# ------------------------------- # Malwarebytes AdwCleaner 8.4.2.0 # ------------------------------- # Build: 03-04-2024 # Database: 2024-03-04.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 06-30-2024 # Duration: 00:00:10 # OS: Windows 10 (Build 19045.4529) # Scanned: 32098 # Detected: 108 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** Adware.Yontoo C:\ProgramData\Tarma Installer PUP.Optional.Chip C:\Users\Peter\AppData\Local\DOWNLOADED INSTALLATIONS\{31AD8258-894C-48D5-8149-C47506092754} PUP.Optional.Legacy C:\Program Files (x86)\DAEMON Tools Toolbar PUP.Optional.Legacy C:\Program Files (x86)\GreenTree Applications PUP.Optional.Legacy C:\Program Files (x86)\sysTPL PUP.Optional.Legacy C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader PUP.Optional.Legacy C:\ProgramData\ytd video downloader PUP.Optional.Legacy C:\Users\Peter\music\qtrax media library PUP.Optional.StartFenster C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startfenster PUP.Optional.StartFenster C:\Users\Peter\AppData\Local\Startfenster PUP.Optional.VLCPlusPlayer.DE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VLC Plus Player PUP.Optional.VLCPlusPlayer.DE C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VLC Plus Player PUP.Optional.VLCPlusPlayer.DE C:\Windows\Temp\VLC Plus Player PUP.Optional.WebCompanion C:\ProgramData\Application Data\Lavasoft\Web Companion ***** [ Files ] ***** PUP.Optional.Legacy C:\END PUP.Optional.Legacy C:\Users\Public\Desktop\YTD Video Downloader.lnk PUP.Optional.StartFenster.ShrtCln C:\ProgramData\Microsoft\Windows\Start Menu\Startfenster.lnk PUP.Optional.StartFenster.ShrtCln C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Startfenster.lnk PUP.Optional.StartFenster.ShrtCln C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Startfenster.lnk PUP.Optional.StartFenster.ShrtCln C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Startfenster.lnk PUP.Optional.StartFenster.ShrtCln C:\Users\Peter\Favorites\Links\Startfenster.lnk PUP.Optional.StartFenster.ShrtCln C:\Users\Peter\Favorites\Startfenster.lnk PUP.Optional.StartFenster.ShrtCln C:\Users\Public\Desktop\Startfenster.lnk ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** PUP.Optional.Legacy C:\Windows\System32\Tasks\QTRAXPLAYER ***** [ Registry ] ***** PUP.Adware.Heuristic HKLM\SOFTWARE\Classes\Toolbar.CT3241949 PUP.Adware.Heuristic HKLM\Software\Wow6432Node\5aed9d8b03eb810 PUP.Optional.BProtect HKCU\Software\Microsoft\Internet Explorer\TabbedBrowsing|bProtectShowTabsWelcome PUP.Optional.Babylon HKCU\Software\Microsoft\Internet Explorer\DOMStorage\search.babylon.com PUP.Optional.Chip HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\chip 1-click download service PUP.Optional.Conduit HKLM\Software\DivX\Install\Setup\WizardLayout\ConduitToolbar PUP.Optional.GetNow.A HKLM\Software\Classes\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967} PUP.Optional.GetNow.A HKLM\Software\Wow6432Node\\Classes\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967} PUP.Optional.Legacy HKCU\Software\Appscion PUP.Optional.Legacy HKCU\Software\BABSOLUTION PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFE66D00-A56A-4F7F-81D7-4A28C5816D6C} PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D77A9E89-BD5A-41B6-9AC5-5C8903C92BCD} PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D77A9E89-BD5A-41B6-9AC5-5C8903C92BCD} PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\QtraxPlayer PUP.Optional.Legacy HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} PUP.Optional.Legacy HKLM\Software\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} PUP.Optional.Legacy HKLM\Software\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474} PUP.Optional.Legacy HKLM\Software\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD} PUP.Optional.Legacy HKLM\Software\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080} PUP.Optional.Legacy HKLM\Software\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82} PUP.Optional.Legacy HKLM\Software\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F} PUP.Optional.Legacy HKLM\Software\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2} PUP.Optional.Legacy HKLM\Software\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB} PUP.Optional.Legacy HKLM\Software\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9} PUP.Optional.Legacy HKLM\Software\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D} PUP.Optional.Legacy HKLM\Software\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69} PUP.Optional.Legacy HKLM\Software\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630} PUP.Optional.Legacy HKLM\Software\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0} PUP.Optional.Legacy HKLM\Software\Classes\Interface\{C17A0751-580B-466B-8271-5C73EFDC1295} PUP.Optional.Legacy HKLM\Software\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A} PUP.Optional.Legacy HKLM\Software\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4} PUP.Optional.Legacy HKLM\Software\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37} PUP.Optional.Legacy HKLM\Software\Classes\Prod.cap PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F} PUP.Optional.Legacy HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater PUP.Optional.Legacy HKLM\Software\Tarma Installer PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7} PUP.Optional.Legacy HKLM\Software\Wow6432Node\dt soft\daemon tools toolbar PUP.Optional.Legacy HKLM\System\CurrentControlSet\Services\EventLog\Application\WebCakeUpdaterService PUP.Optional.SlimCleanerPlus HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com PUP.Optional.SlimCleanerPlus HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com PUP.Optional.StartFenster HKCU\Software\Startfenster PUP.Optional.StartFenster HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Startfenster PUP.Optional.Uniblue HKLM\Software\DivX\Install\Setup\WizardLayout\UniblueDriverScanner PUP.Optional.VLCPlusPlayer.DE HKLM\Software\VLCPP PUP.Optional.WebCompanion HKCU\Software\Lavasoft\Web Companion PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Lavasoft\Web Companion PUP.Optional.YTDToolbar HKCU\Software\{DAF8B7E5-449D-4180-8281-10E536E597F2} PUP.Optional.YTDToolbar HKLM\Software\Wow6432Node\{DAF8B7E5-449D-4180-8281-10E536E597F2} ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** No malicious Chromium URLs found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. ***** [ Hosts File Entries ] ***** No malicious hosts file entries found. ***** [ Preinstalled Software ] ***** Preinstalled.CyberLinkLabelPrint Folder C:\Program Files (x86)\CYBERLINK\LABELPRINT Preinstalled.CyberLinkLabelPrint Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243} Preinstalled.CyberLinkLabelPrint Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{C59C179C-668D-49A9-B6EA-0121CCFC1243} Preinstalled.CyberLinkService Folder C:\Program Files\CYBERLINK\SHARED FILES\PLUGIN\NEWBLUE Preinstalled.CyberLinkService Registry HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\BDRegion Preinstalled.LenovoPower2Go Registry HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer Preinstalled.LenovoPower2Go Registry HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer_For_P2G10 Preinstalled.LenovoPower2Go Registry HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\UpdateP2GoShortCut Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658} Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{40BF1E83-20EB-11D8-97C5-0009C5020658} Preinstalled.LenovoPowerDVD Registry HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl10 Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B} Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B} Preinstalled.SamsungSmartSwitch File C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Smart Switch.lnk Preinstalled.SamsungSmartSwitch File C:\Users\Public\Desktop\Smart Switch.lnk Preinstalled.SamsungSmartSwitch Folder C:\Program Files (x86)\SAMSUNG\SMART SWITCH PC Preinstalled.SamsungSmartSwitch Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAMSUNG\SMART SWITCH PC Preinstalled.SamsungSmartSwitch Folder C:\Users\Peter\AppData\Roaming\SAMSUNG\SMART SWITCH PC Preinstalled.SamsungSmartSwitch Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7} Preinstalled.SamsungSmartSwitch Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7} ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########