Adware.PastaQuotes

By CagedTech in Adware

Threat Scorecard

Ranking:	3,860
Threat Level:	20 % (Normal)
Infected Computers:	29,371

First Seen:	May 12, 2014
Last Seen:	September 14, 2023
OS(es) Affected:	Windows

PastaLeads/PastaQuotes are Potentially Unwanted Programs. PastaLeads/PastaQuotes are classified as adware. This is because PastaLeads/PastaQuotes are mainly used to deliver advertisements and marketing content to affected computers. The most common way in which PastaLeads/PastaQuotes may enter a computer is by bundling these PUPs with free software. Software distributed online for free may be bundled with adware such as PastaLeads/PastaQuotes as a way of making money. When computer users install the new software, they will be prompted to install the PUP along with a new program. Unfortunately, in most cases the installation of PastaLeads/PastaQuotes is set by default, meaning that computer users need to be careful during installation to ensure that PastaLeads/PastaQuotes and other PUPs are not installed against their will.

Table of Contents

How PastaLeads/PastaQuotes is Used

PastaLeads/PastaQuotes are used to generate sales leads for various businesses. PastaLeads/PastaQuotes do this by affecting the computer user's online searches. For example, if a computer user searches for a particular online game, PastaLeads/PastaQuotes may display a form or survey that then may send information about the computer user to the gaming company for marketing purposes. PastaLeads/PastaQuotes are associated with various insurance companies as well as several other suspicious businesses. Although, in theory, this sounds like a helpful service, malware analysts have observed that PastaLeads/PastaQuotes advertisements, pop-up windows and messages are very disruptive, making it very difficult to use the affected Web browser. Entering information into PastaLeads/PastaQuotes also may put your privacy at risk. This is because data gathered by PastaLeads/PastaQuotes to deliver insurance quotes or sales leads is given to several third party companies that may use this information for intrusive marketing or to attempt to take advantage of the affected computer user in some form or another. PUPs like PastaLeads/PastaQuotes should be avoided and, instead, the computer user should use reputable, legitimate services with a well-established online presence.

How PastaLeads/PastaQuotes is Installed on a Computer

When PastaLeads/PastaQuotes are installed, they create a Windows service that will run continuously in the background automatically. PastaLeads/PastaQuotes also may make changes to the affected Web browser, forcing it to use a proxy server when connecting to the net. This means that the computer user's online activity may be rerouted through this server automatically. PastaLeads/PastaQuotes are not particularly difficult to remove, and may be uninstalled fairly directly using the Control Panel. However, in many cases, PastaLeads/PastaQuotes may not be uninstalled correctly, meaning that the proxy settings will remain on the affected Web browser even if the Web browser add-ons themselves have been removed. This may cause the affected Web browsers to lose their ability to connect to any websites. Because of this, PC security analysts strongly recommend that computer users also restore their Web browser settings manually after uninstalling PastaLeads/PastaQuotes. This is an important step when dealing with any type of PUP.

One aspect of PastaLeads/PastaQuotes that can be misunderstood is the fact that PastaLeads/PastaQuotes are not threatening, despite the fact that it may behave in ways that are disruptive. The best way to prevent PastaLeads/PastaQuotes from being installed on a computer is by paying attention to all license agreements and every step of the installation process when installing new software. In every case, it is better to use Custom or Advanced installation procedures whenever possible. This can allow you to opt out of installing PastaLeads/PastaQuotes or other bundled software. Malware analysts strongly recommend canceling the installation of the new software and seeking out an alternative if the installation of any PUP is unavoidable. It may be possible to find versions of free software that have not been bundled with unwanted components such as PastaLeads/PastaQuotes.

SpyHunter Detects & Remove Adware.PastaQuotes

File System Details

Adware.PastaQuotes may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	pastaldrw.sys	f85d3092f3324c12dbd0b8d19bbd027d	3,706
Name: pastaldrw.sys MD5: f85d3092f3324c12dbd0b8d19bbd027d Size: 61.87 KB (61872 bytes) Detections: 3,706 Type: System file Path: c:\program files\common files\pastaleads\pastaleads client\pastaldrw.sys Group: Malware file Last Updated: March 30, 2022
2.	PastaLeadsWinApp.exe	ad72592143375af1a6e19ef056132c0a	1,627
Name: PastaLeadsWinApp.exe MD5: ad72592143375af1a6e19ef056132c0a Size: 27.03 KB (27032 bytes) Detections: 1,627 Type: Executable File Path: %PROGRAMFILES%\pastaleads Group: Malware file Last Updated: February 6, 2020
3.	PastaLeadsService.exe	77eeeed07f395692434f20b2d758a3fd	1,162
Name: PastaLeadsService.exe MD5: 77eeeed07f395692434f20b2d758a3fd Size: 361.36 KB (361368 bytes) Detections: 1,162 Type: Executable File Path: %PROGRAMFILES%\pastaleads Group: Malware file Last Updated: February 6, 2020
4.	pastaldrw.sys	53a45d0e8dc860cb60b6d87dbb58519f	733
Name: pastaldrw.sys MD5: 53a45d0e8dc860cb60b6d87dbb58519f Size: 46.76 KB (46768 bytes) Detections: 733 Type: System file Path: \??\C:\Program Files\Common Files\PastaLeads\PastaLeads Client Group: Malware file Last Updated: November 17, 2019
5.	PastaLeadsWinApp.exe	e0b77a6ba7627d1d50cb04a9c619ca3c	116
Name: PastaLeadsWinApp.exe MD5: e0b77a6ba7627d1d50cb04a9c619ca3c Size: 26 KB (26008 bytes) Detections: 116 Type: Executable File Path: C:\Program Files (x86)\pastaleads\PastaLeadsWinApp.exe Group: Malware file Last Updated: November 21, 2020
6.	pastaleadsservice.exe	519c7cd28497b20ced1062faecdbb3a8	93
Name: pastaleadsservice.exe MD5: 519c7cd28497b20ced1062faecdbb3a8 Size: 361.36 KB (361368 bytes) Detections: 93 Type: Executable File Path: c:\program files (x86)\pastaleads\pastaleadsservice.exe Group: Malware file Last Updated: November 21, 2020
7.	pastaldrw.sys	f1d5423101d061cdde68fffbe3bc3d40	86
Name: pastaldrw.sys MD5: f1d5423101d061cdde68fffbe3bc3d40 Size: 61.9 KB (61904 bytes) Detections: 86 Type: System file Path: \??\C:\Program Files\Common Files\PastaLeads\PastaLeads Client Group: Malware file Last Updated: February 9, 2019
8.	PastaLeadsWinApp.exe	0a474bb8d0252d517568fd972d68ea08	25
Name: PastaLeadsWinApp.exe MD5: 0a474bb8d0252d517568fd972d68ea08 Size: 26 KB (26008 bytes) Detections: 25 Type: Executable File Path: %PROGRAMFILES(x86)%\pastaleads Group: Malware file Last Updated: July 20, 2018
9.	pastaldrw.sys	8c91d2bfaefb82173bc67faf011dfc79	22
Name: pastaldrw.sys MD5: 8c91d2bfaefb82173bc67faf011dfc79 Size: 46.8 KB (46800 bytes) Detections: 22 Type: System file Path: \??\C:\Program Files\Common Files\PastaLeads\PastaLeads Client Group: Malware file Last Updated: July 1, 2015
10.	PastaLeadsService.exe	577abf032fc9675911cafe03379b5384	16
Name: PastaLeadsService.exe MD5: 577abf032fc9675911cafe03379b5384 Size: 361.36 KB (361368 bytes) Detections: 16 Type: Executable File Path: %PROGRAMFILES(x86)%\pastaleads Group: Malware file Last Updated: July 20, 2018
11.	tsk0001.dta	55ecd72d0c444b99631b73dee4a3a167	10
Name: tsk0001.dta MD5: 55ecd72d0c444b99631b73dee4a3a167 Size: 61.87 KB (61872 bytes) Detections: 10 Path: C:\TDSSKiller_Quarantine\30.06.2015_15.25.41\susp0010\svc0000\tsk0001.dta Group: Malware file Last Updated: January 15, 2021
12.	pastaldrw.sys	6e746ea11f6952c7b703678030cbd36c	7
Name: pastaldrw.sys MD5: 6e746ea11f6952c7b703678030cbd36c Size: 61.87 KB (61872 bytes) Detections: 7 Type: System file Path: \??\C:\Program Files\Common Files\PastaLeads\PastaLeads Client Group: Malware file Last Updated: July 1, 2015
13.	pastaldrw.sys	b3cd68ae713b54c3dc34d66157da8f63	6
Name: pastaldrw.sys MD5: b3cd68ae713b54c3dc34d66157da8f63 Size: 61.9 KB (61904 bytes) Detections: 6 Type: System file Path: C:\Program Files\Common Files\PastaLeads\PastaLeads Client Group: Malware file Last Updated: April 16, 2020
14.	pastaldrw.sys	dedcb6e53273d23a813d8894fb00a491	5
Name: pastaldrw.sys MD5: dedcb6e53273d23a813d8894fb00a491 Size: 46.76 KB (46768 bytes) Detections: 5 Type: System file Path: \??\C:\Program Files\Common Files\PastaLeads\PastaLeads Client Group: Malware file Last Updated: October 24, 2020
15.	PastaLeadsWinApp.exe	6dc5419c65306ec4dc2eebb7db77d69d	4
Name: PastaLeadsWinApp.exe MD5: 6dc5419c65306ec4dc2eebb7db77d69d Size: 26 KB (26008 bytes) Detections: 4 Type: Executable File Path: %PROGRAMFILES%\pastaleads Group: Malware file Last Updated: May 13, 2014
16.	PastaLeadsService.exe	50aebaa20bf30b8015a077a86956010f	4
Name: PastaLeadsService.exe MD5: 50aebaa20bf30b8015a077a86956010f Size: 361.36 KB (361368 bytes) Detections: 4 Type: Executable File Path: %PROGRAMFILES%\pastaleads Group: Malware file Last Updated: May 13, 2014
17.	pastaldrw.sys	e9b56c4aae31c287927f588f25980573	2
Name: pastaldrw.sys MD5: e9b56c4aae31c287927f588f25980573 Size: 46.8 KB (46800 bytes) Detections: 2 Type: System file Path: \??\C:\Program Files\Common Files\PastaLeads\PastaLeads Client Group: Malware file Last Updated: September 21, 2018
18.	pastaldrw.sys	b73d45a5d35817d893643a4d50556b6f	1
Name: pastaldrw.sys MD5: b73d45a5d35817d893643a4d50556b6f Size: 61.9 KB (61904 bytes) Detections: 1 Type: System file Path: \??\C:\Program Files\Common Files\PastaLeads\PastaLeads Client Group: Malware file Last Updated: July 1, 2015
19.	pastaldrw.sys	42ffc6a601da4ddee4bac9d95b5ebbd5	1
Name: pastaldrw.sys MD5: 42ffc6a601da4ddee4bac9d95b5ebbd5 Size: 46.76 KB (46768 bytes) Detections: 1 Type: System file Path: \??\C:\Program Files\Common Files\PastaLeads\PastaLeads Client Group: Malware file Last Updated: July 1, 2015
20.	pastaldrw.sys	8b3fe1e8f1c7ff461a55ac6d508566cf	1
Name: pastaldrw.sys MD5: 8b3fe1e8f1c7ff461a55ac6d508566cf Size: 61.9 KB (61904 bytes) Detections: 1 Type: System file Path: \??\C:\Program Files\Common Files\PastaLeads\PastaLeads Client Group: Malware file Last Updated: July 1, 2015
21.	pastaldrw.sys	ab7928710d46014476dfe4d9b55c661a	1
Name: pastaldrw.sys MD5: ab7928710d46014476dfe4d9b55c661a Size: 46.8 KB (46800 bytes) Detections: 1 Type: System file Path: \??\C:\Program Files\Common Files\PastaLeads\PastaLeads Client Group: Malware file Last Updated: July 1, 2015
22.	pastaldrw.sys	6865b80ce2adb22cd3d62f045f794047	1
Name: pastaldrw.sys MD5: 6865b80ce2adb22cd3d62f045f794047 Size: 61.9 KB (61904 bytes) Detections: 1 Type: System file Path: \??\C:\Program Files\Common Files\PastaLeads\PastaLeads Client Group: Malware file Last Updated: July 1, 2015
23.	pastaldrw.sys	f58abd9d1a75d2e94f87e6995d6236eb	1
Name: pastaldrw.sys MD5: f58abd9d1a75d2e94f87e6995d6236eb Size: 61.9 KB (61904 bytes) Detections: 1 Type: System file Path: \??\C:\Program Files\Common Files\PastaLeads\PastaLeads Client Group: Malware file Last Updated: July 1, 2015
24.	pastaldrw.sys	c2a105d037800aab6a2b565f505eb267	1
Name: pastaldrw.sys MD5: c2a105d037800aab6a2b565f505eb267 Size: 61.9 KB (61904 bytes) Detections: 1 Type: System file Path: \??\C:\Program Files\Common Files\PastaLeads\PastaLeads Client Group: Malware file Last Updated: July 1, 2015
25.	pastaldrw.sys	6b27369b095848436c2f08f2c0f4106f	1
Name: pastaldrw.sys MD5: 6b27369b095848436c2f08f2c0f4106f Size: 46.76 KB (46768 bytes) Detections: 1 Type: System file Path: \??\C:\Program Files\Common Files\PastaLeads\PastaLeads Client Group: Malware file Last Updated: July 1, 2015
26.	HtmlAgilityPack.dll
Name: HtmlAgilityPack.dll Type: Dynamic link library Group: Malware file
27.	Newtonsoft.Json.dll
Name: Newtonsoft.Json.dll Type: Dynamic link library Group: Malware file
28.	RestSharp.dll
Name: RestSharp.dll Type: Dynamic link library Group: Malware file
29.	uninstall.exe
Name: uninstall.exe Type: Executable File Group: Malware file

Registry Details

Adware.PastaQuotes may create the following registry entry or registry entries:

File name without path

http_nps.pastaleads.com_0.localstorage

http_nps.pastaleads.com_0.localstorage-journal

https_nps.pastaleads.com_0.localstorage

https_nps.pastaleads.com_0.localstorage-journal

nps.pastaleads[1].xml

Regexp file mask

%windir%\system32\tasks\PastaLeads

HKEY..\..\..\..{RegistryKeys}

SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\nps.pastaleads.com

SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\pastaleads.com

SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\nps.pastaleads.com

SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\pastaleads.com

Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\Program Files (x86)\pastaleads\PastaLeadsService.exe

Software\Microsoft\Internet Explorer\DOMStorage\nps.pastaleads.com

Software\Microsoft\Internet Explorer\DOMStorage\pastaleads.com

SOFTWARE\Microsoft\Tracing\PastaLeadsApplication_RASAPI32

SOFTWARE\Microsoft\Tracing\PastaLeadsApplication_RASMANCS

SOFTWARE\Microsoft\Tracing\PastaLeadsService_RASAPI32

SOFTWARE\Microsoft\Tracing\PastaLeadsService_RASMANCS

SOFTWARE\Microsoft\Tracing\PastaLeadsSetup_AE_P_1_RASAPI32

SOFTWARE\Microsoft\Tracing\PastaLeadsSetup_AE_P_1_RASMANCS

SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PastaLeads

SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PastaQuotes

SOFTWARE\NpApp

SOFTWARE\PastaLeadsAgent

SOFTWARE\Wow6432Node\Microsoft\Tracing\PastaLeadsApplication_RASAPI32

SOFTWARE\Wow6432Node\Microsoft\Tracing\PastaLeadsApplication_RASMANCS

SOFTWARE\Wow6432Node\Microsoft\Tracing\PastaLeadsService_RASAPI32

SOFTWARE\Wow6432Node\Microsoft\Tracing\PastaLeadsService_RASMANCS

SOFTWARE\Wow6432Node\Microsoft\Tracing\PastaLeadsSetup_AE_P_1_RASAPI32

SOFTWARE\Wow6432Node\NpApp

SOFTWARE\Wow6432Node\PastaLeadsAgent

SYSTEM\ControlSet001\Enum\Root\LEGACY_PASTALUPDD

SYSTEM\ControlSet001\services\eventlog\Application\pastaleadsServiceCore

SYSTEM\ControlSet001\services\eventlog\Application\PastaLeadsUpdaterService

SYSTEM\ControlSet001\services\eventlog\pastaleadsServiceLog

SYSTEM\ControlSet001\services\eventlog\pastaleadsServiceLog\pastaleadsServiceLog

SYSTEM\ControlSet001\services\eventlog\pastaleadsServiceLog\pastaleadsServiceSource

SYSTEM\ControlSet001\services\pastaleadsServiceCore

SYSTEM\ControlSet001\services\pastaleadsupd

SYSTEM\ControlSet001\services\PastaLeadsUpdaterService

SYSTEM\ControlSet001\services\PastaLUpdd

SYSTEM\ControlSet002\Enum\Root\LEGACY_PASTALUPDD

SYSTEM\ControlSet002\services\eventlog\Application\PastaLeadsUpdaterService

SYSTEM\ControlSet002\services\pastaleadsupd

SYSTEM\ControlSet002\services\PastaLeadsUpdaterService

SYSTEM\ControlSet002\services\PastaLUpdd

SYSTEM\CurrentControlSet\Enum\Root\LEGACY_PASTALUPDD

SYSTEM\CurrentControlSet\services\eventlog\Application\pastaleadsServiceCore

SYSTEM\CurrentControlSet\services\eventlog\Application\PastaLeadsUpdaterService

SYSTEM\CurrentControlSet\services\eventlog\pastaleadsServiceLog

SYSTEM\CurrentControlSet\services\eventlog\pastaleadsServiceLog\pastaleadsServiceLog

SYSTEM\CurrentControlSet\services\eventlog\pastaleadsServiceLog\pastaleadsServiceSource

SYSTEM\CurrentControlSet\services\pastaleadsServiceCore

SYSTEM\CurrentControlSet\services\pastaleadsupd

SYSTEM\CurrentControlSet\services\PastaLeadsUpdaterService

SYSTEM\CurrentControlSet\services\PastaLUpdd

HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}

pastaleads

PastaLeads Client

Directories

Adware.PastaQuotes may create the following directory or directories:

%ALLUSERSPROFILE%\PastaLeadsAgent

%ALLUSERSPROFILE%\pastaleads

%PROGRAMFILES%\Common Files\PastaLeads

%PROGRAMFILES%\pastaleads

%PROGRAMFILES(x86)%\Common Files\PastaLeads

%PROGRAMFILES(x86)%\pastaleads

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Adware.PastaQuotes

Threat Scorecard

EnigmaSoft Threat Scorecard

How PastaLeads/PastaQuotes is Used

How PastaLeads/PastaQuotes is Installed on a Computer

SpyHunter Detects & Remove Adware.PastaQuotes

File System Details

Registry Details

Directories

Submit Comment

Trending

'YouPorn' Email Scam

Safe Search Eng

Findtheirreport.com

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen