# AdwCleaner 7.0.1.0 - Logfile created on Fri Aug 11 13:13:51 2017 # Updated on 2017/05/08 by Malwarebytes # Database: 08-09-2017.2 # Running on Windows 7 Home Premium (X64) # Mode: scan # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** PUP.Optional.Legacy, Update service ***** [ Folders ] ***** PUP.Optional.Legacy, C:\Program Files\Common Files\AVG Secure Search PUP.Optional.Legacy, C:\Windows\System32\config\systemprofile\AppData\LocalLow\avg web tuneup PUP.Optional.Legacy, C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\avg web tuneup PUP.Optional.Legacy, C:\Users\July\AppData\Local\avg web tuneup PUP.Optional.Legacy, C:\Users\July\AppData\LocalLow\avg web tuneup PUP.Optional.EZDownloader, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader PUP.Adware.Heuristic, C:\Program Files (x86)\SmartSound Software PUP.Adware.Heuristic, C:\Program Files (x86)\youtubeadblocker PUP.Adware.Heuristic, C:\ProgramData\18088003513945667821 PUP.Adware.Heuristic, C:\ProgramData\Avg_Update_0215tb PUP.Adware.Heuristic, C:\ProgramData\{3457c172-36eb-d81f-3457-7c17236e05c8} PUP.Adware.Heuristic, C:\ProgramData\{a6ae0652-08a9-2454-a6ae-e065208a1948} PUP.Adware.Heuristic, C:\ProgramData\{cabe5dd8-cf05-4e40-cabe-e5dd8cf07763} ***** [ Files ] ***** PUP.Optional.SearchProtect, C:\Windows\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb PUP.Optional.SearchProtect.AppFlsh, C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** PUP.Adware.Heuristic, 0116tbUpdateInfo ***** [ Registry ] ***** PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\mysearch.avg.com PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mysearch.avg.com PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mystartsearch.com PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mystartsearch.com PUP.Optional.Legacy, [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{68C4FB14-E0A4-4773-9538-5FA4B424463D}C:\program files (x86)\popcorn time\chromecast\node.exe PUP.Optional.Legacy, [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{6C3A0517-5DD6-471E-993B-7F08F556B403}C:\program files (x86)\popcorn time\chromecast\node.exe PUP.Optional.Legacy, [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{D07C0A47-864F-4AE3-AA39-B04CC34DBB49}C:\program files (x86)\popcorn time\chromecast\node.exe PUP.Optional.Legacy, [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{23178B30-E61A-4E48-891C-C570EA2EC8C7}C:\program files (x86)\popcorn time\chromecast\node.exe PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command | PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command | PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1 PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613} PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1758715510-1450827849-130790418-1000\Software\Mozilla\Extends PUP.Optional.Legacy, [Key] - HKCU\Software\Mozilla\Extends PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\AVG Tuneup PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1758715510-1450827849-130790418-1000\Software\AVG Tuneup PUP.Optional.Legacy, [Key] - HKCU\Software\AVG Tuneup PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Lavasoft\Web Companion PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1758715510-1450827849-130790418-1000\Software\Lavasoft\Web Companion PUP.Optional.Legacy, [Key] - HKCU\Software\Lavasoft\Web Companion PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\chrome.exe | {8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\firefox.exe | {8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\SPVC32LDR PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\SPVC32Ldr | {8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Custom\chrome.exe | {8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Custom\explorer.exe | {8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Custom\firefox.exe | {8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\AppCompatFlags\Custom\iexplore.exe | {8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\Layers\SPVC32LDR PUP.Optional.FFPluginHp, [Key] - HKLM\SOFTWARE\FFPluginHp PUP.Optional.SearchProtect, [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\InstalledsDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd} PUP.Optional.SearchProtect, [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\InstalledsDB\{cf2797aa-b7ec-e311-8ed9-005056c00008} PUP.Optional.MultiPlug, [Key] - HKCU\Software\Classes\TypeLib\{157B1AA6-3E5C-404A-9118-C1D91F537040} PUP.Optional.MultiPlug, [Key] - HKU\S-1-5-21-1758715510-1450827849-130790418-1000\Software\Classes\TypeLib\{157B1AA6-3E5C-404A-9118-C1D91F537040} PUP.Optional.MyStartSearch.ShrtCln, [Key] - HKLM\SOFTWARE\mystartsearchSoftware PUP.Adware.Heuristic, [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0116tbUpdateInfo ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries. ************************* ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########