# AdwCleaner 7.0.4.0 - Logfile created on Mon Nov 20 18:09:20 2017 # Updated on 2017/27/10 by Malwarebytes # Database: 11-17-2017.1 # Running on Windows 10 Home (X64) # Mode: scan # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** PUP.Optional.Legacy, C:\Users\Moi\AppData\Roaming\AdvertismentImages ***** [ Files ] ***** PUP.Optional.Legacy, C:\Windows\System32\lavasofttcpservice.dll PUP.Optional.Legacy, C:\Windows\SysWOW64\lavasofttcpservice.dll PUP.Optional.Legacy, C:\Windows\System32\LavasoftTcpServiceOff.ini PUP.Optional.Legacy, C:\Windows\SysNative\LavasoftTcpServiceOff.ini PUP.Optional.Legacy, C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini PUP.Optional.Legacy, C:\Windows\SysNative\LavasoftTcpService64.dll ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** PUP.Optional.Legacy, [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main | Default_Search_URL [https:\\safesearch.avira.com\] PUP.Optional.Legacy, [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main | Default_Search_URL [https:\\safesearch.avira.com\] PUP.Optional.Legacy, [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main | Default_Page_URL [https:\\safesearch.avira.com\] PUP.Optional.Legacy, [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main | Default_Page_URL [https:\\safesearch.avira.com\] PUP.Optional.Legacy, [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main | Search Page [https:\\safesearch.avira.com\] PUP.Optional.Legacy, [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main | Search Page [https:\\safesearch.avira.com\] PUP.Optional.Legacy, [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{A17AF8AF-DAB7-4AA0-BC6D-F9E78F26F3B8}C:\users\moi\appdata\roaming\cacaoweb\cacaoweb.exe PUP.Optional.Legacy, [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{1CE859BB-0282-4C83-A15A-1E698F78B1EF}C:\users\moi\appdata\roaming\cacaoweb\cacaoweb.exe PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-2853347897-2914071967-2664122820-1001\Software\cacaoweb PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-2853347897-2914071967-2664122820-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11202017174457646\Software\cacaoweb PUP.Optional.Legacy, [Key] - HKCU\Software\cacaoweb PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Lavasoft\Web Companion PUP.Optional.Legacy, [Value] - HKU\S-1-5-21-2853347897-2914071967-2664122820-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run | cacaoweb PUP.Optional.Legacy, [Value] - HKU\S-1-5-21-2853347897-2914071967-2664122820-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11202017174457646\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run | cacaoweb PUP.Optional.ByteFence, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence PUP.Optional.AuslogicsDriverUpdater, [Key] - HKLM\SOFTWARE\Auslogics ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries. ************************* ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########