# AdwCleaner v6.043 - Logfile created 29/01/2017 at 20:21:04 # Updated on 27/01/2017 by Malwarebytes # Database : 2017-01-29.1 [Server] # Operating System : Windows 10 Home (X64) # Username : Brad - BRAD-PC # Running from : C:\Users\Brad\Desktop\adwcleaner_6.043.exe # Mode: Scan # Support : https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious keys found. ***** [ Shortcuts ] ***** No infected shortcut found. ***** [ Scheduled Tasks ] ***** No malicious task found. ***** [ Registry ] ***** Key Found: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\CpuHeatMapping Key Found: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\CpuHeatMapping Key Found: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\CpuEssentials Key Found: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\CpuEssentials Key Found: HKLM\SOFTWARE\Classes\Interface\{AF141839-3CC0-4ED3-A8FF-BC95B9341C43} Key Found: HKLM\SOFTWARE\Classes\Interface\{E98F6ADA-0655-45F4-9141-9F7A18C5B46B} Key Found: HKLM\SOFTWARE\Classes\TypeLib\{5DC6C679-3C7F-49C7-A12D-4D9E9DB8274B} Key Found: HKLM\SOFTWARE\Classes\TypeLib\{294BC5A4-7157-4131-AB81-1DEC393D0F0A} Key Found: HKU\S-1-5-21-1061724313-1516444972-2292327885-1000\Software\AppDataLow\Software\UltimateSpeedTester Key Found: HKCU\Software\AppDataLow\Software\UltimateSpeedTester Key Found: HKLM\SOFTWARE\dllpop100 Key Found: HKLM\SOFTWARE\IDOT Key Found: [x64] HKCU\Software\AppDataLow\Software\UltimateSpeedTester Key Found: [x64] HKLM\SOFTWARE\IDOT Key Found: [x64] HKLM\SOFTWARE\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2} Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\itibitiphone.com Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\mpc.am Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\search.mpc.am Key Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\bestpriceninja.co Key Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cmptch.com Key Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\pstatic.bestprice Key Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.cmptch.com Key Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\bestpriceninja.com Key Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cmptch.com Key Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\pstatic.bestpricenin Key Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.cmptch.com Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\itibitiphone.com Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\mpc.am Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\search.mpc.am Key Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\bestpriceninja. Key Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cmptch.com Key Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\pstatic.bestpri Key Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.cmptch.c Key Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\bestpriceninja.com Key Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cmptch.com Key Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\pstatic.bestpricen Key Found: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.cmptch.com Value Found: HKU\S-1-5-21-1061724313-1516444972-2292327885-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [fastweb] Value Found: HKU\S-1-5-21-1061724313-1516444972-2292327885-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [WinResSync] ***** [ Web browsers ] ***** No malicious Firefox based browser items found. Chrome pref Found: [C:\Users\Brad\AppData\Local\Chromium\User Data\Default\Web data] - yahoo! powered Chrome pref Found: [C:\Users\Brad\AppData\Local\Chromium\User Data\Default\Secure Preferences] - hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=mnn_ir_16_49¶m1=1¶m2=f%3D7%26b%3Dchmm Chrome pref Found: [C:\Users\Brad\AppData\Local\Chromium\User Data\Default\Secure Preferences ] - hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=mnn_ir_16_49¶m1=1¶m2=f%3D1%26b%3Dchm Chrome pref Found: [C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Default\Web data] - aol.com Chrome pref Found: [C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Default\Web data] - ask.com Chrome pref Found: [C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Default\Web data] - trovi.search Chrome pref Found: [C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Default\Web data] - www-searching.com_ Chrome pref Found: [C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Default\Web data] - www-searching.com Chrome pref Found: [C:\Users\Brad\AppData\Local\Google\Chrome\User Data\Default\Web data] - flightaware.com ************************* C:\AdwCleaner\AdwCleaner[S0].txt - [7374 Bytes] - [29/01/2017 20:21:04] ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7447 Bytes] ##########