# AdwCleaner v6.010 - Logfile created 26/08/2016 at 23:51:02 # Updated on 12/08/2016 by ToolsLib # Database : 2016-08-25.1 [Server] # Operating System : Windows 8.1 (X64) # Username : Andrzej - WINDOWS-R08CI6E # Running from : C:\Users\Andrzej\AppData\Local\Microsoft\Windows\INetCache\IE\F6Y0XOID\adwcleaner_6.010.exe # Mode: Scan # Support : https://toolslib.net/forum ***** [ Services ] ***** Service Found: CloudPrinter ***** [ Folders ] ***** Folder Found: C:\Program Files (x86)\4C4C4544-1472137990-4C10-8053-B9C04F515931 Folder Found: C:\Users\Andrzej\AppData\Roaming\ContentPush Folder Found: C:\ProgramData\CloudPrinter Folder Found: C:\ProgramData\Logic Handler Folder Found: C:\ProgramData\Quoteex Folder Found: C:\ProgramData\Quoteexs Folder Found: C:\ProgramData\SoeasyHelper Folder Found: C:\ProgramData\Application Data\CloudPrinter Folder Found: C:\ProgramData\Application Data\Logic Handler Folder Found: C:\ProgramData\Application Data\Quoteex Folder Found: C:\ProgramData\Application Data\Quoteexs Folder Found: C:\ProgramData\Application Data\SoeasyHelper Folder Found: C:\Program Files (x86)\MPC Cleaner Folder Found: C:\Program Files (x86)\WeatherChickn Folder Found: C:\Program Files (x86)\ContentPush Folder Found: C:\Program Files (x86)\SoSoEasy Folder Found: C:\Users\Andrzej\AppData\Local\Temp\MPC Folder Found: C:\Users\Andrzej\AppData\Local\app ***** [ Files ] ***** File Found: C:\windows\SysWOW64\findit.xml ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious keys found. ***** [ Shortcuts ] ***** No infected shortcut found. ***** [ Scheduled Tasks ] ***** No malicious task found. ***** [ Registry ] ***** Key Found: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Application Hosting Key Found: HKLM\SOFTWARE\Classes\PCMgrRepairIEExtensions Key Found: HKLM\SOFTWARE\Classes\QMSoftExt.QMContextMenu Key Found: HKLM\SOFTWARE\Classes\QMSoftExt.QMContextMenu.1 Key Found: [x64] HKLM\SOFTWARE\Classes\CLSID\{754DF2CE-51E8-4895-B53C-6381418B84AE} Key Found: [x64] HKLM\SOFTWARE\Classes\CLSID\{D4801E96-E7A1-45F6-B124-7A36DFB40B81} Key Found: [x64] HKLM\SOFTWARE\Classes\CLSID\{E52EB753-1F56-4DF7-BE53-2C314AC5F8A1} Key Found: [x64] HKLM\SOFTWARE\Classes\Interface\{D4801E96-E7A1-45F6-B124-7A36DFB40B81} Key Found: [x64] HKLM\SOFTWARE\Classes\Interface\{E52EB753-1F56-4DF7-BE53-2C314AC5F8A1} Key Found: HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96} Key Found: [x64] HKLM\SOFTWARE\b`nl{y Key Found: HKU\.DEFAULT\Software\b`nl{y Key Found: HKU\S-1-5-21-1169792134-2358267525-3225177676-1001\Software\IM Key Found: HKU\S-1-5-21-1169792134-2358267525-3225177676-1001\Software\UCBrowserPID Key Found: HKU\S-1-5-21-1169792134-2358267525-3225177676-1001\Software\mtQuoteex Key Found: HKU\S-1-5-18\Software\b`nl{y Key Found: HKCU\Software\IM Key Found: HKCU\Software\UCBrowserPID Key Found: HKCU\Software\mtQuoteex Key Found: HKLM\SOFTWARE\MPC Key Found: HKLM\SOFTWARE\MPC AdCleaner Key Found: HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D} Key Found: HKLM\SOFTWARE\UCBrowserPID Key Found: HKLM\SOFTWARE\mtQuoteex Key Found: HKLM\SOFTWARE\b`nl{y Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MPC Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ContentPush Data Found: HKU\S-1-5-21-1169792134-2358267525-3225177676-1001\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNcl Data Found: HKU\S-1-5-21-1169792134-2358267525-3225177676-1001\Software\Microsoft\Internet Explorer\Main [SearchAssistant] - hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKB Data Found: HKU\S-1-5-21-1169792134-2358267525-3225177676-1001\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRa Data Found: HKU\S-1-5-21-1169792134-2358267525-3225177676-1001\Software\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGN Data Found: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGk3GzeHhcr-ccYpF9hrj3ybfmE5akp2frBM Data Found: HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGk3GzeHhcr-ccYpF9hrj3ybfmE5akp2frBM9Z Data Found: HKCU\Software\Microsoft\Internet Explorer\Main [SearchAssistant] - hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGk3GzeHhcr-ccYpF9hrj3ybfmE5akp2f Data Found: HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGk3GzeHhcr-ccYpF9hrj3ybfmE5 Data Found: HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGk3GzeHhcr-ccYpF9hrj3ybfmE5akp2frBM Value Found: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] Key Found: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\ielnksrch Data Found: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon [Userinit] - Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\safefinder.com Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search.safefinder.com Value Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [apphide] Value Found: HKU\S-1-5-21-1169792134-2358267525-3225177676-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [apphide] Key Found: HKLM\SOFTWARE\Microsoft\Internet Explorer\SEARCHSCOPES\IELNKSRCH Key Found: HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ielnksrch} Key Found: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Application Hosting Key Found: HKLM\SOFTWARE\Classes\.qbox Key Found: HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\QMContextScan Key Found: HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\QMContextUninstall Key Found: HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\IELNKSRCH Key Found: HKEY_CLASSES_ROOT\.qmgc Key Found: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Quoteex.exe Key Found: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Quoteex.exe ***** [ Web browsers ] ***** No malicious Firefox based browser items found. No malicious Chromium based browser items found. ************************* C:\AdwCleaner\AdwCleaner[C1].txt - [11806 Bytes] - [29/05/2016 18:00:08] C:\AdwCleaner\AdwCleaner[C4].txt - [8468 Bytes] - [10/12/2015 21:19:09] C:\AdwCleaner\AdwCleaner[C5].txt - [1251 Bytes] - [10/12/2015 21:46:22] C:\AdwCleaner\AdwCleaner[R0].txt - [989 Bytes] - [28/06/2015 21:50:55] C:\AdwCleaner\AdwCleaner[R1].txt - [1039 Bytes] - [28/06/2015 22:06:51] C:\AdwCleaner\AdwCleaner[R2].txt - [1015 Bytes] - [04/07/2015 13:04:28] C:\AdwCleaner\AdwCleaner[R6].txt - [1454 Bytes] - [21/02/2016 16:55:53] C:\AdwCleaner\AdwCleaner[S0].txt - [1060 Bytes] - [28/06/2015 21:57:50] C:\AdwCleaner\AdwCleaner[S1].txt - [11986 Bytes] - [28/06/2015 22:11:36] C:\AdwCleaner\AdwCleaner[S2].txt - [12544 Bytes] - [04/07/2015 13:07:13] C:\AdwCleaner\AdwCleaner[S4].txt - [8736 Bytes] - [10/12/2015 20:45:05] C:\AdwCleaner\AdwCleaner[S5].txt - [2667 Bytes] - [10/12/2015 21:40:04] C:\AdwCleaner\AdwCleaner[S6].txt - [1203 Bytes] - [10/12/2015 21:44:44] C:\AdwCleaner\AdwCleaner[S7].txt - [7949 Bytes] - [26/08/2016 23:51:02] ########## EOF - C:\AdwCleaner\AdwCleaner[S7].txt - [8022 Bytes] ##########