# AdwCleaner v6.043 - Logfile created 16/02/2017 at 19:54:57 # Updated on 27/01/2017 by Malwarebytes # Database : 2017-02-13.1 [Server] # Operating System : Windows 7 Professional Service Pack 1 (X86) # Username : Gebruiker - FUJITSU-E780 # Running from : C:\Users\Gebruiker\Desktop\adwcleaner_6.043.exe # Mode: Scan # Support : https://www.malwarebytes.com/support ***** [ Services ] ***** Service Found: Update service ***** [ Folders ] ***** Folder Found: C:\ProgramData\67a4407c00003689 Folder Found: C:\ProgramData\754da302000051d0 Folder Found: C:\ProgramData\BWdMB Folder Found: C:\ProgramData\HWdMH Folder Found: C:\ProgramData\vWMiniProv Folder Found: C:\ProgramData\WWMiniProW Folder Found: C:\Users\Gebruiker\AppData\Roaming\MailUpdate Folder Found: C:\TVWizard Folder Found: C:\ProgramData\MailUpdate Folder Found: C:\ProgramData\Application Data\MailUpdate Folder Found: C:\Program Files\iOSinstaller Folder Found: C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jecgbfoconhopjngaaijjgffhokohlac ***** [ Files ] ***** File Found: C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_ogminpmldncgcmokldnmmapddoccmhfl_0.localstorage File Found: C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_ogminpmldncgcmokldnmmapddoccmhfl_0.localstorage-journal ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious keys found. ***** [ Shortcuts ] ***** No infected shortcut found. ***** [ Scheduled Tasks ] ***** Task Found: LaunchSignup ***** [ Registry ] ***** Key Found: HKLM\SOFTWARE\bbebafe5-e9ae-ea59-6fc2-7ba9e733519b Key Found: HKLM\SOFTWARE\ReviverSoft Key Found: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WindowsMangerProtect Key Found: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc Key Found: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\PicexaService Key Found: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\mailUpdate Key Found: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WdsManPro Key Found: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WdMan Key Found: HKU\S-1-5-21-1058695312-2763810296-1595327000-1000\Software\Classes\PepperZip Key Found: HKCU\Software\Classes\PepperZip Key Found: HKLM\SOFTWARE\Classes\driverscanner Key Found: HKLM\SOFTWARE\Classes\FileTime.FileTimeShlExt Key Found: HKLM\SOFTWARE\Classes\FileTime.FileTimeShlExt.1 Key Found: HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine Key Found: HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1 Key Found: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd Key Found: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1 Key Found: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi Key Found: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1 Key Found: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Key Found: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Key Found: HKLM\SOFTWARE\Classes\speedupmypc Key Found: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj Key Found: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1 Key Found: HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A} Key Found: HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Key Found: HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} Key Found: HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484} Key Found: HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB} Key Found: HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A} Key Found: HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615} Key Found: HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Found: HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4} Key Found: HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546} Key Found: HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Key Found: HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36} Key Found: HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7} Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484} Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A} Value Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{1F91A9A1-01BA-4C81-863D-3BA0751E1419}] Key Found: HKU\.DEFAULT\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} Key Found: HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} Key Found: HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_ Key Found: HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_ Key Found: HKU\S-1-5-21-1058695312-2763810296-1595327000-1000\Software\Corez Key Found: HKU\S-1-5-21-1058695312-2763810296-1595327000-1000\Software\GlobalUpdate Key Found: HKU\S-1-5-21-1058695312-2763810296-1595327000-1000\Software\Optimizer Pro Key Found: HKU\S-1-5-21-1058695312-2763810296-1595327000-1000\Software\Reimage Key Found: HKU\S-1-5-21-1058695312-2763810296-1595327000-1000\Software\V9 Key Found: HKU\S-1-5-21-1058695312-2763810296-1595327000-1000\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief. Key Found: HKU\S-1-5-21-1058695312-2763810296-1595327000-1000\Software\ReviverSoft Key Found: HKU\S-1-5-21-1058695312-2763810296-1595327000-1000\Software\Secrv Key Found: HKU\S-1-5-21-1058695312-2763810296-1595327000-1000\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} Key Found: HKU\S-1-5-21-1058695312-2763810296-1595327000-1000\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} Key Found: HKU\S-1-5-21-1058695312-2763810296-1595327000-1000\Software\AppDataLow\Software\Crossrider Key Found: HKU\S-1-5-21-1058695312-2763810296-1595327000-1000\Software\AppDataLow\Software\DynConIE Key Found: HKU\S-1-5-18\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} Key Found: HKU\S-1-5-18\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} Key Found: HKU\S-1-5-18\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_ Key Found: HKU\S-1-5-18\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_ Key Found: HKCU\Software\Corez Key Found: HKCU\Software\GlobalUpdate Key Found: HKCU\Software\Optimizer Pro Key Found: HKCU\Software\Reimage Key Found: HKCU\Software\V9 Key Found: HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief. Key Found: HKCU\Software\ReviverSoft Key Found: HKCU\Software\Secrv Key Found: HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} Key Found: HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} Key Found: HKCU\Software\AppDataLow\Software\Crossrider Key Found: HKCU\Software\AppDataLow\Software\DynConIE Key Found: HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider Key Found: HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F} Key Found: HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} Key Found: HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} Key Found: HKLM\SOFTWARE\delta-homesSoftware Key Found: HKLM\SOFTWARE\GlobalUpdate Key Found: HKLM\SOFTWARE\hdcode Key Found: HKLM\SOFTWARE\istartsurfSoftware Key Found: HKLM\SOFTWARE\omniboxesSoftware Key Found: HKLM\SOFTWARE\Reimage Key Found: HKLM\SOFTWARE\TSv Key Found: HKLM\SOFTWARE\Tutorials Key Found: HKLM\SOFTWARE\Uniblue Key Found: HKLM\SOFTWARE\V9 Key Found: HKLM\SOFTWARE\yoursites123Software Key Found: HKLM\SOFTWARE\AVG Tuneup Key Found: HKLM\SOFTWARE\MaxPower Key Found: HKLM\SOFTWARE\ReviverSoft Key Found: HKLM\SOFTWARE\Secrv Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1B8A71D1-31D4-EE6A-C32F-836E0BFFA6D3} Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1C52B8B6-FFA2-12F6-0A5A-E8301F96A568} Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2DF3E224-05CD-4113-AA7A-86F2F6607B46} Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2FA77785-00C3-A920-6452-D4FE5C9C129F} Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{594FD08C-0622-F9B8-CB02-7C1355D33CB8} Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F488658-35A7-2AB8-A756-560BA8F103C3} Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7540FDBD-7FDC-30AE-3778-815CB87DBE46} Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7E7FAE3D-3358-D280-8DBF-E8E2D94326D1} Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{80E8B0A0-117D-1402-7CDE-688156237115} Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8B114619-78B7-1CFF-55EF-74266954F883} Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FE139F4C-CE5B-121A-8A2D-191FA2226094} Data Found: HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{4D30DDB0-171B-401B-B411-4946482FF1C9} [NameServer] - 199.203.131.151 82.163.143.181 Data Found: HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{7A4CF259-3D72-440A-96DC-665D14B261A4} [NameServer] - 199.203.131.151 82.163.143.181 Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\delta-homes.com Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\eshopcomp.com Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\omniboxes.com Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\pstatic.eshopcomp.com Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\re-markable.net Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\static.re-markable00.re-markable.net Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\superfish.com Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\windfinder.com Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.delta-homes.com Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.windfinder.com Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\yoursites123.com Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\azlyrics.com Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\bestpriceninja.com Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\delta-homes.com Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\eshopcomp.com Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\govome.inspsearch.com Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\inspsearch.com Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\inspsearchapi.com Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\inst.shoppingate.info Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\luckybeginning.com Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\metrolyrics.com Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mysearch123.com Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pricepeep.net Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pstatic.bestpriceninja.com Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pstatic.eshopcomp.com Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\re-markable.net Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\re-markit.co Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\shoppingate.info Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\static.pricepeep00.pricepeep.net Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\static.re-markable00.re-markable.net Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\static.re-markit00.re-markit.co Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\tikotin.com Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\utop.it Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\vi-view.com Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\windfinder.com Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.azlyrics.com Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.delta-homes.com Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.metrolyrics.com Key Found: HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL Key Found: HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh Key Found: HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Key Found: HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E Value Found: HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION [BrowserWeb.exe] ***** [ Web browsers ] ***** No malicious Firefox based browser items found. Chrome pref Found: [C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Profile 1\Secure Preferences ] - jecgbfoconhopjngaaijjgffhokohlac Chrome pref Found: [C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Profile 1\Secure Preferences ] - ogminpmldncgcmokldnmmapddoccmhfl ************************* C:\AdwCleaner\AdwCleaner[S0].txt - [14324 Bytes] - [16/02/2017 19:54:57] ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [14398 Bytes] ##########