W1 Task Found: WOT W2 Task Found: WOT WFRI1 Task Found: WOT WMON1 Task Found: WOT WTHUR1 Task Found: WOT WTUE1 Task Found: WOT WW1 Task Found: WOT WW2 Task Found: WOT WWED1 Task Found: OpenCandyHelperRunOnce ***** [ Registry ] ***** Key Found: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\eSafeSvc Key Found: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\eSafeSvc Key Found: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WebCakeUpdaterService Key Found: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WebCakeUpdaterService Key Found: HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762} Key Found: HKU\.DEFAULT\Software\DealPly Key Found: HKU\.DEFAULT\Software\ImInstaller Key Found: HKU\.DEFAULT\Software\WNLT Key Found: HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly Key Found: HKU\S-1-5-21-3372699847-3746653199-2843972665-1000\Software\dobreprogramy Key Found: HKU\S-1-5-21-3372699847-3746653199-2843972665-1000\Software\InstallCore Key Found: HKU\S-1-5-21-3372699847-3746653199-2843972665-1000\Software\YahooPartnerToolbar Key Found: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3372699847-3746653199-2843972665-1000\Software\SweetIM Key Found: HKU\S-1-5-18\Software\DealPly Key Found: HKU\S-1-5-18\Software\ImInstaller Key Found: HKU\S-1-5-18\Software\WNLT Key Found: HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly Key Found: HKCU\Software\dobreprogramy Key Found: HKCU\Software\InstallCore Key Found: HKCU\Software\YahooPartnerToolbar Key Found: HKLM\SOFTWARE\sweet-pageSoftware Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{80107F16-CB2E-42AB-AB9D-6C11540D5A8B} Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3372699847-3746653199-2843972665-1000\Software\SweetIM Key Found: [x64] HKCU\Software\dobreprogramy Key Found: [x64] HKCU\Software\InstallCore Key Found: [x64] HKCU\Software\YahooPartnerToolbar Key Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\90C64EA18BA25EE488BF80DCF07F2FFD Key Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467 Key Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\90C64EA18BA25EE488BF80DCF07F2FFD Key Found: HKLM\SOFTWARE\Classes\Applications\WinThrusterSetup.exe ***** [ Web browsers ] ***** Firefox pref Found: [C:\Users\mati\AppData\Roaming\Mozilla\Firefox\Profiles\05e35acy.default-1386688911807\prefs.js] - "extensions.quick_start.enable_search1" - false Firefox pref Found: [C:\Users\mati\AppData\Roaming\Mozilla\Firefox\Profiles\05e35acy.default-1386688911807\prefs.js] - "extensions.quick_start.sd.closeWindowWithLastTab_prev_state" - false Chrome pref Found: [C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Web data] - aol.com Chrome pref Found: [C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Web data] - ask.com ************************* C:\AdwCleaner\AdwCleaner[S0].txt - [5380 Bytes] - [23/02/2017 21:07:45] ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5453 Bytes] ##########