# AdwCleaner 7.0.4.0 - Logfile created on Tue Nov 21 17:44:32 2017# Updated on 2017/27/10 by Malwarebytes
# Database: 11-21-2017.1
# Running on Windows 8.1 Pro (X64)
# Mode: scan
# Support:
https://www.malwarebytes.com/support
***** [ Services ] *****
PUP.Optional.uBar, UbarPolicyProvider
PUP.Optional.Legacy, mrupdsrv
PUP.Optional.Legacy, SvcHost Service Host
PUP.Optional.Mail.Ru, Updater.Mail.Ru
Adware.RuKometa, SvcHost Service Host
***** [ Folders ] *****
PUP.Optional.uBar, C:\ProgramData\uBar
PUP.Optional.uBar, C:\ProgramData\Application Data\uBar
PUP.Optional.uBar, C:\Program Files\uBar
PUP.Optional.uBar, C:\Users\All Users\uBar
PUP.Optional.uBar, C:\Users\Все пользователи\uBar
PUP.Optional.Legacy, C:\Program Files\Hola
PUP.Optional.Legacy, C:\Users\Danya\AppData\Roaming\Hola
PUP.Optional.Mail.Ru, C:\ProgramData\Mail.Ru
PUP.Optional.Mail.Ru, C:\ProgramData\Application Data\Mail.Ru
PUP.Optional.Mail.Ru, C:\Windows\System32\config\systemprofile\AppData\Local\Mail.Ru
PUP.Optional.Mail.Ru, C:\Program Files (x86)\Mail.Ru
PUP.Optional.Mail.Ru, C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Mail.Ru
PUP.Optional.Mail.Ru, C:\Users\All Users\Mail.Ru
PUP.Optional.Mail.Ru, C:\Users\Все пользователи\Mail.Ru
***** [ Files ] *****
PUP.Optional.Legacy, C:\Users\Danya\Favorites\Mail.Ru.url
PUP.Optional.Legacy, C:\Users\Danya\Favorites\Mail.Ru Агент - используй для общения!.url
PUP.Optional.Mail.Ru, C:\Users\Danya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk
PUP.Optional.Mail.Ru, C:\Users\Danya\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\SEARCHPLUGINS\MAILRU.XML
Adware.HPDefender, C:\Windows\SysNative\Ea3Host.exe
PUP.Optional.CPUMiner, C:\Windows\Microsoft\svchost.exe.exe
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
PUP.Optional.Legacy, C:\Users\Danya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk - url,FileProtocolHandler "http:\\www.mail.ru\cnt\20775012?gp=855011"
PUP.Optional.Legacy, C:\Users\Danya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk - url,FileProtocolHandler "http:\\www.mail.ru\cnt\20775012?gp=855011"
***** [ Tasks ] *****
PUP.Optional.Legacy, MailRuUpdater
***** [ Registry ] *****
PUP.Optional.Legacy, [Data] - HKCU\Software\Microsoft\Internet Explorer\Main | Start Page [http:\\mail.ru\cnt\10445?gp=855411]
PUP.Optional.Legacy, [Data] - HKCU\Software\Microsoft\Internet Explorer\Main | Start Page [http:\\mail.ru\cnt\10445?gp=855411]
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1942180394-3397444832-94447694-1001\Software\Microsoft\Gosearchq
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Gosearchq
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1942180394-3397444832-94447694-1001\Software\Microsoft\Gosearch
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Gosearch
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1942180394-3397444832-94447694-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\MailRuUpdater
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MailRuUpdater
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\UBar
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\UBar
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1942180394-3397444832-94447694-1001\Software\UBar
PUP.Optional.Legacy, [Key] - HKCU\Software\UBar
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{8E8F97CD-60B5-456F-A201-73065652D099}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E8F97CD-60B5-456F-A201-73065652D099}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AE298D-7E8A-4F53-BE55-15D2B065F6C0}
PUP.Optional.Legacy, [Value] - HKU\S-1-5-21-1942180394-3397444832-94447694-1001\Software\Microsoft\Windows\CurrentVersion\Run | MailRuUpdater
PUP.Optional.Legacy, [Value] - HKU\S-1-5-21-1942180394-3397444832-94447694-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run | MailRuUpdater
PUP.Optional.Legacy, [Value] - HKCU\Software\Microsoft\Windows\CurrentVersion\Run | MailRuUpdater
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\browser.exe
PUP.Optional.StartPage, [Key] - HKU\S-1-5-21-1942180394-3397444832-94447694-1001\Software\setupsk
PUP.Optional.StartPage, [Key] - HKU\S-1-5-21-1942180394-3397444832-94447694-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\setupsk
PUP.Optional.StartPage, [Key] - HKCU\Software\setupsk
PUP.Optional.StartPage, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\setupsk
PUP.Optional.Mail.Ru, [Key] - HKU\S-1-5-21-1942180394-3397444832-94447694-1001\Software\Xpom
PUP.Optional.Mail.Ru, [Key] - HKCU\Software\Xpom
PUP.Optional.Mail.Ru, [Key] - HKLM\SOFTWARE\Mail.Ru
PUP.Optional.Mail.Ru, [Key] - HKU\S-1-5-21-1942180394-3397444832-94447694-1001\Software\Mail.Ru
PUP.Optional.Mail.Ru, [Key] - HKU\S-1-5-21-1942180394-3397444832-94447694-1001\Software\AppDataLow\Software\Mail.Ru
PUP.Optional.Mail.Ru, [Key] - HKCU\Software\Mail.Ru
PUP.Optional.Mail.Ru, [Key] - HKCU\Software\AppDataLow\Software\Mail.Ru
PUP.Optional.Yontoo, [Key] - HKU\S-1-5-21-1942180394-3397444832-94447694-1001\Software\Amigo
PUP.Optional.Yontoo, [Key] - HKCU\Software\Amigo
PUP.Optional.SearchGo, [Key] - HKU\S-1-5-21-1942180394-3397444832-94447694-1001\Software\iesg
PUP.Optional.SearchGo, [Key] - HKCU\Software\iesg
***** [ Firefox (and derivatives) ] *****
PUP.Optional.Legacy, Plugin found: Домашняя страница Mail.Ru -
PUP.Optional.Legacy, Plugin found: Поиск@Mail.Ru - mail.ru
PUP.Optional.Legacy, Startpage found:
https://inline.go.mail.ru/homepage?i...p_cnt=11956636
PUP.Optional.Mail.Ru, Plugin found: __MSG_extName__ -
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries.
*************************
C:/AdwCleaner/AdwCleaner[C0].txt - [3599 B] - [2017/6/11 14:56:10]
C:/AdwCleaner/AdwCleaner[C1].txt - [2681 B] - [2017/8/6 13:50:8]
C:/AdwCleaner/AdwCleaner[S0].txt - [3851 B] - [2017/6/11 14:53:40]
C:/AdwCleaner/AdwCleaner[S1].txt - [1829 B] - [2017/6/13 23:36:32]
C:/AdwCleaner/AdwCleaner[S2].txt - [1911 B] - [2017/7/6 23:40:37]
C:/AdwCleaner/AdwCleaner[S3].txt - [2881 B] - [2017/8/6 13:49:43]
########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt ##########
Скрыть