# ------------------------------- # Malwarebytes AdwCleaner 8.0.5.0 # ------------------------------- # Build: 05-25-2020 # Database: 2020-06-12.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 06-12-2020 # Duration: 00:01:26 # OS: Windows 10 Home # Scanned: 31820 # Detected: 132 ***** [ Services ] ***** PUP.Optional.Assistant Amazon Assistant Service ***** [ Folders ] ***** Adware.pokki C:\Users\Default\AppData\Local\Host App Service Adware.pokki C:\Users\Public\App Explorer Adware.pokki C:\Users\Public\Pokki Adware.pokki C:\Users\gary_\AppData\Local\Host App Service Adware.pokki C:\Windows\ServiceProfiles\LocalService\AppData\Local\Host App Service Adware.pokki C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Host App Service PUP.Optional.AdvancedSystemCare C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare PUP.Optional.AdvancedSystemCare C:\Program Files (x86)\IObit\Advanced SystemCare PUP.Optional.AdvancedSystemCare C:\ProgramData\IObit\Advanced SystemCare PUP.Optional.AdvancedSystemCare C:\Users\gary_\AppData\LocalLow\IObit\Advanced SystemCare PUP.Optional.AdvancedSystemCare C:\Users\gary_\AppData\Roaming\IObit\Advanced SystemCare PUP.Optional.AdvancedSystemCare C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare PUP.Optional.AmazonAssistant C:\Program Files (x86)\Amazon\Amazon Assistant PUP.Optional.Legacy C:\Program Files (x86)\Yahoo!\yset PUP.Optional.Legacy C:\Program Files\WinZip\WinZip Smart Monitor PUP.Optional.Legacy C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare PUP.Optional.Legacy C:\Users\gary_\AppData\Local\YSearchUtil ***** [ Files ] ***** Adware.pokki C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk Adware.pokki C:\Windows\System32\Tasks_Migrated\App Explorer PUP.Optional.Assistant C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AmazonAssistant.lnk PUP.Optional.Assistant C:\Users\gary_\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonAssistant.lnk PUP.Optional.Legacy C:\END ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** Adware.pokki C:\Windows\System32\Tasks\APP EXPLORER PUP.Optional.Legacy C:\Windows\System32\Tasks\DRIVER BOOSTER SCHEDULER ***** [ Registry ] ***** Adware.pokki HKCU\Software\App Host Service Adware.pokki HKCU\Software\Host App Service Adware.pokki HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service Adware.pokki HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EDAF48D7-460B-43DD-9D53-F28E8299F888} Adware.pokki HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer PUP.Optional.AdvancedSystemCare HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Advanced SystemCare 11 PUP.Optional.AdvancedSystemCare HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare PUP.Optional.AdvancedSystemCare HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare PUP.Optional.AdvancedSystemCare HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare PUP.Optional.AdvancedSystemCare HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Advanced SystemCare PUP.Optional.AdvancedSystemCare HKLM\Software\Classes\CLSID\{2803063F-4B8D-4dc6-8874-D1802487FE2D} PUP.Optional.AdvancedSystemCare HKLM\Software\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99} PUP.Optional.AdvancedSystemCare HKLM\Software\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B} PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IOBIT\ASC PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IObit\Advanced SystemCare PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IObit\RealTimeProtector PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99} PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B} PUP.Optional.Amazon1Button HKCU\Software\Classes\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp PUP.Optional.AmazonAssistant HKCU\Software\AppDataLow\Software\Amazon\AmazonAssistant PUP.Optional.AmazonAssistant HKLM\SYSTEM\Setup\FirstBoot\Services\Amazon Assistant Service PUP.Optional.AmazonAssistant HKLM\Software\Classes\AppID\{F18AE3C4-D2AD-42AC-9282-509DCF035D06} PUP.Optional.AmazonAssistant HKLM\Software\Classes\CLSID\{7B28BD81-CC45-4ADB-A043-12E35A15C402} PUP.Optional.AmazonAssistant HKLM\Software\Classes\Interface\{3268A00F-D329-42E1-ABF0-E78D5656BA2A} PUP.Optional.AmazonAssistant HKLM\Software\Classes\Interface\{571139B2-8D93-4B29-9AA9-496EF27D6AF8} PUP.Optional.AmazonAssistant HKLM\Software\Classes\TypeLib\{55B621F9-BAE8-4CF7-9D76-1DB25CD95850} PUP.Optional.AmazonAssistant HKLM\Software\Classes\TypeLib\{E6AB05A4-A387-4083-91A5-E89A8DCEEBC0} PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\Amazon\AmazonAssistant PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\AppDataLow\Software\Amazon\AmazonAssistant PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\Classes\AppID\{F18AE3C4-D2AD-42AC-9282-509DCF035D06} PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\Classes\CLSID\{7B28BD81-CC45-4ADB-A043-12E35A15C402} PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\Classes\TypeLib\{55B621F9-BAE8-4CF7-9D76-1DB25CD95850} PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\Classes\TypeLib\{E6AB05A4-A387-4083-91A5-E89A8DCEEBC0} PUP.Optional.AmazonAssistant HKU\.DEFAULT\Software\AppDataLow\Software\Amazon\AmazonAssistant PUP.Optional.AmazonAssistant HKU\S-1-5-18\Software\AppDataLow\Software\Amazon\AmazonAssistant PUP.Optional.Assistant HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0ddcea2a-7b00-4349-8acb-af7ba6da251f} PUP.Optional.Assistant HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0ddcea2a-7b00-4349-8acb-af7ba6da251f} PUP.Optional.Assistant HKLM\Software\Classes\CLSID\{0ddcea2a-7b00-4349-8acb-af7ba6da251f} PUP.Optional.Assistant HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ddcea2a-7b00-4349-8acb-af7ba6da251f} PUP.Optional.Assistant HKLM\Software\Wow6432Node\\Classes\CLSID\{0ddcea2a-7b00-4349-8acb-af7ba6da251f} PUP.Optional.Assistant HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ddcea2a-7b00-4349-8acb-af7ba6da251f} PUP.Optional.Assistant HKLM\System\CurrentControlSet\Services\EventLog\Application\Amazon Assistant Service PUP.Optional.InstallCore HKCU\Software\csastats PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\DOMStorage\amazonbrowserapp.com PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\DOMStorage\analytics.app.amazonbrowserapp.com PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\DOMStorage\titan.service.amazonbrowserapp.com PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\amazonbrowserapp.com PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\analytics.app.amazonbrowserapp.com PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE} PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E5089E0B-08DD-427B-87E1-A941DCD2512E} PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769} PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769} PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Advanced SystemCare_is1 PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! SearchSet ***** [ Chromium (and derivatives) ] ***** PUP.Optional.MySearch agennijjodhgacjmeiejplcfeblnikhd ***** [ Chromium URLs ] ***** No malicious Chromium URLs found. ***** [ Firefox (and derivatives) ] ***** PUP.Optional.Legacy Search and New Tab by Yahoo - jid1-16aeif9OQIRKxA@jetpack ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. ***** [ Hosts File Entries ] ***** No malicious hosts file entries found. ***** [ Preinstalled Software ] ***** Preinstalled.AppPlaceforToshiba Folder C:\Program Files (x86)\TOSHIBA\APPPLACE Preinstalled.AppPlaceforToshiba Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\App Place for Toshiba Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A} Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{B46BEA36-0B71-4A4E-AE41-87241643FA0A} Preinstalled.TOSHIBAPasswordUtility Folder C:\Program Files\TOSHIBA\PASSWORDUTILITY Preinstalled.TOSHIBAPasswordUtility Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26BB68BB-CF93-4A12-BC6D-A3B6F53AC8D9} Preinstalled.TOSHIBAPasswordUtility Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{26BB68BB-CF93-4A12-BC6D-A3B6F53AC8D9} Preinstalled.TOSHIBAQualityApplication Folder C:\Program Files (x86)\TOSHIBA\TOSHIBAFB Preinstalled.TOSHIBAQualityApplication Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{716C8275-A4A9-48CB-88C0-9829334CA3C5} Preinstalled.TOSHIBAQualityApplication Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{716C8275-A4A9-48CB-88C0-9829334CA3C5} Preinstalled.TOSHIBARegistration Folder C:\Program Files (x86)\TOSHIBA\TOSHIBAREGISTRATION Preinstalled.TOSHIBARegistration Folder C:\ProgramData\TOSHIBA\TOSHIBAREGISTRATION Preinstalled.TOSHIBARegistration Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{5AF550B4-BB67-4E7E-82F1-2C4300279050} Preinstalled.TOSHIBASystemSettings Folder C:\Program Files\TOSHIBA\SYSTEM SETTING Preinstalled.TOSHIBASystemSettings Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|TCrdMain Preinstalled.TOSHIBASystemSettings Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|TCrdMain Preinstalled.TOSHIBASystemSettings Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B040D5C9-C9AA-430A-A44E-696656012E61} Preinstalled.TOSHIBAUser'sGuide Folder C:\Program Files (x86)\TOSHIBA\DOCUMENTATION Preinstalled.TOSHIBAUser'sGuide Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{3384E1D9-3F18-4A98-8655-180FEF0DFC02} Preinstalled.TOSHIBAUtilities Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\UTILITIES Preinstalled.ToshibaWildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-toshiba-genres Preinstalled.ToshibaWildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-toshiba-main Preinstalled.WildTangentGamesBundle File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - toshiba.lnk Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\12 LABOURS OF HERCULES III GIRL POWER Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\AZKEND 2 THE WORLD BENEATH Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\BUILDING THE GREAT WALL OF CHINA COLLECTORS EDITION Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\DELICIOUS - EMILYS WONDER WEDDING PREMIUM EDITION Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\FAMILY VACATION 2 ROAD TRIP Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\HOME MAKEOVER Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\JEWEL MATCH SNOWSCAPES Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\PLAGIARII Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\POLAR BOWLER 1ST FRAME Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\RUNEFALL Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES\APP Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES\SHORTCUTPROVIDER Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES\TOUCHPOINTS\TOSHIBA Preinstalled.WildTangentGamesBundle Registry HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6} Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6} Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6} Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-toshiba-spartawarofempires Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-toshiba-touch Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-toshiba Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{80831F60-19D7-43B3-A60C-5CAF8C478DF6} Preinstalled.WildTangentGamesBundle Registry HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6} Preinstalled.WildTangentGamesBundle Registry HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6} ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########