# AdwCleaner 7.0.8.0 - Logfile created on Mon Feb 26 16:14:43 2018 # Updated on 2018/08/02 by Malwarebytes # Database: 02-26-2018.1 # Running on Windows 10 Home (X64) # Mode: scan # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** PUP.Optional.Legacy, C:\Users\eliot\AppData\Roaming\cacaoweb PUP.Optional.BitCoinMiner, C:\Program Files\minergate PUP.Optional.BitCoinMiner, C:\Users\eliot\AppData\Local\minergate PUP.Optional.PCCleanerPro, C:\Users\eliot\AppData\Roaming\PRO PC Cleaner PUP.Optional.PCCleanerPro, C:\Users\eliot\AppData\Local\PRO_PC_Cleaner ***** [ Files ] ***** PUP.Optional.Legacy, C:\Users\eliot\Downloads\cacaoweb.exe PUP.Optional.Legacy, C:\Users\eliot\Desktop\cacaoweb.exe PUP.Optional.Legacy, C:\END PUP.Optional.Assistant, C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonAssistant.lnk PUP.Optional.Assistant, C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonAssistant.lnk ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\amazonbrowserapp.com PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\analytics.app.amazonbrowserapp.com PUP.Optional.Legacy, [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{8F782E5B-628F-400E-8BD2-E317400C8E38}C:\users\eliot\appdata\roaming\cacaoweb\cacaoweb.exe PUP.Optional.Legacy, [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{7A403022-D760-4514-8DDA-54B20EF3F983}C:\users\eliot\appdata\roaming\cacaoweb\cacaoweb.exe PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-2859240256-1174380967-1921194399-1001\Software\distromatic PUP.Optional.Legacy, [Key] - HKCU\Software\distromatic PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-2859240256-1174380967-1921194399-1001\Software\cacaoweb PUP.Optional.Legacy, [Key] - HKCU\Software\cacaoweb PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C PUP.Optional.Legacy, [Value] - HKU\S-1-5-21-2859240256-1174380967-1921194399-1001\Software\Microsoft\Windows\CurrentVersion\Run | cacaoweb PUP.Optional.Legacy, [Value] - HKU\S-1-5-21-2859240256-1174380967-1921194399-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run | cacaoweb PUP.Optional.Legacy, [Value] - HKCU\Software\Microsoft\Windows\CurrentVersion\Run | cacaoweb PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\Amazon1ButtonBrowserHelper.dll PUP.Optional.Amazon1Button, [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION | Amazon1ButtonTaskbarApp.exe PUP.Optional.Amazon1Button, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders | c:\Program Files (x86)\Amazon\Amazon1ButtonApp\ PUP.Optional.ByteFence, [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION | ByteFence.exe PUP.Optional.ByteFence, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence PUP.Optional.PCCleanerPro, [Key] - HKU\S-1-5-21-2859240256-1174380967-1921194399-1001\Software\PROPCCleanerLanguage PUP.Optional.PCCleanerPro, [Key] - HKCU\Software\PROPCCleanerLanguage PUP.Optional.PCCleanerPro, [Key] - HKLM\SOFTWARE\PRO PC Cleaner PUP.Optional.InstallCore, [Key] - HKU\S-1-5-21-2859240256-1174380967-1921194399-1001\Software\csastats PUP.Optional.InstallCore, [Key] - HKCU\Software\csastats PUP.Optional.ProductSetup.A, [Key] - HKU\S-1-5-21-2859240256-1174380967-1921194399-1001\Software\PRODUCTSETUP PUP.Optional.ProductSetup.A, [Key] - HKCU\Software\PRODUCTSETUP PUP.Optional.Assistant, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ddcea2a-7b00-4349-8acb-af7ba6da251f} PUP.Optional.Assistant, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application PUP.Optional.Assistant, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application ***** [ Firefox (and derivatives) ] ***** PUP.Optional.CacaoWeb, Plugin found: cacaoweb - http://www.cacaoweb.org/ ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries. ************************* ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########