What is BookLot?
The Malwarebytes research team has determined that BookLot is a potentially unwanted program (PUP) that behaves like adware.
How do I know if my computer is affected by BookLot?
This is the main window of the program:
You may have noticed these warnings during install:
You may see this entry in your list of installed programs:
How did BookLot get on my computer?
PUPs use different methods for distributing themselves. This particular one was downloaded from their website:
How do I remove BookLot?
Our program Malwarebytes can detect and remove this program.For a more complete removal it is advisable to use the built-in uninstaller first.
- Please download Malwarebytes for Windows to your desktop.
- Double-click MBSetup.exe and follow the prompts to install the program.
- When your Malwarebytes for Windows installation completes, the program opens to the Welcome to Malwarebytes screen.
- Click on the Get started button.
- Click Scan to start a Threat Scan.
- When the scan is finished click Quarantine to remove the found threats.
- Reboot the system if prompted to complete the removal process.
- No, Malwarebytes removes BookLot completely.
We hope our application and this guide have helped you eradicate this adware.
As you can see below the full version of Malwarebytes, as well as Browser Guard, would have protected you against the BookLot adware. It would have blocked the installer before it became too late.
Technical details for experts
Possible signs in FRST logs:
(BookLot -> BookLot) [File not signed] C:\Users\{username}\AppData\Roaming\BookLot\BookLot.exe <6>
HKLM-x32\...\Run: [BookLot] => C:\Users\{username}\AppData\Roaming\BookLot\BookLot.exe [5321568 2021-02-09] (BookLot -> BookLot) [File not signed]
C:\Users\{username}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BookLot
C:\Users\{username}\AppData\Roaming\BookLot
C:\Users\{username}\AppData\Local\BookLot
(BookLot) C:\Users\{username}\Downloads\BookLot.17.2102.1pawk.exe
BookLot - BookLot for Desktop (HKLM-x32\...\BookLot) (Version: 17.2102.1pawk - BookLot)
Significant changes made by the installer:File system details [View: All details] (Selection)
---------------------------------------------------
Adds the folder C:\Users\{username}\AppData\Local\BookLot\User Data
Adds the file CrashpadMetrics-active.pma"="7/15/2021 6:50 PM, 1048576 bytes, A
Adds the file First Run"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file Local State"="7/15/2021 6:52 PM, 3429 bytes, A
Adds the file lockfile"="7/15/2021 6:50 PM, 0 bytes, A
Adds the folder C:\Users\{username}\AppData\Local\BookLot\User Data\BrowserMetrics
Adds the file BrowserMetrics-60F0675C-4D0.pma"="7/15/2021 6:50 PM, 4194304 bytes, A
Adds the folder C:\Users\{username}\AppData\Local\BookLot\User Data\Crashpad
Adds the file metadata"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file settings.dat"="7/15/2021 6:50 PM, 40 bytes, A
Adds the folder C:\Users\{username}\AppData\Local\BookLot\User Data\Crashpad\reports
Adds the folder C:\Users\{username}\AppData\Local\BookLot\User Data\Default
Adds the file 000003.log"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file Cookies"="7/15/2021 6:52 PM, 32768 bytes, A
Adds the file Cookies-journal"="7/15/2021 6:52 PM, 0 bytes, A
Adds the file CURRENT"="7/15/2021 6:50 PM, 16 bytes, A
Adds the file Favicons"="7/15/2021 6:50 PM, 20480 bytes, A
Adds the file Favicons-journal"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file Google Profile.ico"="7/15/2021 6:50 PM, 151668 bytes, A
Adds the file History"="7/15/2021 6:50 PM, 118784 bytes, A
Adds the file History-journal"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file LOCK"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file LOG"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file Login Data"="7/15/2021 6:50 PM, 18432 bytes, A
Adds the file Login Data-journal"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file MANIFEST-000002"="7/15/2021 6:50 PM, 50 bytes, A
Adds the file Network Action Predictor"="7/15/2021 6:50 PM, 36864 bytes, A
Adds the file Network Action Predictor-journal"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file Network Persistent State"="7/15/2021 6:52 PM, 702 bytes, A
Adds the file page_load_capping_opt_out.db"="7/15/2021 6:50 PM, 16384 bytes, A
Adds the file page_load_capping_opt_out.db-journal"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file Preferences"="7/15/2021 6:52 PM, 2439 bytes, A
Adds the file previews_opt_out.db"="7/15/2021 6:50 PM, 16384 bytes, A
Adds the file previews_opt_out.db-journal"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file QuotaManager"="7/15/2021 6:52 PM, 53248 bytes, A
Adds the file QuotaManager-journal"="7/15/2021 6:52 PM, 0 bytes, A
Adds the file README"="7/15/2021 6:50 PM, 162 bytes, A
Adds the file Secure Preferences"="7/15/2021 6:50 PM, 4720 bytes, A
Adds the file Top Sites"="7/15/2021 6:50 PM, 20480 bytes, A
Adds the file Top Sites-journal"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file TransportSecurity"="7/15/2021 6:52 PM, 1908 bytes, A
Adds the file Visited Links"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file Web Data"="7/15/2021 6:50 PM, 65536 bytes, A
Adds the file Web Data-journal"="7/15/2021 6:50 PM, 0 bytes, A
Adds the folder C:\Users\{username}\AppData\Local\BookLot\User Data\Default\blob_storage\ac77392b-6b1d-47e6-8573-7cce486e9cff
Adds the folder C:\Users\{username}\AppData\Local\BookLot\User Data\Default\Cache
Adds the file data_0"="7/15/2021 6:50 PM, 45056 bytes, A
Adds the file data_1"="7/15/2021 6:50 PM, 270336 bytes, A
Adds the file f_000016"="7/15/2021 6:51 PM, 40148 bytes, A
Adds the file f_000017"="7/15/2021 6:51 PM, 19777 bytes, A
Adds the file index"="7/15/2021 6:50 PM, 262512 bytes, A
Adds the folder C:\Users\{username}\AppData\Local\BookLot\User Data\Default\data_reduction_proxy_leveldb
Adds the file 000003.log"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file CURRENT"="7/15/2021 6:50 PM, 16 bytes, A
Adds the file LOCK"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file LOG"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file MANIFEST-000002"="7/15/2021 6:50 PM, 50 bytes, A
Adds the folder C:\Users\{username}\AppData\Local\BookLot\User Data\Default\databases
Adds the file Databases.db"="7/15/2021 6:50 PM, 28672 bytes, A
Adds the file Databases.db-journal"="7/15/2021 6:50 PM, 0 bytes, A
Adds the folder C:\Users\{username}\AppData\Local\BookLot\User Data\Default\databases\chrome-extension_cofhcpgfklpkiokgamillmifcmjfdmpf_0
Adds the file 1"="7/15/2021 6:50 PM, 16384 bytes, A
Adds the folder C:\Users\{username}\AppData\Local\BookLot\User Data\Default\Extension Rules
Adds the file 000003.log"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file CURRENT"="7/15/2021 6:50 PM, 16 bytes, A
Adds the file LOCK"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file LOG"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file MANIFEST-000001"="7/15/2021 6:50 PM, 41 bytes, A
Adds the folder C:\Users\{username}\AppData\Local\BookLot\User Data\Default\Extension State
Adds the file 000003.log"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file CURRENT"="7/15/2021 6:50 PM, 16 bytes, A
Adds the file LOCK"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file LOG"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file MANIFEST-000001"="7/15/2021 6:50 PM, 41 bytes, A
Adds the folder C:\Users\{username}\AppData\Local\BookLot\User Data\Default\File System\000\t
Adds the file .usage"="7/15/2021 6:50 PM, 24 bytes, A
Adds the folder C:\Users\{username}\AppData\Local\BookLot\User Data\Default\File System\000\t\Paths
Adds the file 000003.log"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file CURRENT"="7/15/2021 6:50 PM, 16 bytes, A
Adds the file LOCK"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file LOG"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file MANIFEST-000001"="7/15/2021 6:50 PM, 41 bytes, A
Adds the folder C:\Users\{username}\AppData\Local\BookLot\User Data\Default\File System\001\t
Adds the file .usage"="7/15/2021 6:51 PM, 24 bytes, A
Adds the folder C:\Users\{username}\AppData\Local\BookLot\User Data\Default\File System\001\t\Paths
Adds the file 000003.log"="7/15/2021 6:51 PM, 0 bytes, A
Adds the file CURRENT"="7/15/2021 6:51 PM, 16 bytes, A
Adds the file LOCK"="7/15/2021 6:51 PM, 0 bytes, A
Adds the file LOG"="7/15/2021 6:51 PM, 0 bytes, A
Adds the file MANIFEST-000001"="7/15/2021 6:51 PM, 41 bytes, A
Adds the folder C:\Users\{username}\AppData\Local\BookLot\User Data\Default\File System\Origins
Adds the file 000003.log"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file CURRENT"="7/15/2021 6:50 PM, 16 bytes, A
Adds the file LOCK"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file LOG"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file MANIFEST-000001"="7/15/2021 6:50 PM, 41 bytes, A
Adds the folder C:\Users\{username}\AppData\Local\BookLot\User Data\Default\GPUCache
Adds the file data_0"="7/15/2021 6:50 PM, 8192 bytes, A
Adds the file data_1"="7/15/2021 6:50 PM, 270336 bytes, A
Adds the file data_2"="7/15/2021 6:50 PM, 8192 bytes, A
Adds the file data_3"="7/15/2021 6:50 PM, 8192 bytes, A
Adds the file index"="7/15/2021 6:50 PM, 262512 bytes, A
Adds the folder C:\Users\{username}\AppData\Local\BookLot\User Data\Default\Local Storage\leveldb
Adds the file 000004.log"="7/15/2021 6:51 PM, 0 bytes, A
Adds the file 000005.ldb"="7/15/2021 6:51 PM, 508632 bytes, A
Adds the file CURRENT"="7/15/2021 6:50 PM, 16 bytes, A
Adds the file LOCK"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file LOG"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file MANIFEST-000001"="7/15/2021 6:51 PM, 176 bytes, A
Adds the folder C:\Users\{username}\AppData\Local\BookLot\User Data\Default\Session Storage
Adds the file 000003.log"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file CURRENT"="7/15/2021 6:50 PM, 16 bytes, A
Adds the file LOCK"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file LOG"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file MANIFEST-000001"="7/15/2021 6:50 PM, 41 bytes, A
Adds the folder C:\Users\{username}\AppData\Local\BookLot\User Data\Default\Site Characteristics Database
Adds the file 000003.log"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file CURRENT"="7/15/2021 6:50 PM, 16 bytes, A
Adds the file LOCK"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file LOG"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file MANIFEST-000001"="7/15/2021 6:50 PM, 41 bytes, A
Adds the folder C:\Users\{username}\AppData\Local\BookLot\User Data\Default\Sync Data\LevelDB
Adds the file 000003.log"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file CURRENT"="7/15/2021 6:50 PM, 16 bytes, A
Adds the file LOCK"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file LOG"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file MANIFEST-000001"="7/15/2021 6:50 PM, 41 bytes, A
Adds the folder C:\Users\{username}\AppData\Local\BookLot\User Data\Default\Thumbnails
Adds the file 000003.log"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file CURRENT"="7/15/2021 6:50 PM, 16 bytes, A
Adds the file LOCK"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file LOG"="7/15/2021 6:50 PM, 0 bytes, A
Adds the file MANIFEST-000001"="7/15/2021 6:50 PM, 41 bytes, A
Adds the folder C:\Users\{username}\AppData\Local\BookLot\User Data\Default\Web Applications\_nwjs_cofhcpgfklpkiokgamillmifcmjfdmpf
Adds the file BookLot.ico"="7/15/2021 6:50 PM, 189361 bytes, A
Adds the file BookLot.ico.md5"="7/15/2021 6:50 PM, 16 bytes, A
Adds the folder C:\Users\{username}\AppData\Local\BookLot\User Data\ShaderCache\GPUCache
Adds the file data_0"="7/15/2021 6:50 PM, 8192 bytes, A
Adds the file data_1"="7/15/2021 6:50 PM, 270336 bytes, A
Adds the file data_2"="7/15/2021 6:50 PM, 8192 bytes, A
Adds the file data_3"="7/15/2021 6:50 PM, 8192 bytes, A
Adds the file index"="7/15/2021 6:50 PM, 262512 bytes, A
Adds the folder C:\Users\{username}\AppData\Local\BookLot\User Data\Stability
Adds the file 1232-1626367835995868.pma"="7/15/2021 6:50 PM, 1048576 bytes, A
Adds the folder C:\Users\{username}\AppData\Roaming\BookLot
Adds the file BookLot.exe"="2/9/2021 9:56 AM, 5321568 bytes, A
Adds the file d3dcompiler_47.dll"="2/9/2021 9:56 AM, 3710720 bytes, A
Adds the file ffmpeg.dll"="2/9/2021 9:56 AM, 1488128 bytes, A
Adds the file icudtl.dat"="1/19/2021 11:29 AM, 10245952 bytes, A
Adds the file libEGL.dll"="2/9/2021 9:56 AM, 96512 bytes, A
Adds the file libGLESv2.dll"="2/9/2021 9:56 AM, 4434688 bytes, A
Adds the file natives_blob.bin"="1/19/2021 11:29 AM, 92247 bytes, A
Adds the file node.dll"="2/9/2021 9:56 AM, 12371712 bytes, A
Adds the file notification_helper.exe"="2/9/2021 9:56 AM, 493312 bytes, A
Adds the file nw.dll"="2/9/2021 9:56 AM, 94750464 bytes, A
Adds the file nw_100_percent.pak"="1/19/2021 11:29 AM, 1021430 bytes, A
Adds the file nw_200_percent.pak"="1/19/2021 11:29 AM, 1341563 bytes, A
Adds the file nw_elf.dll"="2/9/2021 9:56 AM, 493824 bytes, A
Adds the file resources.pak"="1/19/2021 11:29 AM, 5550400 bytes, A
Adds the file snapshot_blob.bin"="1/19/2021 11:29 AM, 1283220 bytes, A
Adds the file storage.json"="7/15/2021 6:50 PM, 80 bytes, A
Adds the file Uninstall.exe"="7/15/2021 6:50 PM, 472522 bytes, A
Adds the file v8_context_snapshot.bin"="1/19/2021 11:29 AM, 1607648 bytes, A
Adds the folder C:\Users\{username}\AppData\Roaming\BookLot\locales
Adds the folder C:\Users\{username}\AppData\Roaming\BookLot\swiftshader
Adds the file libEGL.dll"="1/19/2021 11:29 AM, 122368 bytes, A
Adds the file libGLESv2.dll"="1/19/2021 11:29 AM, 2256896 bytes, A
Adds the folder C:\Users\{username}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BookLot
Adds the file BookLot.lnk"="7/15/2021 6:50 PM, 1821 bytes, A
Adds the file Uninstall.lnk"="7/15/2021 6:50 PM, 1837 bytes, A
In the existing folder C:\Users\{username}\Downloads
Adds the file BookLot.17.2102.1pawk.exe"="7/15/2021 6:49 PM, 73077304 bytes, A
Registry details [View: All details] (Selection)
------------------------------------------------
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BookLot"="REG_SZ", "C:\Users\{username}\AppData\Roaming\BookLot\BookLot.exe --su"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BookLot]
"DisplayIcon"="REG_SZ", ""C:\Users\{username}\AppData\Roaming\BookLot\Uninstall.exe""
"DisplayName"="REG_SZ", "BookLot - BookLot for Desktop"
"DisplayVersion"="REG_SZ", "17.2102.1pawk"
"EstimatedSize"="REG_DWORD", 179813
"Publisher"="REG_SZ", "BookLot"
"UninstallString"="REG_SZ", ""C:\Users\{username}\AppData\Roaming\BookLot\Uninstall.exe""
[HKEY_CURRENT_USER\Software\AppDataLow\Software\BookLot]
"uid"="REG_SZ", "DA45BCA5-CF3A-4F7F-9413-6A3CB57EC5B2"
[HKEY_CURRENT_USER\Software\nwjs]
"FirstNotDefault"="REG_QWORD, .../
"metricsid"="REG_SZ", "38bc064e-9870-4b1f-86b5-062244d54abc"
"metricsid_enableddate"="REG_SZ", "1626367836"
"metricsid_installdate"="REG_SZ", "1626367836"
[HKEY_CURRENT_USER\Software\nwjs\BLBeacon]
"failed_count"="REG_DWORD", 0
"state"="REG_DWORD", 1
"version"="REG_SZ", "71.0.3578.98"
[HKEY_CURRENT_USER\Software\nwjs\PreferenceMACs\Default]
"browser.show_home_button"="REG_SZ", "D4AE6B748030C65B37203BF504F4BAB6B7189D30A8068E933D27D272B9825121"
"default_search_provider_data.template_url_data"="REG_SZ", "577902E48778C2084EA38A666D6F118AC7A10E564E6D2C614157FE4553B1CDF1"
"google.services.account_id"="REG_SZ", "6FD09700B4A149D948B55F3C0AB72673D5C367B9E751454C6202DC1D3DFA6802"
"google.services.last_account_id"="REG_SZ", "6AF24852E27EDB5DFA7E36D3AC87D5EBDB6B1A2ACB4AF4E651C22798B2394A67"
"google.services.last_username"="REG_SZ", "BF235C9F83153EC2D71D60021ED0AA56728D62A5264E811DCEBFF589EA33BE81"
"google.services.username"="REG_SZ", "A70B5C736433139A005D3E49D73AB8574672434936A4FA21F55757B0E4882F3C"
"homepage"="REG_SZ", "6BEC350ECF8125372A826D71D2DB258A636A08AF0C652D9E774072EFB372A346"
"homepage_is_newtabpage"="REG_SZ", "71E415DF84698054516E68295FA7E443543243920785F715BF71F2641FD03239"
"media.storage_id_salt"="REG_SZ", "7CB55C624C43F9AF857E83B87E0E531816C28E8B247C5FBF4E6515960AD67692"
"pinned_tabs"="REG_SZ", "988BA7AF49CBEED46002524FB1DC5972CCCEE6DF03B77A755B3E322D74E33697"
"prefs.preference_reset_time"="REG_SZ", "3BB6D1CF1E2266580804D7B343EB3D436157898CC157308C74F704B5D85BFEB3"
"safebrowsing.incidents_sent"="REG_SZ", "749D4F2A5067553DBA6E47E7C37A086D83F1623F54420951FD2646E8E8E27C80"
"search_provider_overrides"="REG_SZ", "D868509C983E4D4868450576F8A3D3E7E05C68568CF8D7DF91589972AEF37E93"
"session.restore_on_startup"="REG_SZ", "43A753CE09B9BF0DC9660872B81B90FD2A0D9B708609FE84D2B964F6828053EA"
"session.startup_urls"="REG_SZ", "5622145A2429114A31AC87D39A6757FFC8802A76D4158BC08DC268C76568D401"
"settings_reset_prompt.last_triggered_for_default_search"="REG_SZ", "1B7549747E6FD7C37E6D498A93AB6980CF3A2002D339CFD5D09C6997B37FA7E3"
"settings_reset_prompt.last_triggered_for_homepage"="REG_SZ", "3937DC165E7432A408A1AEAC832766F0C8D5A7C7ADB070399FE60CB887003332"
"settings_reset_prompt.last_triggered_for_startup_urls"="REG_SZ", "9CA5289F21296A288C9A358716171FDF673C04D4A30D443BB97A408B83B08135"
"settings_reset_prompt.prompt_wave"="REG_SZ", "8E49A1A3D2AA3456F777518FDCC2BA30722E089ECFD7B7265C2EE8BB90D3EF15"
"software_reporter.prompt_seed"="REG_SZ", "CC15095EDB89D7530910B1296F1D27AF2AC038D4F6B627A0668381488E697535"
"software_reporter.prompt_version"="REG_SZ", "04FFA133961EA613587BC3C40EBACF2A6F42BCECBCEAE1CE4312993E3A3E752E"
[HKEY_CURRENT_USER\Software\nwjs\PreferenceMACs\Default\extensions.settings]
"cofhcpgfklpkiokgamillmifcmjfdmpf"="REG_SZ", "546C6F39CA94AB8674A5B2A48ABF29AC6FB490D863717CD02E0E13B4C94B2938"
"mhjfbmdgcfjbbpaeojofohoefgiehjai"="REG_SZ", "0F00F8907440E641CFF1BF70927A0E67B789114BFA04968866EC3812738E5AB5"
[HKEY_CURRENT_USER\Software\nwjs\StabilityMetrics]
"user_experience_metrics.stability.exited_cleanly"="REG_DWORD", 0Malwarebytes log:Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 7/15/21
Scan Time: 6:57 PM
Log File: b32627c6-e58d-11eb-96c5-080027235d76.json
-Software Information-
Version: 4.4.2.123
Components Version: 1.0.1358
Update Package Version: 1.0.43135
License: Premium
-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: {username}-PC\{username}
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 258024
Threats Detected: 27
Threats Quarantined: 26
Time Elapsed: 2 min, 4 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 6
PUP.Optional.BookLot, C:\USERS\{username}\APPDATA\ROAMING\BOOKLOT\BOOKLOT.EXE, Quarantined, 611, 958695, , , , , AB87FE73A386F63C49D474CBC52B79C8, 187047B6542CB613194F8E3C449D61978735FC28F952EE7B26532A47C697B3D6
PUP.Optional.BookLot, C:\USERS\{username}\APPDATA\ROAMING\BOOKLOT\BOOKLOT.EXE, Quarantined, 611, 958695, , , , , AB87FE73A386F63C49D474CBC52B79C8, 187047B6542CB613194F8E3C449D61978735FC28F952EE7B26532A47C697B3D6
PUP.Optional.BookLot, C:\USERS\{username}\APPDATA\ROAMING\BOOKLOT\BOOKLOT.EXE, Quarantined, 611, 958695, , , , , AB87FE73A386F63C49D474CBC52B79C8, 187047B6542CB613194F8E3C449D61978735FC28F952EE7B26532A47C697B3D6
PUP.Optional.BookLot, C:\USERS\{username}\APPDATA\ROAMING\BOOKLOT\BOOKLOT.EXE, Quarantined, 611, 958695, , , , , AB87FE73A386F63C49D474CBC52B79C8, 187047B6542CB613194F8E3C449D61978735FC28F952EE7B26532A47C697B3D6
PUP.Optional.BookLot, C:\USERS\{username}\APPDATA\ROAMING\BOOKLOT\BOOKLOT.EXE, Quarantined, 611, 958695, , , , , AB87FE73A386F63C49D474CBC52B79C8, 187047B6542CB613194F8E3C449D61978735FC28F952EE7B26532A47C697B3D6
PUP.Optional.BookLot, C:\USERS\{username}\APPDATA\ROAMING\BOOKLOT\BOOKLOT.EXE, Quarantined, 611, 958695, , , , , AB87FE73A386F63C49D474CBC52B79C8, 187047B6542CB613194F8E3C449D61978735FC28F952EE7B26532A47C697B3D6
Module: 9
PUP.Optional.BookLot, C:\USERS\{username}\APPDATA\ROAMING\BOOKLOT\BOOKLOT.EXE, Quarantined, 611, 958695, , , , , AB87FE73A386F63C49D474CBC52B79C8, 187047B6542CB613194F8E3C449D61978735FC28F952EE7B26532A47C697B3D6
PUP.Optional.BookLot, C:\USERS\{username}\APPDATA\ROAMING\BOOKLOT\BOOKLOT.EXE, Quarantined, 611, 958695, , , , , AB87FE73A386F63C49D474CBC52B79C8, 187047B6542CB613194F8E3C449D61978735FC28F952EE7B26532A47C697B3D6
PUP.Optional.BookLot, C:\USERS\{username}\APPDATA\ROAMING\BOOKLOT\BOOKLOT.EXE, Quarantined, 611, 958695, , , , , AB87FE73A386F63C49D474CBC52B79C8, 187047B6542CB613194F8E3C449D61978735FC28F952EE7B26532A47C697B3D6
PUP.Optional.BookLot, C:\USERS\{username}\APPDATA\ROAMING\BOOKLOT\BOOKLOT.EXE, Quarantined, 611, 958695, , , , , AB87FE73A386F63C49D474CBC52B79C8, 187047B6542CB613194F8E3C449D61978735FC28F952EE7B26532A47C697B3D6
PUP.Optional.BookLot, C:\USERS\{username}\APPDATA\ROAMING\BOOKLOT\BOOKLOT.EXE, Quarantined, 611, 958695, , , , , AB87FE73A386F63C49D474CBC52B79C8, 187047B6542CB613194F8E3C449D61978735FC28F952EE7B26532A47C697B3D6
PUP.Optional.BookLot, C:\USERS\{username}\APPDATA\ROAMING\BOOKLOT\BOOKLOT.EXE, Quarantined, 611, 958695, , , , , AB87FE73A386F63C49D474CBC52B79C8, 187047B6542CB613194F8E3C449D61978735FC28F952EE7B26532A47C697B3D6
PUP.Optional.BookLot, C:\USERS\{username}\APPDATA\ROAMING\BOOKLOT\SWIFTSHADER\LIBEGL.DLL, Quarantined, 611, 958698, , , , , 1C85AE3C2CD01A0FA35306E4A79AB09D, E73AEE1DF92CC5ED40F38097310F98C58C41E729C05FE554877B42B620C7D658
PUP.Optional.BookLot, C:\USERS\{username}\APPDATA\ROAMING\BOOKLOT\SWIFTSHADER\LIBGLESV2.DLL, Quarantined, 611, 958698, , , , , DC0A1C2539D26524AADF8AA8937CEF0B, 6C3F9D4062A383983716C6956DEE35C6832E6C7D5DE82D60220D3BF6BEB74A56
PUP.Optional.BookLot, C:\USERS\{username}\APPDATA\ROAMING\BOOKLOT\D3DCOMPILER_47.DLL, Quarantined, 611, 958842, , , , , 16CE419EA09CF06A4DA2F2834101B537, 53AFC756CBE3D08549FBD1B28D7D9ABB40FA03B0F646CD0A156CCE808CDBE7A2
Registry Key: 2
PUP.Optional.BookLot, HKCU\SOFTWARE\APPDATALOW\SOFTWARE\BookLot, Quarantined, 611, 958694, 1.0.43135, , ame, , ,
PUP.Optional.BookLot, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\BookLot, Quarantined, 611, 958696, 1.0.43135, , ame, , ,
Registry Value: 1
PUP.Optional.BookLot, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|BOOKLOT, Quarantined, 611, 958695, 1.0.43135, , ame, , ,
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 3
PUP.Optional.BookLot, C:\USERS\{username}\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\BOOKLOT, Quarantined, 611, 958697, 1.0.43135, , ame, , ,
PUP.Optional.BookLot, C:\USERS\{username}\APPDATA\ROAMING\BOOKLOT, Quarantined, 611, 958698, 1.0.43135, , ame, , ,
PUP.Optional.BookLot, C:\USERS\{username}\APPDATA\LOCAL\BOOKLOT, Removal Failed, 611, 958699, 1.0.43135, , ame, , ,
File: 6
PUP.Optional.BookLot, C:\USERS\{username}\APPDATA\ROAMING\BOOKLOT\BOOKLOT.EXE, Quarantined, 611, 958695, , , , , AB87FE73A386F63C49D474CBC52B79C8, 187047B6542CB613194F8E3C449D61978735FC28F952EE7B26532A47C697B3D6
PUP.Optional.BookLot, C:\Users\{username}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BookLot\BookLot.lnk, Quarantined, 611, 958697, , , , , DC939E7BF6CF68FAB4F5318ECDB42908, 63BCFBF57B6DED92215F4A71AB77061A31435EA5C9A82CBAE804701ACC45D6FB
PUP.Optional.BookLot, C:\Users\{username}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BookLot\Uninstall.lnk, Quarantined, 611, 958697, , , , , D7AFFA393BD5ECEF58066C6293714C3B, D0CB5AF4AB0C9466F2168ADF226F0818AB52143C99F33DE1F5678A928595E6CF
PUP.Optional.BookLot, C:\USERS\{username}\APPDATA\ROAMING\BOOKLOT\SWIFTSHADER\LIBEGL.DLL, Quarantined, 611, 958698, 1.0.43135, , ame, , 1C85AE3C2CD01A0FA35306E4A79AB09D, E73AEE1DF92CC5ED40F38097310F98C58C41E729C05FE554877B42B620C7D658
PUP.Optional.BookLot, C:\USERS\{username}\APPDATA\ROAMING\BOOKLOT\SWIFTSHADER\LIBGLESV2.DLL, Quarantined, 611, 958698, 1.0.43135, , ame, , DC0A1C2539D26524AADF8AA8937CEF0B, 6C3F9D4062A383983716C6956DEE35C6832E6C7D5DE82D60220D3BF6BEB74A56
PUP.Optional.BookLot, C:\USERS\{username}\APPDATA\ROAMING\BOOKLOT\D3DCOMPILER_47.DLL, Quarantined, 611, 958842, 1.0.43135, , ame, , 16CE419EA09CF06A4DA2F2834101B537, 53AFC756CBE3D08549FBD1B28D7D9ABB40FA03B0F646CD0A156CCE808CDBE7A2
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)As mentioned before the full version of Malwarebytes could have protected your computer against this threat.We use different ways of protecting your computer(s):
- Dynamically Blocks Malware Sites & Servers
- Malware Execution Prevention
Back to top
Sign In
Create Account
