# ------------------------------- # Malwarebytes AdwCleaner 8.0.8.0 # ------------------------------- # Build: 10-08-2020 # Database: 2020-09-29.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 10-10-2020 # Duration: 00:01:33 # OS: Windows 7 Home Premium # Scanned: 31837 # Detected: 115 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** PUP.Optional.Legacy C:\ProgramData\Tencent PUP.Optional.Legacy C:\Users\Public\Documents\YTAHelper PUP.Optional.Legacy C:\Users\dj\AppData\Roaming\Tencent PUP.Optional.OutbytePCRepair C:\Program Files (x86)\Outbyte Trojan.Agent C:\Windows\rss ***** [ Files ] ***** PUP.Optional.Legacy C:\Users\dj\Downloads\uninstaller.exe ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** PUP.Adware.Heuristic HKLM\SOFTWARE\Classes\Applications\iMeshV11es.exe PUP.Adware.Heuristic HKLM\SOFTWARE\Classes\Applications\iMesh_V11_es_Setup.exe PUP.Optional.AdvancedSystemRepairPro HKLM\Software\Classes\Interface\{23387882-DEAA-4971-2222-5D5046F2B3BB} PUP.Optional.Amonetize.A HKLM\Software\Classes\Interface\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA} PUP.Optional.CrossRider HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_ PUP.Optional.CrossRider HKU\S-1-5-18\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_ PUP.Optional.Goobzo HKU\.DEFAULT\Software\Goobzo PUP.Optional.Goobzo HKU\S-1-5-18\Software\Goobzo PUP.Optional.IMGUpdater HKLM\Software\Microsoft\Shared Tools\MSConfig\services\GlobalUpdater PUP.Optional.Legacy HKCU\Software\Event Monitor PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C6565F37-655B-4C9E-AA5F-0307AC976ED4} PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com PUP.Optional.Legacy HKCU\Software\PC PUP.Optional.Legacy HKCU\Software\PPTAssist PUP.Optional.Legacy HKCU\Software\STA PUP.Optional.Legacy HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24} PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GLOBALUPDATE.EXE PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Control\Class\{0014298C-A9BA-440D-AAA8-AD12C7010EE5} PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Control\Class\{181A06EA-B82C-47DE-B851-E20FD0E1CC7D} PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{1EB10805-B8C6-48D1-A00D-F549BC6E271E} PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{62700686-8B25-44AF-B31B-C3A3BAC851A2} PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{74C22AE0-C078-4FD5-BA5E-A3AC6D786229} PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{9D8CB958-92CE-430D-9115-985C3C3A4ED8} PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{BFC73FDD-DC2D-47C4-98DA-BAFAEFA2E659} PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{E7C088BC-53FB-4842-9372-11B251E95EB3} PUP.Optional.Legacy HKLM\Software\Classes\Interface\{A63B48E9-1EC7-413E-9C48-3404BBF87BF3} PUP.Optional.Legacy HKLM\Software\Classes\mipony PUP.Optional.Legacy HKLM\Software\Classes\mpybrowser PUP.Optional.Legacy HKLM\Software\Microsoft\Shared Tools\MSConfig\services\BackupStack PUP.Optional.Legacy HKLM\Software\Microsoft\Shared Tools\MSConfig\services\NixSrv PUP.Optional.Legacy HKLM\Software\Microsoft\Shared Tools\MSConfig\services\SPBIUpd PUP.Optional.Legacy HKLM\Software\Microsoft\Shared Tools\MSConfig\services\SProtection PUP.Optional.Legacy HKLM\Software\Microsoft\Shared Tools\MSConfig\services\WCAssistantService PUP.Optional.Legacy HKLM\Software\Microsoft\Shared Tools\MSConfig\services\YouTubeAcceleratorService PUP.Optional.Legacy HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Web Companion PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18C9E3869A16248439FE3FF9EB02207A PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3038A20B9089EC34D8F74220191FAB30 PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D8011310B2622942868A458964FFDC5 PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6DD31E6C1A73B334383DF186676F4D20 PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB3204F747B20694B8D49EF92D8DC94B PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C81E33A400B6F814E90C7A3354E2A3A5 PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EDBF68C5F16790341B7C6FD7C7F8E4FC PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFA531D0F3A71504DA7AC6A11CE33739 PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3994139564-2437849967-1822899332-1001\Components\3152E1F19977892449DC968802CE8964 PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3994139564-2437849967-1822899332-1001\Components\649A52D257CA5DB4EAAE8BA9EB23E467 PUP.Optional.Legacy HKLM\Software\Wow6432Node\Event Monitor PUP.Optional.Legacy HKLM\Software\Wow6432Node\PC PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{A63B48E9-1EC7-413E-9C48-3404BBF87BF3} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GLOBALUPDATE.EXE PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A} PUP.Optional.Legacy HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} PUP.Optional.Legacy HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com PUP.Optional.Legacy HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com PUP.Optional.Legacy HKU\S-1-5-18\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} PUP.Optional.Legacy HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com PUP.Optional.Legacy HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com PUP.Optional.Mail.Ru HKLM\Software\Wow6432Node\\Classes\CLSID\{09900DE8-1DCA-443F-9243-26FF581438AF} PUP.Optional.ProductSetup.A HKCU\Software\PRODUCTSETUP PUP.Optional.SpeedItupFree HKLM\Software\Classes\AppID\{A245B088-41FA-478E-8DEA-86177F1394BB} PUP.Optional.SpeedItupFree HKLM\Software\Wow6432Node\\Classes\AppID\{A245B088-41FA-478E-8DEA-86177F1394BB} PUP.Optional.WebCompanion HKCU\Software\Lavasoft\Web Companion PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Lavasoft\Web Companion PUP.Winlogon.Heuristic HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon|Shell PUP.Winlogon.Heuristic HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon|Userinit ***** [ Chromium (and derivatives) ] ***** PUP.Optional.Legacy libedajeiljdoodmokbppgapcfbignci PUP.Optional.Legacy ogminpmldncgcmokldnmmapddoccmhfl ***** [ Chromium URLs ] ***** PUP.Optional.Legacy http://www-searching.com/?pid=s&s=G1Rzamobl3687,91d5bc67-05a3-4358-b79e-f84006bb2dc0,&vp=ch&prd=set_ch PUP.Optional.Legacy http://www-searching.com/?pid=s&s=G1Rzamobl3687,91d5bc67-05a3-4358-b79e-f84006bb2dc0,&vp=ch&prd=set_ch PUP.Optional.Legacy http://www-searching.com/?pid=s&s=G1Rzamobl3687,91d5bc67-05a3-4358-b79e-f84006bb2dc0,&vp=ch&prd=set_ch PUP.Optional.Legacy http://www-searching.com/?pid=s&s=G1Rzamobl3687,91d5bc67-05a3-4358-b79e-f84006bb2dc0,&vp=ch&prd=set_ch PUP.Optional.Legacy http://www-searching.com/?pid=s&s=G1Rzamobl3687,91d5bc67-05a3-4358-b79e-f84006bb2dc0,&vp=ch&prd=set_ch PUP.Optional.Legacy http://www-searching.com/?pid=s&s=G1Rzamobl3687,91d5bc67-05a3-4358-b79e-f84006bb2dc0,&vp=ch&prd=set_ch PUP.Optional.Legacy http://www-searching.com/?pid=s&s=G1Rzamobl3687,91d5bc67-05a3-4358-b79e-f84006bb2dc0,&vp=ch&prd=set_ch PUP.Optional.Legacy http://www-searching.com/?pid=s&s=G1Rzamobl3687,91d5bc67-05a3-4358-b79e-f84006bb2dc0,&vp=ch&prd=set_ch PUP.Optional.Legacy http://www-searching.com/?pid=s&s=G1Rzamobl3687,91d5bc67-05a3-4358-b79e-f84006bb2dc0,&vp=ch&prd=set_ch ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. ***** [ Hosts File Entries ] ***** No malicious hosts file entries found. ***** [ Preinstalled Software ] ***** Preinstalled.HPHealthCheck Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP HEALTH CHECK Preinstalled.HPMediaSmart Folder C:\Program Files (x86)\HEWLETT-PACKARD\MEDIA\WEBCAM Preinstalled.HPMediaSmart Folder C:\Program Files\HEWLETT-PACKARD\HP MEDIASMART Preinstalled.HPMediaSmart Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D} Preinstalled.HPMediaSmart Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{01FB4998-33C4-4431-85ED-079E3EEFE75D} Preinstalled.HPSupportAssistant Folder C:\HP\SUPPORT Preinstalled.HPSupportAssistant Folder C:\Users\dj\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{06F22256-8A8D-4F3F-B22C-6E07313D0FD1} Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-hp-genres ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########