# ------------------------------- # Malwarebytes AdwCleaner 8.1.0.0 # ------------------------------- # Build: 02-15-2021 # Database: 2021-01-26.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 03-02-2021 # Duration: 00:00:43 # OS: Windows 7 Ultimate # Scanned: 3476 # Detected: 98 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** PUP.Adware.Heuristic C:\ProgramData\5WDSMANPRO5 PUP.Optional.Legacy C:\Program Files\Hola PUP.Optional.Legacy C:\Users\reszka\AppData\LocalLow\.acestream PUP.Optional.Legacy C:\Users\reszka\AppData\Local\Hola PUP.Optional.Legacy C:\Users\reszka\AppData\Local\StormFall PUP.Optional.Legacy C:\Users\reszka\AppData\Roaming\.acestream PUP.Optional.Legacy C:\Users\reszka\AppData\Roaming\Hola PUP.Optional.Legacy C:\Users\reszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ace Stream Media PUP.Optional.Legacy C:\Users\reszka\AppData\Roaming\acestream PUP.Optional.Legacy C:\_acestream_cache_ PUP.Optional.WebCompanion C:\Windows\SysWOW64\config\systemprofile\AppData\Local\LavasoftTcpService ***** [ Files ] ***** PUP.Optional.HolaSearch C:\Users\reszka\Downloads\Hola-Setup.exe PUP.Optional.Legacy C:\END PUP.Optional.Legacy C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat PUP.Optional.Legacy C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini PUP.Optional.Legacy C:\Windows\SysWOW64\lavasofttcpservice.dll PUP.Optional.Legacy C:\Windows\System32\LavasoftTcpService64.dll PUP.Optional.Legacy C:\Windows\System32\LavasoftTcpServiceOff.ini PUP.Optional.Legacy C:\Windows\System32\log\iSafeKrnlCall.log PUP.Optional.Palikan C:\Users\reszka\AppData\LocalLow\MICROSOFT\INTERNET EXPLORER\SERVICES\PALIKAN.ICO PUP.Optional.Reimage C:\Users\reszka\Downloads\ReimageRepair.exe PUP.Optional.Webitar C:\Windows\System32\drivers\MSFT_KERNEL_WEBINSTR_01009.WDF ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** PUP.Optional.ASMagicPlayer HKCU\Software\Classes\acestream PUP.Optional.AceStream HKCU\Software\RegisteredApplications|AceStream PUP.Optional.AppEnable.A HKLM\Software\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB} PUP.Optional.AppEnable.A HKLM\Software\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5} PUP.Optional.AppEnable.A HKLM\Software\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66} PUP.Optional.AppEnable.A HKLM\Software\Wow6432Node\\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} PUP.Optional.AppEnable.A HKLM\Software\Wow6432Node\\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB} PUP.Optional.AppEnable.A HKLM\Software\Wow6432Node\\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5} PUP.Optional.AppEnable.A HKLM\Software\Wow6432Node\\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66} PUP.Optional.FFPluginHp HKLM\Software\Wow6432Node\FFPluginHp PUP.Optional.InstallCore HKCU\Software\InstallCore PUP.Optional.InstallCore HKCU\Software\csastats PUP.Optional.Legacy HKCU\SOFTWARE\Classes\Applications\ace_player.exe PUP.Optional.Legacy HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acelive PUP.Optional.Legacy HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acemedia PUP.Optional.Legacy HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acestream PUP.Optional.Legacy HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tslive PUP.Optional.Legacy HKCU\Software\1Q1F1S1C1P1E1C1F1N1C1T1H2UtF1E1I PUP.Optional.Legacy HKCU\Software\AceStream PUP.Optional.Legacy HKCU\Software\Classes\.acelive PUP.Optional.Legacy HKCU\Software\Classes\.acemedia PUP.Optional.Legacy HKCU\Software\Classes\.acestream PUP.Optional.Legacy HKCU\Software\Classes\.tslive PUP.Optional.Legacy HKCU\Software\Classes\AudioCD\shell\PlayWithACEStream PUP.Optional.Legacy HKCU\Software\Classes\DVD\shell\PlayWithACEStream PUP.Optional.Legacy HKCU\Software\Hola PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayCDAudioOnArrival PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayDVDAudioOnArrival PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayDVDMovieOnArrival PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayMusicFilesOnArrival PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlaySVCDMovieOnArrival PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayVCDMovieOnArrival PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayVideoFilesOnArrival PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AceStream PUP.Optional.Legacy HKCU\Software\Mozilla\Extends PUP.Optional.Legacy HKCU\Software\V9 PUP.Optional.Legacy HKCU\Software\dobreprogramy PUP.Optional.Legacy HKCU\Software\yahooprovidedsearch PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Control\iSafeKrnlBoot PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{2F3AA809-0311-4818-8A57-95CB9F9FFC0E}C:\users\reszka\appdata\local\hola\firefox\app\hola_plugin.exe PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{D0500F93-245D-4FDC-9CEF-B5831CAA3AEA}C:\users\reszka\appdata\roaming\acestream\engine\ace_engine.exe PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{3D2D3E20-9463-43BA-95A4-C191A9A7D21E}C:\users\reszka\appdata\roaming\acestream\engine\ace_engine.exe PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{69325E86-F096-4C72-A631-F7EC5BB90A4D}C:\users\reszka\appdata\local\hola\firefox\app\hola_plugin.exe PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{1533D9F7-0769-4C1D-8132-00F81F7F1E86} PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{B158C04D-DCD4-4AE8-9E93-4F4E08CAB064} PUP.Optional.Legacy HKLM\Software\Classes\.acestream PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057} PUP.Optional.Legacy HKLM\Software\Hola PUP.Optional.Legacy HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\AlcoholAutomount PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{0757C9D8-D8A3-33F5-CEE2-11D09918BA8F} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{79690976-ED6E-403C-BBBA-F8928B5EDE17} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA} PUP.Optional.MyAppsCloud HKCU\Software\AppCloudUpdater PUP.Optional.Picexa HKLM\Software\Wow6432Node\PicexaSvc PUP.Optional.ProductSetup.A HKCU\Software\PRODUCTSETUP PUP.Optional.Revizer.PrxySvrRST HKCU\Software\AppDataLow\Software\BlockAndSurf PUP.Optional.WebCompanion HKLM\SOFTWARE\Classes\AppID\LavasoftTcpService.exe PUP.Optional.WebCompanion HKLM\Software\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB} PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\\Classes\AppID\LavasoftTcpService.exe PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB} PUP.Optional.WinZipMalwareProtector HKLM\System\CurrentControlSet\Services\EventLog\Application\WinZip Malware Protector PUP.Optional.WindowsProtectionManager HKLM\Software\Wow6432Node\WdsManPro PUP.Optional.WindowsProtectionManager HKLM\System\CurrentControlSet\Services\EventLog\Application\WdsManPro ***** [ Chromium (and derivatives) ] ***** PUP.Optional.Legacy kofkpgiaknijknhajbhnghkodiccblkg PUP.Optional.SearchManager Search Manager - bahkljhhdeciiaodlkppoonappfnheoi PUP.Optional.SearchManager Search Manager - pilplloabdedfmialnfchjomjmpjcoej PUP.Optional.SearchManager.ChrPRST Search Manager - bahkljhhdeciiaodlkppoonappfnheoi PUP.Optional.SearchManager.ShrtCln Search Manager - bahkljhhdeciiaodlkppoonappfnheoi ***** [ Chromium URLs ] ***** No malicious Chromium URLs found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. ***** [ Hosts File Entries ] ***** No malicious hosts file entries found. ***** [ Preinstalled Software ] ***** Preinstalled.AcerUpdater Folder C:\ProgramData\ACER\ACER UPDATER Preinstalled.AcerUpdater Registry HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\ALU Preinstalled.PackardBellUpdater Folder C:\Program Files\PACKARD BELL\PACKARD BELL UPDATER Preinstalled.PackardBellUpdater Folder C:\ProgramData\PACKARD BELL\PACKARD BELL UPDATER ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########