Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 6/12/20 Scan Time: 11:43 AM Log File: d5bb448e-accb-11ea-8629-54ab3a3b6700.json -Software Information- Version: 4.1.0.56 Components Version: 1.0.931 Update Package Version: 1.0.25438 License: Trial -System Information- OS: Windows 10 (Build 18362.836) CPU: x64 File System: NTFS User: LAPTOP-D7R02BVQ\gary_ -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 370407 Threats Detected: 94 Threats Quarantined: 94 Time Elapsed: 36 min, 36 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 3 PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\MONITOR.EXE, Quarantined, 3833, 398206, , , , PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\ASCSERVICE.EXE, Quarantined, 3833, 380352, , , , PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\ASC.EXE, Quarantined, 3833, 396386, , , , Module: 5 PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\MONITOR.EXE, Quarantined, 3833, 398206, , , , PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\ASCSERVICE.EXE, Quarantined, 3833, 380352, , , , PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\OFCOMMON.DLL, Quarantined, 3833, 396386, , , , PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\OFCOMMON.DLL, Quarantined, 3833, 396386, , , , PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\ASC.EXE, Quarantined, 3833, 396386, , , , Registry Key: 42 PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ASC11_PerformanceMonitor, Quarantined, 3833, 380341, , , , PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{102C2FBF-6020-455C-A36E-60EDCA79DE84}, Quarantined, 3833, 380341, , , , PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{102C2FBF-6020-455C-A36E-60EDCA79DE84}, Quarantined, 3833, 380341, , , , PUP.Optional.SearchManager, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, Quarantined, 433, 260991, , , , PUP.Optional.SearchManager, HKU\S-1-5-21-369767717-942642580-508085590-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, Quarantined, 433, 260991, , , , PUP.Optional.SearchManager, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, Quarantined, 433, 260991, 1.0.25438, , ame, PUP.Optional.AmazonBrowserSettings, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\DistromaticSearchProtect-hourly, Quarantined, 2083, 312600, , , , PUP.Optional.AmazonBrowserSettings, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{027F2CB8-3EDE-414E-876E-A68E2EC693F3}, Quarantined, 2083, 312600, , , , PUP.Optional.AmazonBrowserSettings, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{027F2CB8-3EDE-414E-876E-A68E2EC693F3}, Quarantined, 2083, 312600, , , , PUP.Optional.AmazonBrowserSettings, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\DistromaticSearchProtect-logon, Quarantined, 2083, 312600, , , , PUP.Optional.AmazonBrowserSettings, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{AE9353D2-EAF5-4AE7-BB00-2FBBAA6C38A4}, Quarantined, 2083, 312600, , , , PUP.Optional.AmazonBrowserSettings, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{AE9353D2-EAF5-4AE7-BB00-2FBBAA6C38A4}, Quarantined, 2083, 312600, , , , PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ASC11_SkipUac_gary_, Quarantined, 3833, 380341, , , , PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{8AD34752-5522-4BBF-8A93-EEB4FCC71FFC}, Quarantined, 3833, 380341, , , , PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{8AD34752-5522-4BBF-8A93-EEB4FCC71FFC}, Quarantined, 3833, 380341, , , , PUP.Optional.AmazonBrowserSettings, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\DistromaticUpdater-logon, Quarantined, 2083, 312600, , , , PUP.Optional.AmazonBrowserSettings, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{9112DEC5-495B-40C8-B1F3-D40BBB4E4DAE}, Quarantined, 2083, 312600, , , , PUP.Optional.AmazonBrowserSettings, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{9112DEC5-495B-40C8-B1F3-D40BBB4E4DAE}, Quarantined, 2083, 312600, , , , PUP.Optional.AmazonBrowserSettings, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\DistromaticUpdater-periodic, Quarantined, 2083, 312600, , , , PUP.Optional.AmazonBrowserSettings, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{352A67B1-E189-48C0-A661-E95B096CDFA8}, Quarantined, 2083, 312600, , , , PUP.Optional.AmazonBrowserSettings, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{352A67B1-E189-48C0-A661-E95B096CDFA8}, Quarantined, 2083, 312600, , , , PUP.Optional.WinYahoo, HKU\S-1-5-21-369767717-942642580-508085590-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{61275CAF-F619-42F8-812A-7F530A7F7DEC}, Quarantined, 240, 247049, , , , PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{61275CAF-F619-42F8-812A-7F530A7F7DEC}, Quarantined, 240, 247049, , , , PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{61275CAF-F619-42F8-812A-7F530A7F7DEC}, Quarantined, 240, 247049, 1.0.25438, , ame, PUP.Optional.AdvancedSystemCare, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IOBIT_MONITOR_SERVER, Quarantined, 3833, 580520, 1.0.25438, , ame, PUP.Optional.AmazonBrowserSettings, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Amazon Assistant, Quarantined, 2083, 312594, , , , PUP.Optional.Amazon1Button, HKLM\SOFTWARE\CLASSES\APPID\Amazon1ButtonBrowserHelper.dll, Quarantined, 3198, 468987, 1.0.25438, , ame, PUP.Optional.Amazon1Button, HKLM\SOFTWARE\CLASSES\APPID\Amazon1ButtonRuntime.dll, Quarantined, 3198, 468987, 1.0.25438, , ame, PUP.Optional.Amazon1Button, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\Amazon1ButtonBrowserHelper.dll, Quarantined, 3198, 468987, 1.0.25438, , ame, PUP.Optional.Amazon1Button, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\Amazon1ButtonRuntime.dll, Quarantined, 3198, 468987, 1.0.25438, , ame, PUP.Optional.Amazon1Button, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\Amazon1ButtonBrowserHelper.dll, Quarantined, 3198, 468987, 1.0.25438, , ame, PUP.Optional.Amazon1Button, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\Amazon1ButtonRuntime.dll, Quarantined, 3198, 468987, 1.0.25438, , ame, PUP.Optional.Amazon1Button, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp, Quarantined, 3198, 441167, 1.0.25438, , ame, PUP.Optional.Distromatic, HKU\S-1-5-21-369767717-942642580-508085590-1001\SOFTWARE\Distromatic, Quarantined, 6493, 359638, 1.0.25438, , ame, PUP.Optional.InstallCore, HKU\S-1-5-21-369767717-942642580-508085590-1001\SOFTWARE\PRODUCTSETUP, Quarantined, 500, 481004, 1.0.25438, , ame, PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0CE02FFA-A6B0-46F6-BA2F-BD32C3630126}, Quarantined, 240, 247047, , , , PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0CE02FFA-A6B0-46F6-BA2F-BD32C3630126}, Quarantined, 240, 247047, , , , PUP.Optional.WinYahoo, HKU\S-1-5-21-369767717-942642580-508085590-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0CE02FFA-A6B0-46F6-BA2F-BD32C3630126}, Quarantined, 240, 247047, 1.0.25438, , ame, PUP.Optional.Amazon1Button, HKU\S-1-5-21-369767717-942642580-508085590-1001\SOFTWARE\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp, Quarantined, 3198, 441167, 1.0.25438, , ame, PUP.Optional.InstallCore, HKU\S-1-5-21-369767717-942642580-508085590-1001\SOFTWARE\CSASTATS\ic, Quarantined, 500, 586068, 1.0.25438, , ame, PUP.Optional.Amazon1Button, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp, Quarantined, 3198, 441168, 1.0.25438, , ame, PUP.Optional.AdvancedSystemCare, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AdvancedSystemCareService11, Quarantined, 3833, 380352, 1.0.25438, , ame, Registry Value: 10 PUP.Optional.SearchManager, HKU\S-1-5-21-369767717-942642580-508085590-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, Quarantined, 433, 260991, , , , PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{61275CAF-F619-42F8-812A-7F530A7F7DEC}|URL, Quarantined, 240, 247049, 1.0.25438, , ame, PUP.Optional.AdvancedSystemCare, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IOBIT_MONITOR_SERVER|IMAGEPATH, Quarantined, 3833, 580520, 1.0.25438, , ame, PUP.Optional.InstallCore, HKU\S-1-5-21-369767717-942642580-508085590-1001\SOFTWARE\PRODUCTSETUP|TB, Quarantined, 500, 481004, 1.0.25438, , ame, PUP.Optional.WinYahoo, HKU\S-1-5-21-369767717-942642580-508085590-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0CE02FFA-A6B0-46F6-BA2F-BD32C3630126}|URL, Quarantined, 240, 247047, 1.0.25438, , ame, PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{61275CAF-F619-42F8-812A-7F530A7F7DEC}|URL, Quarantined, 240, 247049, 1.0.25438, , ame, PUP.Optional.AmazonBrowserSettings, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{027F2CB8-3EDE-414E-876E-A68E2EC693F3}|PATH, Quarantined, 2083, 312598, 1.0.25438, , ame, PUP.Optional.AmazonBrowserSettings, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{352A67B1-E189-48C0-A661-E95B096CDFA8}|PATH, Quarantined, 2083, 312598, 1.0.25438, , ame, PUP.Optional.AmazonBrowserSettings, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{9112DEC5-495B-40C8-B1F3-D40BBB4E4DAE}|PATH, Quarantined, 2083, 312598, 1.0.25438, , ame, PUP.Optional.AmazonBrowserSettings, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{AE9353D2-EAF5-4AE7-BB00-2FBBAA6C38A4}|PATH, Quarantined, 2083, 312598, 1.0.25438, , ame, Registry Data: 1 PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Replaced, 240, 293458, 1.0.25438, , ame, Data Stream: 0 (No malicious items detected) Folder: 3 PUP.Optional.SearchManager, C:\USERS\GARY_\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Extensions\PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, Quarantined, 433, 260991, , , , PUP.Optional.AmazonBrowserSettings, C:\PROGRAM FILES (X86)\AMAZON BROWSER SETTINGS, Quarantined, 2083, 312594, 1.0.25438, , ame, PUP.Optional.AmazonBrowserSettings, C:\USERS\GARY_\APPDATA\LOCAL\AMAZON BROWSER SETTINGS, Quarantined, 2083, 312595, 1.0.25438, , ame, File: 30 PUP.Optional.AdvancedSystemCare, C:\WINDOWS\SYSTEM32\TASKS\ASC11_PerformanceMonitor, Quarantined, 3833, 380341, 1.0.25438, , ame, PUP.Optional.SearchManager, C:\USERS\GARY_\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, 433, 260991, , , , PUP.Optional.SearchManager, C:\USERS\GARY_\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Replaced, 433, 260991, , , , PUP.Optional.AmazonBrowserSettings, C:\WINDOWS\SYSTEM32\TASKS\DistromaticSearchProtect-hourly, Quarantined, 2083, 312600, 1.0.25438, , ame, PUP.Optional.AmazonBrowserSettings, C:\WINDOWS\SYSTEM32\TASKS\DistromaticSearchProtect-logon, Quarantined, 2083, 312600, 1.0.25438, , ame, PUP.Optional.AdvancedSystemCare, C:\WINDOWS\SYSTEM32\TASKS\ASC11_SkipUac_gary_, Quarantined, 3833, 380341, 1.0.25438, , ame, PUP.Optional.AmazonBrowserSettings, C:\WINDOWS\SYSTEM32\TASKS\DistromaticUpdater-logon, Quarantined, 2083, 312600, 1.0.25438, , ame, PUP.Optional.AmazonBrowserSettings, C:\WINDOWS\SYSTEM32\TASKS\DistromaticUpdater-periodic, Quarantined, 2083, 312600, 1.0.25438, , ame, PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\MONITOR.EXE, Quarantined, 3833, 398206, 1.0.25438, , ame, PUP.Optional.SearchManager, C:\USERS\GARY_\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\chrome-extension_pilplloabdedfmialnfchjomjmpjcoej_0.localstorage, Quarantined, 433, 453138, 1.0.25438, , ame, PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\DRIVERS\MONITOR_WIN10_X64.SYS, Quarantined, 3833, 580520, , , , PUP.Optional.AmazonBrowserSettings, C:\Program Files (x86)\Amazon Browser Settings\AmznSearchProtect.exe, Quarantined, 2083, 312594, , , , PUP.Optional.AmazonBrowserSettings, C:\Program Files (x86)\Amazon Browser Settings\installer.json, Quarantined, 2083, 312594, , , , PUP.Optional.AmazonBrowserSettings, C:\Program Files (x86)\Amazon Browser Settings\uninstall.ico, Quarantined, 2083, 312594, , , , PUP.Optional.AmazonBrowserSettings, C:\Program Files (x86)\Amazon Browser Settings\uninstall.json, Quarantined, 2083, 312594, , , , PUP.Optional.AmazonBrowserSettings, C:\Program Files (x86)\Amazon Browser Settings\uninstaller.exe, Quarantined, 2083, 312594, , , , PUP.Optional.AmazonBrowserSettings, C:\Program Files (x86)\Amazon Browser Settings\updater.exe, Quarantined, 2083, 312594, , , , PUP.Optional.AmazonBrowserSettings, C:\Users\gary_\AppData\Local\Amazon Browser Settings\protect.json, Quarantined, 2083, 312595, , , , PUP.Optional.Amazon1Button, C:\USERS\GARY_\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RNMUGTD.DEFAULT\EXTENSIONS\ABB@AMAZON.COM.XPI, Quarantined, 3198, 493346, 1.0.25438, , ame, PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\ASCSERVICE.EXE, Quarantined, 3833, 380352, , , , PUP.Optional.WinYahoo, C:\USERS\GARY_\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RNMUGTD.DEFAULT\PREFS.JS, Replaced, 240, 303297, 1.0.25438, , ame, PUP.Optional.SearchManager.BITSRST, C:\USERS\GARY_\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ\10.1.4.80_0\MANIFEST.JSON, Quarantined, 283, 626728, 1.0.25438, , ame, PUP.Optional.SearchManager.BITSRST, C:\USERS\GARY_\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ\10.1.4.80_0\RESPONSECONFIG.JSON, Quarantined, 283, 626727, 1.0.25438, , ame, PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\OFCOMMON.DLL, Quarantined, 3833, 396386, 1.0.25438, , ame, PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\ASC.EXE, Quarantined, 3833, 396386, 1.0.25438, , ame, PUP.Optional.OpenCandy, C:\USERS\GARY_\APPDATA\ROAMING\UTORRENT\UPDATES\3.4.2_39744.EXE, Quarantined, 1248, 747337, 1.0.25438, , ame, HackTool.FilePatch, C:\PROGRAM FILES\DAEMON TOOLS PRO\2.EXE, Quarantined, 7523, 281135, 1.0.25438, 31FCE1AC93A108AAF20C3501, dds, 00761268 PUP.Optional.GameHack, C:\PROGRAM FILES (X86)\CHEAT ENGINE 6.5.1\STANDALONEPHASE1.DAT, Quarantined, 7919, 393793, 1.0.25438, , ame, PUP.Optional.SearchManager.BITSRST, C:\USERS\GARY_\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, 283, 628563, 1.0.25438, , ame, PUP.Optional.SearchManager.BITSRST, C:\USERS\GARY_\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, 283, 626729, 1.0.25438, , ame, Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end)