# ------------------------------- # Malwarebytes AdwCleaner 8.0.7.0 # ------------------------------- # Build: 07-22-2020 # Database: 2020-07-20.1 (Local) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 09-29-2020 # Duration: 00:00:31 # OS: Windows 10 Home # Scanned: 31837 # Detected: 92 ***** [ Services ] ***** PUP.Optional.Legacy WCAssistantService ***** [ Folders ] ***** Adware.Mindspark C:\Users\admin\AppData\Local\FROMDOCTOPDFTOOLTAB Adware.Mindspark C:\Users\admin\AppData\Local\YOURTEMPLATEFINDERTOOLTAB PUP.Optional.DriverDoc C:\ProgramData\{0897014C-63E3-47DF-8A5F-4399CC5D61B9} PUP.Optional.Legacy C:\Users\Public\Documents\Downloaded Installers PUP.Optional.Legacy C:\Users\admin\AppData\Local\Downloaded Installers PUP.Optional.Solvusoft C:\ProgramData\Solvusoft PUP.Optional.WebCompanion C:\Program Files (x86)\Lavasoft\Web Companion PUP.Optional.WebCompanion C:\ProgramData\Application Data\Lavasoft\Web Companion PUP.Optional.WebCompanion C:\ProgramData\Lavasoft\Web Companion PUP.Optional.WebCompanion C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion PUP.Optional.WebCompanion C:\Users\admin\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG PUP.Optional.WebCompanion C:\Users\admin\AppData\Roaming\Lavasoft\Web Companion ***** [ Files ] ***** PUP.Optional.Legacy C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini PUP.Optional.Legacy C:\Windows\SysWOW64\lavasofttcpservice.dll PUP.Optional.Legacy C:\Windows\System32\LavasoftTcpService64.dll PUP.Optional.Legacy C:\Windows\System32\LavasoftTcpServiceOff.ini ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** PUP.Optional.DriverUpdate C:\Windows\System32\Tasks\DRIVERUPDATE SCAN ***** [ Registry ] ***** PUP.Adware.Heuristic HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{49d0cabb-36dc-49b7-a5ad-bbe2d8e59b39}|DisplayIcon PUP.Adware.Heuristic HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{49d0cabb-36dc-49b7-a5ad-bbe2d8e59b39}|DisplayName PUP.Adware.Heuristic HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{49d0cabb-36dc-49b7-a5ad-bbe2d8e59b39}|UninstallString PUP.Optional.Banggood HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\banggood.com PUP.Optional.Banggood HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.banggood.com PUP.Optional.Conduit HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} PUP.Optional.DocToPDFConverter HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pdfconverterhq.dl.myway.com PUP.Optional.DocToPDFConverter HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pdfconverterhq.dl.tb.ask.com PUP.Optional.DriverUpdate HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{036DAC5A-8B96-4296-8BFC-78BC8324C84C} PUP.Optional.DriverUpdate HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{036DAC5A-8B96-4296-8BFC-78BC8324C84C} PUP.Optional.DriverUpdate HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DriverUpdate Scan PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ak.staticimgfarm.com PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\chatango.com PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\driverupdate.net PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\hp.myway.com PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\izito.fr PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\solvusoft.com PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\st.chatango.com PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\staticimgfarm.com PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ttdetect.staticimgfarm.com PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.driverupdate.net PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.izito.fr PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.solvusoft.com PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\Main|Start Page PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057} PUP.Optional.Legacy HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion PUP.Optional.Legacy HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion PUP.Optional.SlimCleanerPlus HKCU\Software\SlimWare Utilities Inc PUP.Optional.SlimCleanerPlus HKLM\Software\SlimWare Utilities Inc PUP.Optional.SlimCleanerPlus HKLM\Software\Wow6432Node\SlimWare Utilities Inc PUP.Optional.Slimware HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\slimware.com PUP.Optional.Solvusoft HKLM\SOFTWARE\Classes\Applications\DriverDocSetup.exe PUP.Optional.TheBrightTag HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\s.thebrighttag.com PUP.Optional.TheBrightTag HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\thebrighttag.com PUP.Optional.TheBrightTag HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\s.thebrighttag.com PUP.Optional.TheBrightTag HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\thebrighttag.com PUP.Optional.WebCompanion HKCU\Software\Lavasoft\Web Companion PUP.Optional.WebCompanion HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com PUP.Optional.WebCompanion HKLM\SYSTEM\Setup\FirstBoot\Services\WCAssistantService PUP.Optional.WebCompanion HKLM\Software\Classes\LavasoftTcpServiceLib.DataContainer PUP.Optional.WebCompanion HKLM\Software\Classes\LavasoftTcpServiceLib.DataContainer.1 PUP.Optional.WebCompanion HKLM\Software\Classes\LavasoftTcpServiceLib.DataController PUP.Optional.WebCompanion HKLM\Software\Classes\LavasoftTcpServiceLib.DataController.1 PUP.Optional.WebCompanion HKLM\Software\Classes\LavasoftTcpServiceLib.DataTable PUP.Optional.WebCompanion HKLM\Software\Classes\LavasoftTcpServiceLib.DataTable.1 PUP.Optional.WebCompanion HKLM\Software\Classes\LavasoftTcpServiceLib.DataTableFields PUP.Optional.WebCompanion HKLM\Software\Classes\LavasoftTcpServiceLib.DataTableFields.1 PUP.Optional.WebCompanion HKLM\Software\Classes\LavasoftTcpServiceLib.DataTableHolder PUP.Optional.WebCompanion HKLM\Software\Classes\LavasoftTcpServiceLib.DataTableHolder.1 PUP.Optional.WebCompanion HKLM\Software\Classes\LavasoftTcpServiceLib.LSPLogic PUP.Optional.WebCompanion HKLM\Software\Classes\LavasoftTcpServiceLib.LSPLogic.1 PUP.Optional.WebCompanion HKLM\Software\Classes\LavasoftTcpServiceLib.ReadOnlyManager PUP.Optional.WebCompanion HKLM\Software\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1 PUP.Optional.WebCompanion HKLM\Software\Classes\LavasoftTcpServiceLib.WFPController PUP.Optional.WebCompanion HKLM\Software\Classes\LavasoftTcpServiceLib.WFPController.1 PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Lavasoft\Web Companion PUP.Optional.WebCompanion HKU\.DEFAULT\Software\Lavasoft\Web Companion PUP.Optional.WebCompanion HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com PUP.Optional.WebCompanion HKU\.DEFAULT\Software\Mozilla\NativeMessagingHosts\com.webcompanion.native PUP.Optional.WebCompanion HKU\S-1-5-18\Software\Lavasoft\Web Companion PUP.Optional.WebCompanion HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** No malicious Chromium URLs found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** PUP.Optional.DefaultSearch.ShrtCln Bing Default Search PUP.Optional.DefaultSearch.ShrtCln Bing Default Search ***** [ Hosts File Entries ] ***** No malicious hosts file entries found. ***** [ Preinstalled Software ] ***** No Preinstalled Software found. ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########