# ------------------------------- # Malwarebytes AdwCleaner 7.2.4.0 # ------------------------------- # Build: 09-25-2018 # Database: 2018-10-31.2 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 11-04-2018 # Duration: 00:00:19 # OS: Windows 8.1 Pro # Scanned: 32026 # Detected: 101 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** PUP.Optional.ErrorFixKit C:\Program Files (x86)\ErrorFixKIT PUP.Optional.ErrorFixKit C:\Users\noble\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ErrorFix Kit PUP.Optional.Legacy C:\Users\Public\Documents\Downloaded Installers PUP.Optional.Legacy C:\Users\Public\Documents\Guid PUP.Optional.Legacy C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Barre d'outils Crawler PUP.Optional.MYPCTuneUp C:\ProgramData\NERO\NERO TUNEITUP PUP.Optional.MYPCTuneUp C:\Program Files (x86)\NERO\NERO TUNEITUP PUP.Optional.RegCurePro C:\Users\noble\AppData\Roaming\PARETOLOGIC PUP.Optional.Solvusoft C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Solvusoft PUP.Optional.Solvusoft C:\Users\noble\AppData\Roaming\Solvusoft PUP.Optional.WebCompanion C:\Windows\SysWOW64\config\systemprofile\AppData\Local\LavasoftTcpService ***** [ Files ] ***** PUP.Optional.Legacy C:\Windows\System32\LavasoftTcpService64.dll PUP.Optional.Legacy C:\Windows\System32\LavasoftTcpServiceOff.ini PUP.Optional.Legacy C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini PUP.Optional.Legacy C:\Windows\SysWOW64\lavasofttcpservice.dll PUP.Optional.Legacy C:\Windows\System32\drivers\swdumon.sys PUP.Optional.MYPCTuneUp C:\Users\Public\Desktop\NERO TUNEITUP.LNK ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** Adware.FileTour HKCU\Software\Installer PUP.Adware.Heuristic HKCU\SOFTWARE\128D9A03C486746FBC70D8E7C6C18FB9 PUP.Adware.Heuristic HKLM\Software\Wow6432Node\128D9A03C486746FBC70D8E7C6C18FB9 PUP.Optional.Amonetize HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|msiql PUP.Optional.Downloader HKCU\Software\dlr PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|CommonToolkitTray_Solvusoft PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|MalwareProtectionLive PUP.Optional.Legacy HKCU\Software\SNDA PUP.Optional.Legacy HKCU\Software\AutoTime PUP.Optional.Legacy HKCU\Software\CoinisRevShare PUP.Optional.Legacy HKCU\Software\CToolbar PUP.Optional.Legacy HKCU\Software\PopWnd PUP.Optional.Legacy HKCU\Software\SecuredDownload PUP.Optional.Legacy HKU\S-1-5-18\Software\UpgSvr PUP.Optional.Legacy HKCU\Software\UpgSvr PUP.Optional.Legacy HKU\.DEFAULT\Software\UpgSvr PUP.Optional.Legacy HKLM\Software\Wow6432Node\Classes\AppID\QZipShell.DLL PUP.Optional.Legacy HKLM\SOFTWARE\Classes\AppID\QZipShell.DLL PUP.Optional.Legacy HKLM\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\KuaiZipShlExt PUP.Optional.Legacy HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\KuaiZipShlExt PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved|KuaiZip Shell Extension PUP.Optional.Legacy HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost|kuaizipupdatesvc PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\KzShlobj PUP.Optional.Legacy HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing PUP.Optional.Legacy HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced PUP.Optional.Legacy HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending PUP.Optional.Legacy HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\Crawler PUP.Optional.Legacy HKLM\Software\Wow6432Node\Classes\PROTOCOLS\Handler\tbr PUP.Optional.Legacy HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\tbr PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\MenuExt\Crawler Search PUP.Optional.Legacy HKLM\Software\Wow6432Node\Classes\AppID\{9CC34070-3A38-4C7A-89CB-EF8177EF07A1} PUP.Optional.Legacy HKLM\Software\Classes\AppID\{9CC34070-3A38-4C7A-89CB-EF8177EF07A1} PUP.Optional.Legacy HKLM\Software\Classes\CLSID\{C9487131-EF4C-40D9-BA70-E85356CAF67E} PUP.Optional.Legacy HKLM\Software\Classes\CLSID\{6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} PUP.Optional.Legacy HKLM\Software\Classes\CLSID\{3DCCD550-7586-40D2-A51D-D2F98EC06B3C} PUP.Optional.Legacy HKLM\Software\Classes\CLSID\{2FB831EA-DA68-4A66-8E31-A2D976A6296C} PUP.Optional.Legacy HKLM\Software\Wow6432Node\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474} PUP.Optional.Legacy HKLM\Software\Wow6432Node\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A} PUP.Optional.Legacy HKLM\Software\Wow6432Node\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD} PUP.Optional.Legacy HKLM\Software\Wow6432Node\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B} PUP.Optional.Legacy HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FBF1B8D2-9A06-4174-A8B5-E38606DDB92B} PUP.Optional.Legacy HKLM\Software\Wow6432Node\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0} PUP.Optional.Legacy HKLM\Software\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0} PUP.Optional.Legacy HKLM\Software\Wow6432Node\Classes\TypeLib\{E79BB61D-7F1A-41DF-8AD0-402795E3B566} PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{E79BB61D-7F1A-41DF-8AD0-402795E3B566} PUP.Optional.Legacy HKLM\Software\Wow6432Node\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9} PUP.Optional.Legacy HKLM\Software\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9} PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C} PUP.Optional.Legacy HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7459F1D0-9FB6-4D71-AA7B-9DECB34EB704} PUP.Optional.Legacy HKLM\Software\Wow6432Node\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808} PUP.Optional.Legacy HKLM\Software\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808} PUP.Optional.Legacy HKLM\Software\Wow6432Node\Classes\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966} PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966} PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} PUP.Optional.Legacy HKLM\Software\Wow6432Node\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE} PUP.Optional.Legacy HKLM\Software\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE} PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} PUP.Optional.Legacy HKLM\Software\Wow6432Node\Classes\TypeLib\{04006843-5199-4CE4-B3CD-8092CC91706E} PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{04006843-5199-4CE4-B3CD-8092CC91706E} PUP.Optional.Legacy HKLM\Software\Wow6432Node\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF} PUP.Optional.Legacy HKLM\Software\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF} PUP.Optional.Legacy HKLM\Software\Wow6432Node\Classes\AppID\{425F4ABF-B8E4-402D-9E49-06E494EB8DBF} PUP.Optional.Legacy HKLM\Software\Classes\AppID\{425F4ABF-B8E4-402D-9E49-06E494EB8DBF} PUP.Optional.MYPCTuneUp HKLM\Software\Wow6432Node\NERO\nero_tuneitup PUP.Optional.MYPCTuneUp HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{849FFDD9-DFDB-493D-BFF1-B0E2C76A8AEE} PUP.Optional.MYPCTuneUp HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{20110ECF-1C68-4E61-BA8E-8CA0B0F0F53A} PUP.Optional.MYPCTuneUp HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{2A6A8E92-38D7-4432-9067-6E1735B31165} PUP.Optional.MYPCTuneUp HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{139AAF02-CE25-4FF3-B0BA-873E0DC9F9F9} PUP.Optional.SlimCleanerPlus HKLM\Software\Wow6432Node\SlimWare Utilities Inc PUP.Optional.WeatherTool HKLM\Software\DtsEncodeTools PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Lavasoft\Web Companion PUP.Optional.WebCompanion HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com PUP.Optional.WebCompanion HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com PUP.Optional.WebCompanion HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Classes\AppID\LavasoftTcpService.exe PUP.Optional.WebCompanion HKLM\SOFTWARE\Classes\AppID\LavasoftTcpService.exe PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB} PUP.Optional.WebCompanion HKLM\Software\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB} ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** PUP.Optional.Legacy http://www.youndoo.com/?z=120f8ebb755980fda2c1364gcz4b6e1q7mdz5e2o7e&from=wak&uid=ST500DM002-1BD142_W2AJ8FQ0XXXXW2AJ8FQ0&type=hp PUP.Optional.Legacy http://www.youndoo.com/?z=120f8ebb755980fda2c1364gcz4b6e1q7mdz5e2o7e&from=wak&uid=ST500DM002-1BD142_W2AJ8FQ0XXXXW2AJ8FQ0&type=hp ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########