Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't remove Pro PC Cleaner


  • Please log in to reply
11 replies to this topic

#1 Twinmum

Twinmum

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:25 PM

Posted 21 December 2014 - 03:07 AM

Hi. I have a problem (of course I have, that's why I'm here to ask someone who knows what they are doing lol).  My daughter mentioned that her AVG had popped up that she was no longer protected, so I said i would fix it. I did a search for AVG free and I think I may have originally clicked the wrong "start download" button. I installed what I thought was AVG but during the install procedure it asked for a serial number and wouldn't let me proceed without one. I went back and searched again for AVG free and downloaded the correct file. On installing this, it told me there was a newer version already installed and that I should remove that first if I wanted to install this version. I went to uninstall the first download and it came up and asked if I wanted to switch to the free version instead so I said yes and it installed. However, since the installation, her computer has had a few strange add-ons in her browser (but we were able to deactivate and remove them) plus something that pops up claiming to be Pro PC Cleaner. It says she has x amount of threats and she should click here to remove them (we didn't click to remove them though). We have tried to remove this Pro PC Cleaner through the remove program option in the control panel but it never actually goes.

 

 

She is running Window 7

 

 

She has also noted that she is getting strange pop ups. I'm not sure if it's related, I really just want to concentrate on the Pro PC Cleaner thing first, but this is a screenshot of the latest pop up - she was watching something on you-tube and for no reason, a new tab opened up with this:

 

 

Thanks in advance,

Norma

 

4a34c63e5fa9d868ba49d9ab9389d49e.png



BC AdBot (Login to Remove)

 


#2 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 21 December 2014 - 04:13 AM

Hello there     :welcome:
 
Welcome to Bleeping Computer, I'm LighthouseParty. Let's run a couple of scans to see what could be causing this.
 
:step1: Please download MiniToolBox to your desktop

  • Double click MiniToolBox.
  • Select the following and then press go.
  • Post the log in your next reply.

Flush DNS
Reset IE Proxy Settings
Reset FF Proxy Settings
List Installed Programs
List Restore Points
 
:step2: Please download Malwarebytes Anti-Malware to your desktop

  • Double click mbam-setup-x.x.x.xxxx and follow the on-screen instructions.
  • On the dashboard, click update now.
  • After that, click scan now - the scan will now begin.
  • When the scan's completed, select apply actions - make sure the action is quarantine.
  • Restart your computer.

How to get the log.

  • On the dashboard, select the history tab and click application logs.
  • Select the log which has the time and date of when you did the scan.
  • Click copy to clipboard and paste it into your reply.

:step3: Please download Security Check to your desktop

  • Double click SecurityCheck and follow the on-screen instructions.
  • A log should open, called checkup.txt.
  • Please post the contents of it in your next reply.

:step4: Non-malware removal steps
 
Run System File Checker - http://support.microsoft.com/KB/929833
Run Disk Check - http://support.microsoft.com/kb/2641432
Run Disk Cleanup - http://windows.microsoft.com/en-gb/windows/delete-files-using-disk-cleanup

Thanks and good luck!



#3 Twinmum

Twinmum
  • Topic Starter

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Gender:Female

Posted 21 December 2014 - 07:12 AM

Thanks LighthouseParty for taking the time to help us

 

 

 

MiniToolBox by Farbar  Version: 30-11-2014
Ran by Ashlee (administrator) on 21-12-2014 at 21:26:53
Running from "C:\Users\Ashlee\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

"Reset FF Proxy Settings": Firefox Proxy settings were reset.



@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.28 - GIGABYTE)
=========================== Installed Programs ============================
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 15.0.0.356 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.7.1.418 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Professional CC 2014 (HKLM-x32\...\{AA704223-E11C-11E3-8A38-C09A633B72AF}) (Version: 14.0.1 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.0.0 - Adobe Systems Incorporated)
Adobe Photoshop 6.0 (HKLM-x32\...\Adobe Photoshop 6.0) (Version: 6.0 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Adobe SVG Viewer (HKLM-x32\...\Adobe SVG Viewer) (Version: 1.0 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Artemis Spaceship Bridge Simulator (HKLM-x32\...\Steam App 247350) (Version:  - )
Ask Toolbar (HKLM-x32\...\{4F524A2D-5637-4300-76A7-A758B70C1500}) (Version: 12.21.0.128 - APN, LLC)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Audacity Bundle by Fileparade.com (HKLM-x32\...\Audacity Bundle by Fileparade.com) (Version: 1.0.0.0 - SweetPacks LTD)
AutoGreen B12.0206.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B12.0206.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5577 - AVG Technologies)
AVG 2015 (Version: 15.0.4253 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5577 - AVG Technologies) Hidden
AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 17.1.2.1 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 3.2.0.18 - AVG Technologies)
Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 4.1 - Wacom Co., Ltd.)
Bamboo Dock (x32 Version: 4.1.0 - Wacom Europe GmbH) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version:  - The Behemoth)
BeamNG-Techdemo-0.3 (remove only) (HKCU\...\BeamNG-Techdemo-0.3) (Version:  - )
BIT.TRIP Presents... Runner2: Future Legend of Rhythm Alien (HKLM-x32\...\Steam App 218060) (Version:  - Gaijin Games)
BIT.TRIP RUNNER (HKLM-x32\...\Steam App 63710) (Version:  - Gaijin Games)
Blender (HKLM\...\Blender) (Version: 2.68a - Blender Foundation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Borderlands: The Pre-Sequel (HKLM-x32\...\Steam App 261640) (Version:  - 2K Australia)
Bundled software uninstaller (HKLM-x32\...\bi_uninstaller) (Version:  - )
Camtasia Studio 8 (HKLM-x32\...\{2B1F8DD0-873D-4AC3-8400-766F255FE263}) (Version: 8.1.0.1281 - TechSmith Corporation)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version:  - The Behemoth)
Cube World version 0.0.1 (HKLM-x32\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma)
Cubemen 2 (HKLM-x32\...\Steam App 228440) (Version:  - 3 Sprockets)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 1.82 - NCH Software)
DisplayFusion 6.1.2 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 6.1.2.0 - Binary Fortress Software)
Easy Tune 6 B12.1121.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B12.1121.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Etron USB3.0 Host Controller (x32 Version: 0.115 - Etron Technology) Hidden
Evolve (HKLM-x32\...\Steam App 273350) (Version:  - Turtle Rock Studios)
Express Zip (HKLM-x32\...\ExpressZip) (Version: 2.28 - NCH Software)
FEZ (HKLM-x32\...\Steam App 224760) (Version:  - Polytron Corporation)
FilesFrog Update Checker (HKLM-x32\...\FilesFrog Update Checker) (Version:  - )
Fish Tycoon 1.0 (HKLM-x32\...\Fish Tycoon) (Version: 1.0 - Last Day of Work)
Fistful of Frags (HKLM-x32\...\Steam App 265630) (Version:  - Fistful of Frags Team)
FlatOut (HKLM-x32\...\{A57D86AF-DE8E-4B26-972E-A1A28FFF7742}) (Version: 1.00.0000 - Empire Interactive)
FLV Player (HKCU\...\FLV Player) (Version: 1.1 - Somoto Ltd.)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
GamesDesktop 027.16 (HKLM-x32\...\gmsd_au_16_is1) (Version:  - GAMESDESKTOP)
Gang Beasts (HKLM-x32\...\Steam App 285900) (Version:  - Boneloaf)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Garry)
Ge-Force (HKLM-x32\...\Ge-Force) (Version: 1.35.12.18 - iWebar)
Guns of Icarus Online (HKLM-x32\...\Steam App 209080) (Version:  - Muse Games)
Gyazo 2.0.1 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc. & Toshiyuki Masui)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{76FF0F03-B707-4332-B5D1-A56C8303514E}) (Version: 11.0.4.4 - Apple Inc.)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java Auto Updater (x32 Version: 2.1.71.14 - Oracle, Inc.) Hidden
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version:  - Avalanche)
Just Cause 2: Multiplayer Mod (HKLM-x32\...\Steam App 259080) (Version:  - JC2-MP Team)
Keysticks (HKLM-x32\...\{017E32B0-23A9-40F0-952B-6B12F0702A15}) (Version: 1.8.1 - Keysticks.net)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
LG United Mobile Drivers (HKLM-x32\...\{55031CEF-CE75-4A5C-8DEA-60577820529B}) (Version: 3.10.1.0 - LG Electronics)
Little Inferno (HKLM-x32\...\Steam App 221260) (Version:  - Tomorrow Corporation)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.291 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.291 - LogMeIn, Inc.) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2000 Professional (HKLM-x32\...\{00010409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MotioninJoy Gamepad tool 0.7.0000 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.0000 - www.motioninjoy.com)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero BackItUp (x32 Version: 12.0.3002 - Nero AG) Hidden
Nero BackItUp Help (CHM) (x32 Version: 12.0.3000 - Nero AG) Hidden
Nero Blu-ray Player (x32 Version: 12.0.14300 - Nero AG) Hidden
Nero BurnRights (x32 Version: 12.0.5000 - Nero AG) Hidden
Nero BurnRights Help (CHM) (x32 Version: 12.0.5000 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.15300 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.5000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.18100 - Nero AG) Hidden
Nero CoverDesigner (x32 Version: 12.0.9000 - Nero AG) Hidden
Nero CoverDesigner Help (CHM) (x32 Version: 12.0.2000 - Nero AG) Hidden
Nero DiscSpeed 11 (x32 Version: 7.0.10400.2.100 - Nero AG) Hidden
Nero DiscSpeed Help (CHM) (x32 Version: 12.0.1000 - Nero AG) Hidden
Nero Express (x32 Version: 12.0.20000 - Nero AG) Hidden
Nero Express Help (CHM) (x32 Version: 12.0.5000 - Nero AG) Hidden
Nero InfoTool (x32 Version: 12.0.3000 - Nero AG) Hidden
Nero InfoTool Help (CHM) (x32 Version: 12.0.0002 - Nero AG) Hidden
Nero Kwik Media (x32 Version: 1.18.18800 - Nero AG) Hidden
Nero Kwik Media Help (CHM) (x32 Version: 12.0.4000 - Nero AG) Hidden
Nero Kwik Themes Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero SharedVideoCodecs (x32 Version: 1.0.12100.2.0 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
Nero12EssTSST (HKLM-x32\...\{1DEC64C1-7F34-44CD-BC35-8E0A096300CF}) (Version: 12.0.01100 - Nero AG)
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
NVIDIA 3D Vision Controller Driver 306.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 306.23 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Control Panel 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0604 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0604 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
ON_OFF Charge B12.1025.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.1.10.2728 - Electronic Arts, Inc.)
PaintTool SAI Ver.1 (HKLM-x32\...\PaintToolSAI) (Version:  - )
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Prism Video File Converter (HKLM-x32\...\Prism) (Version: 2.18 - NCH Software)
Pro PC Cleaner (HKLM-x32\...\{C3060724-6AC7-4BEF-B516-4F6B1D90887D}) (Version: 2.5.5 - Pro PC Cleaner)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.18.23036 - Razer Inc.)
Remote Desktop Access (VuuPC) (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - CMI Limited)
Sanctum (HKLM-x32\...\Steam App 91600) (Version:  - Coffee Stain Studios)
Sanctum 2 (HKLM-x32\...\Steam App 210770) (Version:  - Coffee Stain Studios)
Screencheat (HKLM-x32\...\Steam App 301970) (Version:  - Samurai Punk)
Shopping App by Ask (HKLM-x32\...\{4F524A2D-5354-2D53-5045-A758B70C1500}) (Version: 12.21.0.115 - APN, LLC)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
SimCity 4 (HKLM-x32\...\{611BD998-34B9-4DDA-00AE-0CB4632E86FA}) (Version:  - )
Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2247.4 - Hi-Rez Studios)
Sonic & All-Stars Racing Transformed (HKLM-x32\...\Steam App 212480) (Version:  - Sumo Digital)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version:  - )
SpeedRunners (HKLM-x32\...\Steam App 207140) (Version:  - DoubleDutch Games)
Spotify (HKCU\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Star Conflict (HKLM-x32\...\Steam App 212070) (Version:  - Star Gem Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Sumotori Dreams (HKLM-x32\...\Sumotori Dreams) (Version:  - )
Super Hexagon (HKLM-x32\...\Steam App 221640) (Version:  - Terry Cavanagh)
SweetPacks Updater Service (HKLM-x32\...\WNLT) (Version: 5.1.5.2 - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tales from the Borderlands (HKLM-x32\...\Steam App 330830) (Version:  - Telltale Games)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Sims™ 4 Create A Sim Demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.237.100 - Electronic Arts Inc.)
The Stanley Parable (HKLM-x32\...\Steam App 221910) (Version:  - Galactic Cafe)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 3.14 - NCH Software)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.2-1 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.2 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.2 - Wacom Technology Corp.)
WinCheck (HKLM-x32\...\wincheck) (Version: 1.0.0.0 - WinCheck)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinRAR 5.00 beta 8 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.8 - win.rar GmbH)
WinRAR 5.00 beta 8 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.8 - win.rar GmbH)
Zeallsoft Super Screen Recorder 5.1 (HKLM-x32\...\Zeallsoft Super Screen Recorder_is1) (Version:  - )
========================= Restore Points ==================================

06-12-2014 02:53:32 Installed Microsoft Visual C++ 2005 Redistributable
06-12-2014 02:54:15 Installed Microsoft Visual C++ 2005 Redistributable
06-12-2014 02:55:24 Installed DirectX
10-12-2014 10:34:00 Windows Update
12-12-2014 14:45:24 Windows Update
18-12-2014 07:05:28 Windows Update
21-12-2014 05:56:29 Removed PCKeeper
21-12-2014 05:58:21 Removed PCKeeper
21-12-2014 06:00:10 Removed PCKeeper
21-12-2014 06:00:52 Removed KromtechAccountService

**** End of log ****

 

 

Now I stuffed up a bit for the malwarebytes AntiMallware... after the scan, I hit apply actions and THEN read to make sure the action is quarantine. Of course it was too late then and it said it had cleaned . I ran another scan and this time before i hit apply actions, I clicked quarantine, but after that I didn't get the option to apply actions. I'll post both logs just in case ..

 

First one (the result was 3 malicious threats and 279 non malicious)

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 21/12/2014
Scan Time: 9:30:19 PM
Logfile:
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2014.12.21.02
Rootkit Database: v2014.12.14.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Ashlee

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 412862
Time Elapsed: 16 min, 26 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 5
PUP.Optional.VOPackage.A, C:\Users\Ashlee\AppData\Roaming\VOPackage\VOsrv.exe, 1304, Delete-on-Reboot, [a8ce2342e498d0660b7a81e17f84a25e]
PUP.Optional.WebPlayer.A, C:\Users\Ashlee\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe, 5024, Delete-on-Reboot, [86f070f5611b46f06e97b1c240c32cd4]
PUP.Optional.GamesDesktop.A, C:\Program Files (x86)\gmsd_au_16\gmsd_au_16.exe, 5424, Delete-on-Reboot, [1561b9ac54280036a916e67247bc1de3]
Adware.InstallBrain, C:\Windows\System32\dmwu.exe, 2848, Delete-on-Reboot, [a2d40c59493351e56bc694f515ef38c8]
PUP.Optional.GamesDesktop.A, C:\Users\Ashlee\AppData\Local\gmsd_au_16\upgmsd_au_16.exe, 4852, Delete-on-Reboot, [0e68f471334963d37bce460c6f940ef2]

Modules: 0
(No malicious items detected)

Registry Keys: 79
PUP.Optional.GeForce.A, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110611911129}, Quarantined, [6d09d68f2656bc7aa1bde4ce689904fc],
PUP.Optional.GeForce.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{11111111-1111-1111-1111-110611911129}, Quarantined, [6d09d68f2656bc7aa1bde4ce689904fc],
PUP.Optional.GeForce.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440644914429}, Quarantined, [6d09d68f2656bc7aa1bde4ce689904fc],
PUP.Optional.GeForce.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550655915529}, Quarantined, [6d09d68f2656bc7aa1bde4ce689904fc],
PUP.Optional.GeForce.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660666916629}, Quarantined, [6d09d68f2656bc7aa1bde4ce689904fc],
PUP.Optional.GeForce.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550655915529}, Quarantined, [6d09d68f2656bc7aa1bde4ce689904fc],
PUP.Optional.GeForce.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660666916629}, Quarantined, [6d09d68f2656bc7aa1bde4ce689904fc],
PUP.Optional.GeForce.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440644914429}, Quarantined, [6d09d68f2656bc7aa1bde4ce689904fc],
PUP.Optional.GeForce.A, HKLM\SOFTWARE\CLASSES\fd489e8cf7fd4ea1abbfd6139cb6d3390069129.BHO.1, Quarantined, [6d09d68f2656bc7aa1bde4ce689904fc],
PUP.Optional.GeForce.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110611911129}, Quarantined, [6d09d68f2656bc7aa1bde4ce689904fc],
PUP.Optional.GeForce.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110611911129}, Quarantined, [6d09d68f2656bc7aa1bde4ce689904fc],
PUP.Optional.GeForce.A, HKLM\SOFTWARE\CLASSES\fd489e8cf7fd4ea1abbfd6139cb6d3390069129.BHO, Quarantined, [6d09d68f2656bc7aa1bde4ce689904fc],
PUP.Optional.GeForce.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\fd489e8cf7fd4ea1abbfd6139cb6d3390069129.BHO, Quarantined, [6d09d68f2656bc7aa1bde4ce689904fc],
PUP.Optional.GeForce.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\fd489e8cf7fd4ea1abbfd6139cb6d3390069129.BHO.1, Quarantined, [6d09d68f2656bc7aa1bde4ce689904fc],
PUP.Optional.GeForce.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{22222222-2222-2222-2222-220622912229}, Quarantined, [6d09d68f2656bc7aa1bde4ce689904fc],
PUP.Optional.GeForce.A, HKLM\SOFTWARE\CLASSES\fd489e8cf7fd4ea1abbfd6139cb6d3390069129.Sandbox.1, Quarantined, [6d09d68f2656bc7aa1bde4ce689904fc],
PUP.Optional.GeForce.A, HKLM\SOFTWARE\CLASSES\fd489e8cf7fd4ea1abbfd6139cb6d3390069129.Sandbox, Quarantined, [6d09d68f2656bc7aa1bde4ce689904fc],
PUP.Optional.GeForce.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\fd489e8cf7fd4ea1abbfd6139cb6d3390069129.Sandbox, Quarantined, [6d09d68f2656bc7aa1bde4ce689904fc],
PUP.Optional.GeForce.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\fd489e8cf7fd4ea1abbfd6139cb6d3390069129.Sandbox.1, Quarantined, [6d09d68f2656bc7aa1bde4ce689904fc],
PUP.Optional.GeForce.A, HKLM\SOFTWARE\CLASSES\CLSID\{22222222-2222-2222-2222-220622912229}, Quarantined, [6d09d68f2656bc7aa1bde4ce689904fc],
PUP.Optional.GeForce.A, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110611911129}\INPROCSERVER32, Quarantined, [6d09d68f2656bc7aa1bde4ce689904fc],
PUP.Optional.Snapdo.T, HKU\S-1-5-21-3659292527-334032331-3834142823-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}, Quarantined, [0d690362ee8e2c0a99d62ae79b68ee12],
PUP.Optional.Snapdo.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006EE092-9658-4FD6-BD8E-A21A348E59F5}, Quarantined, [0d690362ee8e2c0a99d62ae79b68ee12],
PUP.Optional.MiniBar.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{AA74D58F-ACD0-450D-A85E-6C04B171C044}, Quarantined, [4531d68fc0bc84b2c7fa58b6976cf709],
PUP.Optional.MiniBar.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{AA74D58F-ACD0-450D-A85E-6C04B171C044}, Quarantined, [4531d68fc0bc84b2c7fa58b6976cf709],
PUP.Optional.Somoto, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\FilesFrog Update Checker, Quarantined, [b9bd3e2781fb37ff84d7c95ec13f8f71],
PUP.Optional.VOPackage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VOPackage, Quarantined, [a8ce2342e498d0660b7a81e17f84a25e],
PUP.Optional.VOPackage.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\servervo, Quarantined, [a8ce2342e498d0660b7a81e17f84a25e],
PUP.Optional.WebPlayer.A, HKU\S-1-5-21-3659292527-334032331-3834142823-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\FLV Player, Quarantined, [86f070f5611b46f06e97b1c240c32cd4],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\21836, Quarantined, [96e0b2b3acd02a0ca64299f356ad1de3],
PUP.Optional.InstallBrain.A, HKLM\SOFTWARE\WNLT, Quarantined, [e69010555a221125af7800b6ec18dd23],
PUP.Optional.GamesDesktop.A, HKLM\SOFTWARE\WOW6432NODE\GAMESDESKTOP, Quarantined, [3244ca9bc3b9ee48f74f0e4a47bc6799],
PUP.Optional.GeForce.A, HKLM\SOFTWARE\WOW6432NODE\Ge-Force, Quarantined, [2551362f621a4ee8769abe124bb933cd],
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SweetIM, Quarantined, [4f271f4614680f279947b4a25da66e92],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE, Quarantined, [3d390b5a9be1d75ff625d49ec0431ee2],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\21836, Quarantined, [b9bdf3727dff2c0afaee800cd132649c],
PUP.Optional.GamesDesktop.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\gmsd_au_16_is1, Quarantined, [ea8c452043396fc78d2f7bdd4ab99868],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10, Quarantined, [1f575c098eee71c53ed2daf88f7531cf],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4, Quarantined, [4432a1c44438a78f769b7f53679dfa06],
Adware.InstallBrain, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IBUpdaterService, Quarantined, [a2d40c59493351e56bc694f515ef38c8],
PUP.Optional.SweetIM.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SweetIM, Quarantined, [76002a3be09c84b2ae3179ddc043cf31],
PUP.Optional.GeForce.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Ge-Force, Quarantined, [ec8ac1a49ce0bf77a56df3dd2bd9cb35],
PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT, Quarantined, [aacca4c1e79571c59a8c09ad5ca849b7],
PUP.Optional.Softonic.A, HKU\S-1-5-21-3659292527-334032331-3834142823-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Softonic, Quarantined, [d4a20a5b9fdd95a13f38193ff310b64a],
PUP.Optional.Somoto.A, HKU\S-1-5-21-3659292527-334032331-3834142823-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Somoto, Quarantined, [6e082e376c104bebb31686df63a0f907],
PUP.Optional.SweetIM.A, HKU\S-1-5-21-3659292527-334032331-3834142823-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SweetIM, Quarantined, [bdb9293c15673006d20d1145ce35bf41],
PUP.Optional.Tuto4PC.A, HKU\S-1-5-21-3659292527-334032331-3834142823-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\TutoTag, Quarantined, [195d64011f5d072fe162eee42cd854ac],
PUP.Optional.BlockAndSurf.A, HKU\S-1-5-21-3659292527-334032331-3834142823-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\BlockAndSurf, Quarantined, [274fe283f884ef477f85b6b9c04303fd],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3659292527-334032331-3834142823-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, Quarantined, [4e28075e0d6fb87e0c502d9649bbf30d],
PUP.Optional.FindADeal.A, HKU\S-1-5-21-3659292527-334032331-3834142823-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\find-a-deal-2, Quarantined, [9fd7570e1d5ff73f0b1e315555aec13f],
PUP.Optional.GeForce.A, HKU\S-1-5-21-3659292527-334032331-3834142823-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Ge-Force, Quarantined, [116575f03a42aa8c060c5779659faa56],
PUP.Optional.FilesFrog.A, HKU\S-1-5-21-3659292527-334032331-3834142823-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BI, Quarantined, [e096e97c0f6d88ae5645357fb1536997],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3659292527-334032331-3834142823-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, Quarantined, [076f90d5ee8e0e28d23fe1b87291f010],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3659292527-334032331-3834142823-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Quarantined, [ed890e57b8c45dd9b6782c833bc9d22e],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3659292527-334032331-3834142823-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\21836, Quarantined, [bfb783e2ccb01c1a41b4de87b053857b],
PUP.Optional.iWebar.A, HKU\S-1-5-21-3659292527-334032331-3834142823-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\iWebar, Quarantined, [1660cf96f6861a1c3bb6a6efc73c55ab],
PUP.Optional.Somoto.A, HKU\S-1-5-21-3659292527-334032331-3834142823-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOMOTO\SDP, Quarantined, [294d3e2784f856e018b7991a5da738c8],
PUP.Optional.InstallBrain.A, HKU\S-1-5-21-3659292527-334032331-3834142823-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT, Quarantined, [086e372e4636112530f6d4e2e024847c],
PUP.Optional.InstallBrain.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WNLT, Quarantined, [5b1bd590324a2b0bdc96c260e81b817f],
PUP.Optional.GlobalUpdate.T, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdate, Quarantined, [5224115485f71026d397a695c73c629e],
PUP.Optional.GlobalUpdate.T, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdatem, Quarantined, [5224115485f71026d397a695c73c629e],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Quarantined, [5224115485f71026d397a695c73c629e],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Quarantined, [5224115485f71026d397a695c73c629e],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, Quarantined, [5224115485f71026d397a695c73c629e],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickCtrl.10, Quarantined, [5224115485f71026d397a695c73c629e],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickCtrl.10, Quarantined, [5224115485f71026d397a695c73c629e],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, Quarantined, [5224115485f71026d397a695c73c629e],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, Quarantined, [5224115485f71026d397a695c73c629e],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, Quarantined, [5224115485f71026d397a695c73c629e],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.Update3WebControl.4, Quarantined, [5224115485f71026d397a695c73c629e],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.Update3WebControl.4, Quarantined, [5224115485f71026d397a695c73c629e],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, Quarantined, [5224115485f71026d397a695c73c629e],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, Quarantined, [5224115485f71026d397a695c73c629e],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, Quarantined, [5224115485f71026d397a695c73c629e],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, Quarantined, [5224115485f71026d397a695c73c629e],
PUP.Optional.GeForce.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Ge-Force, Quarantined, [f284c1a4f5876ec8b65984b821e2f808],
PUP.Optional.SweetPacks.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Audacity Bundle by Fileparade.com, Quarantined, [4d29056086f62214192b024a38cb5ea2],
PUP.Optional.ShopperPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, Quarantined, [e29481e44f2d999d44525f1e39cc5da3],
PUP.Optional.ShopperPro, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, Quarantined, [e29481e44f2d999d44525f1e39cc5da3],

Registry Values: 15
PUP.Optional.WebPlayer.A, HKU\S-1-5-21-3659292527-334032331-3834142823-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|FLV Player, C:\Users\Ashlee\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe, Quarantined, [86f070f5611b46f06e97b1c240c32cd4]
PUP.Optional.SmartBar, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, Quarantined, [4d292243017bf640a9d84622cd36a35d]
PUP.Optional.InstallBrain.A, HKLM\SOFTWARE\WNLT|PDV, [BLACKLIST=1], Quarantined, [e69010555a221125af7800b6ec18dd23]
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE|path, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, Quarantined, [3d390b5a9be1d75ff625d49ec0431ee2]
PUP.Optional.SmartBar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, Quarantined, [f482491c5824f83e5e2383e555ae3bc5]
PUP.Optional.GamesDesktop.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|gmsd_au_16, "C:\Program Files (x86)\gmsd_au_16\gmsd_au_16.exe", Quarantined, [1561b9ac54280036a916e67247bc1de3]
PUP.Optional.VOPackage, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VOPACKAGE|UninstallString, "C:\Users\Ashlee\AppData\Roaming\VOPackage\uninstall.exe", Quarantined, [10660b5abfbdfd3964199ed32bd8946c]
PUP.Optional.VOPackage.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SERVERVO|ImagePath, C:\Users\Ashlee\AppData\Roaming\VOPackage\VOsrv.exe, Quarantined, [d1a5442116669f976bd7c19805fe6997]
PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT|URL, MYSTART, Quarantined, [aacca4c1e79571c59a8c09ad5ca849b7]
PUP.Optional.FilesFrog.A, HKU\S-1-5-21-3659292527-334032331-3834142823-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BI|ui_path_filesfrog, HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker, Quarantined, [e096e97c0f6d88ae5645357fb1536997]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3659292527-334032331-3834142823-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0R0D0N1R1N2W, Quarantined, [ed890e57b8c45dd9b6782c833bc9d22e]
PUP.Optional.Snapdo.T, HKU\S-1-5-21-3659292527-334032331-3834142823-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {006ee092-9658-4fd6-bd8e-a21a348e59f5}, Quarantined, [185ef273c1bb42f4b369d49ef90a34cc]
PUP.Optional.Somoto.A, HKU\S-1-5-21-3659292527-334032331-3834142823-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOMOTO\SDP|affid, network_yllixcom_1, Quarantined, [294d3e2784f856e018b7991a5da738c8]
PUP.Optional.InstallBrain.A, HKU\S-1-5-21-3659292527-334032331-3834142823-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT|URL, SWEETIM, Quarantined, [086e372e4636112530f6d4e2e024847c]
PUP.Optional.GamesDesktop.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|upgmsd_au_16.exe, C:\Users\Ashlee\AppData\Local\gmsd_au_16\upgmsd_au_16.exe -runonce, Quarantined, [0e68f471334963d37bce460c6f940ef2]

Registry Data: 1
PUP.Optional.SnapDo.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=AU&userid=c3fc415b-f9c2-b171-ac96-9bb95775a7ac&searchtype=ds&q={searchTerms}&installDate=23/11/2013, Good: (www.google.com), Bad: (http://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=AU&userid=c3fc415b-f9c2-b171-ac96-9bb95775a7ac&searchtype=ds&q={searchTerms}&installDate=23/11/2013),Replaced,[b8be72f383f91323b38c0d5ec243cc34]

Folders: 29
PUP.Optional.VOPackage.A, C:\Users\Ashlee\AppData\Roaming\VOPackage, Delete-on-Reboot, [a8ce2342e498d0660b7a81e17f84a25e],
PUP.Optional.VOPackage, C:\Users\Ashlee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage, Quarantined, [581e51143b419e98324c2b466f946898],
PUP.Optional.WebPlayer.A, C:\Users\Ashlee\AppData\Local\WebPlayer, Delete-on-Reboot, [86f070f5611b46f06e97b1c240c32cd4],
PUP.Optional.WebPlayer.A, C:\Users\Ashlee\AppData\Local\WebPlayer\FLV Player, Delete-on-Reboot, [86f070f5611b46f06e97b1c240c32cd4],
PUP.Optional.WebPlayer.A, C:\Users\Ashlee\AppData\Local\WebPlayer\FLV Player\icons, Quarantined, [86f070f5611b46f06e97b1c240c32cd4],
PUP.Optional.WebPlayer.A, C:\Users\Ashlee\AppData\Local\WebPlayer\FLV Player\scripts, Quarantined, [86f070f5611b46f06e97b1c240c32cd4],
PUP.Optional.WebPlayer.A, C:\Users\Ashlee\AppData\Local\WebPlayer\FLV Player\scripts\kango, Quarantined, [86f070f5611b46f06e97b1c240c32cd4],
PUP.Optional.WebPlayer.A, C:\Users\Ashlee\AppData\Local\WebPlayer\FLV Player\scripts\web_player, Quarantined, [86f070f5611b46f06e97b1c240c32cd4],
PUP.Optional.FilesFrog.A, C:\Users\Ashlee\AppData\Local\FilesFrog Update Checker, Quarantined, [086ea8bd166684b229f7c85ada29b54b],
PUP.Optional.FilesFrog.A, C:\Users\Ashlee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker, Quarantined, [4e2882e34d2fe3538998071bc73cea16],
PUP.Optional.InstallBrain.A, C:\Windows\SysWOW64\WNLT\Installation, Quarantined, [5b1bd590324a2b0bdc96c260e81b817f],
PUP.Optional.InstallBrain.A, C:\Windows\SysWOW64\WNLT\Installation\Uninstall, Quarantined, [5b1bd590324a2b0bdc96c260e81b817f],
PUP.Optional.MindSpark.A, C:\Users\Ashlee\AppData\Roaming\Mozilla\Firefox\Profiles\xlv2ckr7.default\Allin1Convert_8h, Quarantined, [ee888cd99be13df91402dc4f7f841ae6],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update, Quarantined, [5224115485f71026d397a695c73c629e],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0, Quarantined, [5224115485f71026d397a695c73c629e],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download, Quarantined, [5224115485f71026d397a695c73c629e],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Install, Quarantined, [5224115485f71026d397a695c73c629e],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline, Quarantined, [5224115485f71026d397a695c73c629e],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline\{B213A343-AEA8-4991-8FA1-A602816D8F66}, Quarantined, [5224115485f71026d397a695c73c629e],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashlee\AppData\Local\Temp\comh.259633, Quarantined, [7afc3a2b611b56e00e7860dbb44ff907],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashlee\AppData\Local\Temp\comh.454448, Quarantined, [79fde4810577b3833c4a3a010af9c43c],
PUP.Optional.GeForce.A, C:\Program Files (x86)\Ge-Force, Quarantined, [f284c1a4f5876ec8b65984b821e2f808],
PUP.Optional.FindADeal.A, C:\Program Files (x86)\findAdeal, Quarantined, [a1d5fa6bde9ef73fe44bac9fe41f9070],
PUP.Optional.SweetPacks.A, C:\Program Files (x86)\sweetpacks bundle uninstaller, Quarantined, [4d29056086f62214192b024a38cb5ea2],
PUP.Optional.GamesDesktop.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP, Quarantined, [5d19ee774735c274aa9e81d14db6df21],
PUP.Optional.GamesDesktop.A, C:\Users\Ashlee\AppData\Local\gmsd_au_16, Delete-on-Reboot, [0e68f471334963d37bce460c6f940ef2],
PUP.Optional.GamesDesktop.A, C:\Users\Ashlee\AppData\Local\gmsd_au_16\gmsd_au_16, Quarantined, [0e68f471334963d37bce460c6f940ef2],
PUP.Optional.GamesDesktop.A, C:\Users\Ashlee\AppData\Local\gmsd_au_16\gmsd_au_16\1.20, Quarantined, [0e68f471334963d37bce460c6f940ef2],
PUP.Optional.GamesDesktop.A, C:\Program Files (x86)\gmsd_au_16, Delete-on-Reboot, [e78f1b4a3f3db2842f1bcc86699ab848],

Files: 153
PUP.Optional.GeForce.A, C:\Program Files (x86)\Ge-Force\Ge-Force-bho64.dll, Quarantined, [6d09d68f2656bc7aa1bde4ce689904fc],
PUP.Optional.GeForce.A, C:\Program Files (x86)\Ge-Force\Ge-Force-bho.dll, Quarantined, [6d09d68f2656bc7aa1bde4ce689904fc],
PUP.Optional.Sense.A, C:\Users\Ashlee\AppData\Roaming\FRVOIK.exe, Quarantined, [11650e57cdaf3cfa28010d5cbe439070],
PUP.Optional.Sense.A, C:\Users\Ashlee\AppData\Roaming\WF.exe, Quarantined, [8aec04612557a69007229acf57aa05fb],
PUP.Optional.GeForce.A, C:\Program Files (x86)\Ge-Force\61709476-a280-47b5-a735-d492ef19db8d-2.exe, Quarantined, [f97d0263641849ed3e20cfe3c14011ef],
PUP.Optional.GeForce.A, C:\Program Files (x86)\Ge-Force\61709476-a280-47b5-a735-d492ef19db8d-4.exe, Quarantined, [532397ce0e6e3006b8a66f43ec154db3],
PUP.Optional.GeForce.A, C:\Program Files (x86)\Ge-Force\61709476-a280-47b5-a735-d492ef19db8d-5.exe, Quarantined, [46303b2a49337bbbe37bb3ffda27a25e],
PUP.Optional.GeForce.A, C:\Program Files (x86)\Ge-Force\Ge-Force-bg.exe, Quarantined, [9adcd98c8eee2610abb3c5eda35e0af6],
PUP.Optional.GeForce.A, C:\Program Files (x86)\Ge-Force\Ge-Force-buttonutil.exe, Quarantined, [20569bcaafcdea4c78e6486a32cff20e],
PUP.Optional.GeForce.A, C:\Program Files (x86)\Ge-Force\Ge-Force-buttonutil64.exe, Quarantined, [6d09273e4a32d06607574171cb36748c],
PUP.Optional.GeForce.A, C:\Program Files (x86)\Ge-Force\Ge-Force-codedownloader.exe, Quarantined, [a3d3115438443303ec72862c3bc6fc04],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\Ge-Force\utils.exe, Quarantined, [ec8ad78e7ffd9c9a4dee1544ad53f808],
PUP.Optional.Vid, C:\Users\Ashlee\AppData\Local\Temp\Hdw1hv7a.exe.part, Quarantined, [e78f2540ccb01e18be25071f61a04ab6],
PUP.Optional.Somoto.A, C:\Users\Ashlee\AppData\Local\Temp\appshat-distribution.exe, Quarantined, [33432f360a7287afb7d73ee44fb1ac54],
PUP.Optional.Goobzo, C:\Users\Ashlee\AppData\Local\Temp\dufgmr4c.exe, Quarantined, [c0b6eb7a0b71ea4cc5b45860b34e926e],
PUP.Optional.SweetPacks.A, C:\Users\Ashlee\AppData\Local\Temp\EmptySetup.exe.7z, Quarantined, [4f277aebe498d56174b3924e966e1de3],
PUP.Optional.Perion.A, C:\Users\Ashlee\AppData\Local\Temp\WSSetup.exe, Quarantined, [a5d1481d3943ab8b0bd140e14fb6847c],
PUP.Optional.Linkury.A, C:\Users\Ashlee\AppData\Local\Temp\Installer.exe, Quarantined, [7df9372ed9a314221dd29a8b35d027d9],
PUP.Optional.Somoto.A, C:\Users\Ashlee\AppData\Local\Temp\rad6FEB1.tmp_update.exe, Quarantined, [e6906302225ad66068207cccfb05d32d],
PUP.Optional.SweetPacks.A, C:\Users\Ashlee\AppData\Local\Temp\SweetIESetup.exe.7z, Quarantined, [027404613646d264ea3d37a9030139c7],
PUP.Optional.Bandoo, C:\Users\Ashlee\AppData\Local\Temp\m5M_6hcM.exe.part, Quarantined, [d89eadb8eb9155e140a9da4df40d58a8],
PUP.Optional.SweetIM, C:\Users\Ashlee\AppData\Local\Temp\mgsqlite3.7z, Quarantined, [175f5312e09cfa3cac01a1fbdd28669a],
PUP.Optional.SweetIM, C:\Users\Ashlee\AppData\Local\Temp\mgsqlite3.dll, Quarantined, [e096362fc9b3a690317ccdcfd0350ff1],
PUP.Optional.Somoto, C:\Users\Ashlee\AppData\Local\Temp\nsp808E.tmp, Quarantined, [d1a56104df9d0a2cb012f4f514f0e61a],
PUP.Optional.CrossRider.A, C:\Users\Ashlee\AppData\Local\Temp\Install_15942\ins_geforce.exe, Quarantined, [fa7c22437ffd81b5697e0cd24db4f010],
PUP.Optional.CrossRider.A, C:\Users\Ashlee\AppData\Local\Temp\Install_15942\ins_sense.exe, Quarantined, [cda9baab780466d0c423964803fec13f],
PUP.Optional.CrossRider.A, C:\Users\Ashlee\AppData\Local\Temp\~nsu.tmp\Au_.exe, Quarantined, [79fd67fe0d6fe45255e6a6b343bddb25],
PUP.Optional.Softonic.A, C:\Users\Ashlee\Downloads\SoftonicDownloader_for_camtasia-studio.exe, Quarantined, [0e68283d9ede4fe7b690f44a58a98e72],
PUP.Optional.SweetIM, C:\Users\Ashlee\Downloads\audacity_mp_pgr(1).exe, Quarantined, [383ec5a0e09cdd599518d2ca7491da26],
PUP.Optional.SweetIM, C:\Users\Ashlee\Downloads\audacity_mp_pgr.exe, Quarantined, [ee8815508af2e650832ad7c5f70e33cd],
PUP.Optional.OutBrowse, C:\Users\Ashlee\Downloads\avg-internet-security.exe, Quarantined, [7afca8bdb0cc5ed8d79ede1c21e054ac],
PUP.Optional.OpenCandy, C:\Users\Ashlee\Downloads\DTLite4491-0356.exe, Quarantined, [b2c4a0c5fa82112579a38e0fad587d83],
PUP.Optional.InstallCore.A, C:\Users\Ashlee\Downloads\winzip180.exe, Quarantined, [61151b4abdbfa78f5d9380c7828336ca],
PUP.Optional.Somoto, C:\Users\Ashlee\AppData\Local\FilesFrog Update Checker\uninstall.exe, Quarantined, [b9bd3e2781fb37ff84d7c95ec13f8f71],
PUP.Optional.Somoto.A, C:\Windows\System32\Tasks\SomotoUpdateCheckerAutoStart, Quarantined, [3f374a1b2e4ec96dd7b8bba00ff4669a],
PUP.Optional.VOPackage.A, C:\Users\Ashlee\AppData\Roaming\VOPackage\Uninstall.exe, Quarantined, [a8ce2342e498d0660b7a81e17f84a25e],
PUP.Optional.VOPackage.A, C:\Users\Ashlee\AppData\Roaming\VOPackage\runasu.exe, Quarantined, [a8ce2342e498d0660b7a81e17f84a25e],
PUP.Optional.VOPackage.A, C:\Users\Ashlee\AppData\Roaming\VOPackage\VOPackage.exe, Quarantined, [a8ce2342e498d0660b7a81e17f84a25e],
PUP.Optional.VOPackage.A, C:\Users\Ashlee\AppData\Roaming\VOPackage\VOsrv.exe, Delete-on-Reboot, [a8ce2342e498d0660b7a81e17f84a25e],
PUP.Optional.VOPackage, C:\Users\Ashlee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage\Configure.lnk, Quarantined, [581e51143b419e98324c2b466f946898],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\61709476-a280-47b5-a735-d492ef19db8d-1, Quarantined, [16609acb205c32048d893c3627dcdf21],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\61709476-a280-47b5-a735-d492ef19db8d-2, Quarantined, [0571acb97dff48ee2fe78de5db28af51],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\61709476-a280-47b5-a735-d492ef19db8d-4, Quarantined, [44328dd84b31f640fa1c91e104ff827e],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\61709476-a280-47b5-a735-d492ef19db8d-5, Quarantined, [ef870461d8a49e98e333185adc276e92],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\61709476-a280-47b5-a735-d492ef19db8d-5_user, Quarantined, [d5a1d1945b21f44242d480f237ccc040],
PUP.Optional.WebPlayer.A, C:\Users\Ashlee\AppData\Local\WebPlayer\installer.js, Quarantined, [86f070f5611b46f06e97b1c240c32cd4],
PUP.Optional.WebPlayer.A, C:\Users\Ashlee\AppData\Local\WebPlayer\common.js, Quarantined, [86f070f5611b46f06e97b1c240c32cd4],
PUP.Optional.WebPlayer.A, C:\Users\Ashlee\AppData\Local\WebPlayer\Uninstall.exe, Quarantined, [86f070f5611b46f06e97b1c240c32cd4],
PUP.Optional.WebPlayer.A, C:\Users\Ashlee\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe, Delete-on-Reboot, [86f070f5611b46f06e97b1c240c32cd4],
PUP.Optional.WebPlayer.A, C:\Users\Ashlee\AppData\Local\WebPlayer\FLV Player\icons\main.ico, Quarantined, [86f070f5611b46f06e97b1c240c32cd4],
PUP.Optional.WebPlayer.A, C:\Users\Ashlee\AppData\Local\WebPlayer\FLV Player\icons\shortcut.ico, Quarantined, [86f070f5611b46f06e97b1c240c32cd4],
PUP.Optional.WebPlayer.A, C:\Users\Ashlee\AppData\Local\WebPlayer\FLV Player\icons\tray.ico, Quarantined, [86f070f5611b46f06e97b1c240c32cd4],
PUP.Optional.WebPlayer.A, C:\Users\Ashlee\AppData\Local\WebPlayer\FLV Player\scripts\config.xml, Quarantined, [86f070f5611b46f06e97b1c240c32cd4],
PUP.Optional.WebPlayer.A, C:\Users\Ashlee\AppData\Local\WebPlayer\FLV Player\scripts\default_config.json, Quarantined, [86f070f5611b46f06e97b1c240c32cd4],
PUP.Optional.WebPlayer.A, C:\Users\Ashlee\AppData\Local\WebPlayer\FLV Player\scripts\main.js, Quarantined, [86f070f5611b46f06e97b1c240c32cd4],
PUP.Optional.WebPlayer.A, C:\Users\Ashlee\AppData\Local\WebPlayer\FLV Player\scripts\stub.html, Quarantined, [86f070f5611b46f06e97b1c240c32cd4],
PUP.Optional.WebPlayer.A, C:\Users\Ashlee\AppData\Local\WebPlayer\FLV Player\scripts\kango\event_listener.js, Quarantined, [86f070f5611b46f06e97b1c240c32cd4],
PUP.Optional.WebPlayer.A, C:\Users\Ashlee\AppData\Local\WebPlayer\FLV Player\scripts\kango\initialize.js, Quarantined, [86f070f5611b46f06e97b1c240c32cd4],
PUP.Optional.WebPlayer.A, C:\Users\Ashlee\AppData\Local\WebPlayer\FLV Player\scripts\kango\io.js, Quarantined, [86f070f5611b46f06e97b1c240c32cd4],
PUP.Optional.WebPlayer.A, C:\Users\Ashlee\AppData\Local\WebPlayer\FLV Player\scripts\kango\json.js, Quarantined, [86f070f5611b46f06e97b1c240c32cd4],
PUP.Optional.WebPlayer.A, C:\Users\Ashlee\AppData\Local\WebPlayer\FLV Player\scripts\kango\jsonstorage.js, Quarantined, [86f070f5611b46f06e97b1c240c32cd4],
PUP.Optional.WebPlayer.A, C:\Users\Ashlee\AppData\Local\WebPlayer\FLV Player\scripts\kango\storage.js, Quarantined, [86f070f5611b46f06e97b1c240c32cd4],
PUP.Optional.WebPlayer.A, C:\Users\Ashlee\AppData\Local\WebPlayer\FLV Player\scripts\kango\utils.js, Quarantined, [86f070f5611b46f06e97b1c240c32cd4],
PUP.Optional.WebPlayer.A, C:\Users\Ashlee\AppData\Local\WebPlayer\FLV Player\scripts\kango\xhr.js, Quarantined, [86f070f5611b46f06e97b1c240c32cd4],
PUP.Optional.WebPlayer.A, C:\Users\Ashlee\AppData\Local\WebPlayer\FLV Player\scripts\web_player\initialize.js, Quarantined, [86f070f5611b46f06e97b1c240c32cd4],
PUP.Optional.WebPlayer.A, C:\Users\Ashlee\AppData\Local\WebPlayer\FLV Player\scripts\web_player\web_player.js, Quarantined, [86f070f5611b46f06e97b1c240c32cd4],
PUP.Optional.MindSpark.A, C:\Users\Ashlee\AppData\Roaming\Mozilla\Firefox\Profiles\xlv2ckr7.default\searchplugins\ask-web-search.xml, Quarantined, [f2846df8aad21a1c9cfe116c0bf88b75],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\61709476-a280-47b5-a735-d492ef19db8d-1.job, Quarantined, [4f271b4ab1cb5cda406c418e947051af],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\61709476-a280-47b5-a735-d492ef19db8d-2.job, Quarantined, [25510263b1cb88ae624a943bd92baa56],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\61709476-a280-47b5-a735-d492ef19db8d-4.job, Quarantined, [6b0bc4a1a8d41422149818b743c1c43c],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\61709476-a280-47b5-a735-d492ef19db8d-5.job, Quarantined, [91e5461fb6c685b12a8277580cf8d828],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\61709476-a280-47b5-a735-d492ef19db8d-5_user.job, Quarantined, [e492b8ad9be12b0b08a49b34ad57916f],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job, Quarantined, [096daeb7304c1125725013bc50b4748c],
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore, Quarantined, [294d62032e4eac8a5b68983755afb34d],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job, Quarantined, [95e10e57b5c7ba7cd2f2428d43c17789],
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA, Quarantined, [472f075ec5b7d264349100cfb64e07f9],
PUP.Optional.GamesDesktop.A, C:\Program Files (x86)\gmsd_au_16\gmsd_au_16.exe, Delete-on-Reboot, [1561b9ac54280036a916e67247bc1de3],
Adware.InstallBrain, C:\Windows\System32\dmwu.exe, Delete-on-Reboot, [a2d40c59493351e56bc694f515ef38c8],
PUP.Optional.FilesFrog.A, C:\Users\Ashlee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker\Uninstall.lnk, Quarantined, [4e2882e34d2fe3538998071bc73cea16],
PUP.Optional.InstallBrain.A, C:\Windows\SysWOW64\WNLT\Installation\Config.bin, Quarantined, [5b1bd590324a2b0bdc96c260e81b817f],
PUP.Optional.InstallBrain.A, C:\Windows\SysWOW64\WNLT\Installation\HSChromeRegSetup.exe, Quarantined, [5b1bd590324a2b0bdc96c260e81b817f],
PUP.Optional.InstallBrain.A, C:\Windows\SysWOW64\WNLT\Installation\NTSetup.exe, Quarantined, [5b1bd590324a2b0bdc96c260e81b817f],
PUP.Optional.InstallBrain.A, C:\Windows\SysWOW64\WNLT\Installation\SKSetup.exe, Quarantined, [5b1bd590324a2b0bdc96c260e81b817f],
PUP.Optional.InstallBrain.A, C:\Windows\SysWOW64\WNLT\Installation\SWDS.bin, Quarantined, [5b1bd590324a2b0bdc96c260e81b817f],
PUP.Optional.InstallBrain.A, C:\Windows\SysWOW64\WNLT\Installation\uninstaller.exe, Quarantined, [5b1bd590324a2b0bdc96c260e81b817f],
PUP.Optional.InstallBrain.A, C:\Windows\SysWOW64\WNLT\Installation\WSSetup.exe, Quarantined, [5b1bd590324a2b0bdc96c260e81b817f],
PUP.Optional.InstallBrain.A, C:\Windows\SysWOW64\WNLT\Installation\Uninstall\msvcp100.dll, Quarantined, [5b1bd590324a2b0bdc96c260e81b817f],
PUP.Optional.InstallBrain.A, C:\Windows\SysWOW64\WNLT\Installation\Uninstall\msvcr100.dll, Quarantined, [5b1bd590324a2b0bdc96c260e81b817f],
PUP.Optional.InstallBrain.A, C:\Windows\SysWOW64\WNLT\Installation\Uninstall\uninstaller.exe, Quarantined, [5b1bd590324a2b0bdc96c260e81b817f],
PUP.Optional.InstallBrain.A, C:\Windows\SysWOW64\WNLT\Installation\Uninstall\UninstallerLauncher.exe, Quarantined, [5b1bd590324a2b0bdc96c260e81b817f],
PUP.Optional.MindSpark.A, C:\Users\Ashlee\AppData\Roaming\Mozilla\Firefox\Profiles\xlv2ckr7.default\Allin1Convert_8h\3342751B-94CD-4615-A33C-5C5FF8B7C5F4.sqlite, Quarantined, [ee888cd99be13df91402dc4f7f841ae6],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, Quarantined, [5224115485f71026d397a695c73c629e],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe, Quarantined, [5224115485f71026d397a695c73c629e],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe, Quarantined, [5224115485f71026d397a695c73c629e],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe, Quarantined, [5224115485f71026d397a695c73c629e],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateHelper.msi, Quarantined, [5224115485f71026d397a695c73c629e],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe, Quarantined, [5224115485f71026d397a695c73c629e],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll, Quarantined, [5224115485f71026d397a695c73c629e],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll, Quarantined, [5224115485f71026d397a695c73c629e],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll, Quarantined, [5224115485f71026d397a695c73c629e],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll, Quarantined, [5224115485f71026d397a695c73c629e],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll, Quarantined, [5224115485f71026d397a695c73c629e],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashlee\AppData\Local\Temp\comh.259633\GoogleCrashHandler.exe, Quarantined, [7afc3a2b611b56e00e7860dbb44ff907],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashlee\AppData\Local\Temp\comh.259633\GoogleUpdate.exe, Quarantined, [7afc3a2b611b56e00e7860dbb44ff907],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashlee\AppData\Local\Temp\comh.259633\GoogleUpdateBroker.exe, Quarantined, [7afc3a2b611b56e00e7860dbb44ff907],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashlee\AppData\Local\Temp\comh.259633\GoogleUpdateHelper.msi, Quarantined, [7afc3a2b611b56e00e7860dbb44ff907],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashlee\AppData\Local\Temp\comh.259633\GoogleUpdateOnDemand.exe, Quarantined, [7afc3a2b611b56e00e7860dbb44ff907],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashlee\AppData\Local\Temp\comh.259633\goopdate.dll, Quarantined, [7afc3a2b611b56e00e7860dbb44ff907],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashlee\AppData\Local\Temp\comh.259633\goopdateres_en.dll, Quarantined, [7afc3a2b611b56e00e7860dbb44ff907],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashlee\AppData\Local\Temp\comh.259633\npGoogleUpdate4.dll, Quarantined, [7afc3a2b611b56e00e7860dbb44ff907],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashlee\AppData\Local\Temp\comh.259633\psmachine.dll, Quarantined, [7afc3a2b611b56e00e7860dbb44ff907],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashlee\AppData\Local\Temp\comh.259633\psuser.dll, Quarantined, [7afc3a2b611b56e00e7860dbb44ff907],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashlee\AppData\Local\Temp\comh.454448\GoogleCrashHandler.exe, Quarantined, [79fde4810577b3833c4a3a010af9c43c],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashlee\AppData\Local\Temp\comh.454448\GoogleUpdate.exe, Quarantined, [79fde4810577b3833c4a3a010af9c43c],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashlee\AppData\Local\Temp\comh.454448\GoogleUpdateBroker.exe, Quarantined, [79fde4810577b3833c4a3a010af9c43c],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashlee\AppData\Local\Temp\comh.454448\GoogleUpdateHelper.msi, Quarantined, [79fde4810577b3833c4a3a010af9c43c],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashlee\AppData\Local\Temp\comh.454448\GoogleUpdateOnDemand.exe, Quarantined, [79fde4810577b3833c4a3a010af9c43c],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashlee\AppData\Local\Temp\comh.454448\goopdate.dll, Quarantined, [79fde4810577b3833c4a3a010af9c43c],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashlee\AppData\Local\Temp\comh.454448\goopdateres_en.dll, Quarantined, [79fde4810577b3833c4a3a010af9c43c],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashlee\AppData\Local\Temp\comh.454448\npGoogleUpdate4.dll, Quarantined, [79fde4810577b3833c4a3a010af9c43c],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashlee\AppData\Local\Temp\comh.454448\psmachine.dll, Quarantined, [79fde4810577b3833c4a3a010af9c43c],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashlee\AppData\Local\Temp\comh.454448\psuser.dll, Quarantined, [79fde4810577b3833c4a3a010af9c43c],
PUP.Optional.GeForce.A, C:\Program Files (x86)\Ge-Force\61709476-a280-47b5-a735-d492ef19db8d.xpi, Quarantined, [f284c1a4f5876ec8b65984b821e2f808],
PUP.Optional.GeForce.A, C:\Program Files (x86)\Ge-Force\background.html, Quarantined, [f284c1a4f5876ec8b65984b821e2f808],
PUP.Optional.GeForce.A, C:\Program Files (x86)\Ge-Force\Ge-Force-buttonutil.dll, Quarantined, [f284c1a4f5876ec8b65984b821e2f808],
PUP.Optional.GeForce.A, C:\Program Files (x86)\Ge-Force\Ge-Force-buttonutil64.dll, Quarantined, [f284c1a4f5876ec8b65984b821e2f808],
PUP.Optional.GeForce.A, C:\Program Files (x86)\Ge-Force\Ge-Force.ico, Quarantined, [f284c1a4f5876ec8b65984b821e2f808],
PUP.Optional.GeForce.A, C:\Program Files (x86)\Ge-Force\Uninstall.exe, Quarantined, [f284c1a4f5876ec8b65984b821e2f808],
PUP.Optional.FindADeal.A, C:\Program Files (x86)\findAdeal\135.crx, Quarantined, [a1d5fa6bde9ef73fe44bac9fe41f9070],
PUP.Optional.FindADeal.A, C:\Program Files (x86)\findAdeal\135.xpi, Quarantined, [a1d5fa6bde9ef73fe44bac9fe41f9070],
PUP.Optional.FindADeal.A, C:\Program Files (x86)\findAdeal\crx.db, Quarantined, [a1d5fa6bde9ef73fe44bac9fe41f9070],
PUP.Optional.FindADeal.A, C:\Program Files (x86)\findAdeal\sqlite3.dll, Quarantined, [a1d5fa6bde9ef73fe44bac9fe41f9070],
PUP.Optional.FindADeal.A, C:\Program Files (x86)\findAdeal\xpi.db, Quarantined, [a1d5fa6bde9ef73fe44bac9fe41f9070],
PUP.Optional.SweetPacks.A, C:\Program Files (x86)\sweetpacks bundle uninstaller\uninstaller.exe, Quarantined, [4d29056086f62214192b024a38cb5ea2],
PUP.Optional.GamesDesktop.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP\GamesDesktop.lnk, Quarantined, [5d19ee774735c274aa9e81d14db6df21],
PUP.Optional.GamesDesktop.A, C:\Users\Ashlee\AppData\Local\gmsd_au_16\upgmsd_au_16.cyl, Quarantined, [0e68f471334963d37bce460c6f940ef2],
PUP.Optional.GamesDesktop.A, C:\Users\Ashlee\AppData\Local\gmsd_au_16\upgmsd_au_16.exe, Delete-on-Reboot, [0e68f471334963d37bce460c6f940ef2],
PUP.Optional.GamesDesktop.A, C:\Users\Ashlee\AppData\Local\gmsd_au_16\user_profil.cyp, Quarantined, [0e68f471334963d37bce460c6f940ef2],
PUP.Optional.GamesDesktop.A, C:\Users\Ashlee\AppData\Local\gmsd_au_16\gmsd_au_16\1.20\cnf.cyl, Quarantined, [0e68f471334963d37bce460c6f940ef2],
PUP.Optional.GamesDesktop.A, C:\Users\Ashlee\AppData\Local\gmsd_au_16\gmsd_au_16\1.20\eorezo.cyl, Quarantined, [0e68f471334963d37bce460c6f940ef2],
PUP.Optional.GamesDesktop.A, C:\Program Files (x86)\gmsd_au_16\gamesdesktop_widget.exe, Quarantined, [e78f1b4a3f3db2842f1bcc86699ab848],
PUP.Optional.GamesDesktop.A, C:\Program Files (x86)\gmsd_au_16\predm.exe, Quarantined, [e78f1b4a3f3db2842f1bcc86699ab848],
PUP.Optional.GamesDesktop.A, C:\Program Files (x86)\gmsd_au_16\qwert.txt, Quarantined, [e78f1b4a3f3db2842f1bcc86699ab848],
PUP.Optional.GamesDesktop.A, C:\Program Files (x86)\gmsd_au_16\qwert10.txt, Quarantined, [e78f1b4a3f3db2842f1bcc86699ab848],
PUP.Optional.GamesDesktop.A, C:\Program Files (x86)\gmsd_au_16\qwert4.txt, Quarantined, [e78f1b4a3f3db2842f1bcc86699ab848],
PUP.Optional.GamesDesktop.A, C:\Program Files (x86)\gmsd_au_16\qwert5.txt, Quarantined, [e78f1b4a3f3db2842f1bcc86699ab848],
PUP.Optional.GamesDesktop.A, C:\Program Files (x86)\gmsd_au_16\qwert6.txt, Quarantined, [e78f1b4a3f3db2842f1bcc86699ab848],
PUP.Optional.GamesDesktop.A, C:\Program Files (x86)\gmsd_au_16\qwert9.txt, Quarantined, [e78f1b4a3f3db2842f1bcc86699ab848],
PUP.Optional.GamesDesktop.A, C:\Program Files (x86)\gmsd_au_16\unins000.dat, Quarantined, [e78f1b4a3f3db2842f1bcc86699ab848],
PUP.Optional.GamesDesktop.A, C:\Program Files (x86)\gmsd_au_16\unins000.exe, Quarantined, [e78f1b4a3f3db2842f1bcc86699ab848],
PUP.Optional.GamesDesktop.A, C:\Program Files (x86)\gmsd_au_16\unins000.msg, Quarantined, [e78f1b4a3f3db2842f1bcc86699ab848],
PUP.Optional.CrossRider.A, C:\Users\Ashlee\AppData\Roaming\Mozilla\Firefox\Profiles\xlv2ckr7.default\prefs.js, Good: (), Bad: (user_pref("extensions.crossrider.bic", "14a6b58da64d1c0b1e0fbed6aabdc3e3");), Replaced,[9bdbf76e7a02c86e2cb2cae517ee11ef]
PUP.Optional.ASK.A, C:\Users\Ashlee\AppData\Roaming\Mozilla\Firefox\Profiles\xlv2ckr7.default\prefs.js, Good: (), Bad: (user_pref("browser.startup.homepage", "http://www.search.ask.com/?tpid=ORJ-ST-SPE&o=APN11464&pf=V7&trgb=FF&p2=Replaced,[65113d28b7c568ceae52e6ca5fa65ca4]EBEAReplaced,[65113d28b7c568ceae52e6ca5fa65ca4]EOSJ000Replaced,[65113d28b7c568ceae52e6ca5fa65ca4]EYYReplaced,[65113d28b7c568ceae52e6ca5fa65ca4]EAU&gct=hp&apn_ptnrs=BEA&apn_dtid=Replaced,[65113d28b7c568ceae52e6ca5fa65ca4]EOSJ000Replaced,[65113d28b7c568ceae52e6ca5fa65ca4]EYYReplaced,[65113d28b7c568ceae52e6ca5fa65ca4]EAU&apn_dbr=ff_33.1.0.5423&apn_uid=BFB7E147-6400-4191-970A-91C5A9BB64A8&itbv=12.21.0.115&doi=2014-11-28&psv=&pt=tb");), Replaced,[65113d28b7c568ceae52e6ca5fa65ca4]

Physical Sectors: 0
(No malicious items detected)


(end)

 

second scan

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 21/12/2014
Scan Time: 9:56:03 PM
Logfile:
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2014.12.21.02
Rootkit Database: v2014.12.14.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Ashlee

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 411855
Time Elapsed: 12 min, 32 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 2
PUP.Optional.CrossRider.A, C:\Users\Ashlee\AppData\Roaming\Mozilla\Firefox\Profiles\xlv2ckr7.default\prefs.js, Good: (), Bad: (user_pref("extensions.crossrider.bic", "14a6b58da64d1c0b1e0fbed6aabdc3e3");), Replaced,[d4a294d1dd9f7cba8b53961932d3d12f]
PUP.Optional.ASK.A, C:\Users\Ashlee\AppData\Roaming\Mozilla\Firefox\Profiles\xlv2ckr7.default\prefs.js, Good: (), Bad: (user_pref("browser.startup.homepage", "http://www.search.ask.com/?tpid=ORJ-ST-SPE&o=APN11464&pf=V7&trgb=FF&p2=Replaced,[e393a5c0b5c7f343c33de3cd50b5f010]EBEAReplaced,[e393a5c0b5c7f343c33de3cd50b5f010]EOSJ000Replaced,[e393a5c0b5c7f343c33de3cd50b5f010]EYYReplaced,[e393a5c0b5c7f343c33de3cd50b5f010]EAU&gct=hp&apn_ptnrs=BEA&apn_dtid=Replaced,[e393a5c0b5c7f343c33de3cd50b5f010]EOSJ000Replaced,[e393a5c0b5c7f343c33de3cd50b5f010]EYYReplaced,[e393a5c0b5c7f343c33de3cd50b5f010]EAU&apn_dbr=ff_33.1.0.5423&apn_uid=BFB7E147-6400-4191-970A-91C5A9BB64A8&itbv=12.21.0.115&doi=2014-11-28&psv=&pt=tb");), Replaced,[e393a5c0b5c7f343c33de3cd50b5f010]

Physical Sectors: 0
(No malicious items detected)


(end)

 

 

Ran System file Checker, Disk Check and Disk Cleanup  (lol, there was 31Gb in the recycle!)

 

Off to bed now, will check back tomorrow

Again,

Thank you

Norma

 

 

 

 

 Results of screen317's Security Check version 0.99.93  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
AVG AntiVirus Free Edition 2015   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
 AVG Web TuneUp   
 Pro PC Cleaner   
 Java 7 Update 71  
  Adobe Flash Player 15.0.0.246 Flash Player out of Date!  
 Mozilla Firefox (34.0.5)
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 AVG avgwdsvc.exe
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````



#4 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 21 December 2014 - 07:21 AM

Hello there,

:step1: Please uninstall some programs
 
There's currently some programs on your PC that we need to remove, for the time-being at least. Press the Windows + R key on your keyboard and type in appwiz.cpl and press enter. Navigate to each of the following below one-by-one and click uninstall:

  • Ask Toolbar
  • AVG Web TuneUp
  • AVG Security Toolbar
  • Java 7 Update 67
  • Java 7 Update 71
  • Pro PC Cleaner

If any programs listed above aren't in Programs and Features, you can just skip them. Please download JavaRa from here and once opened it, select 'remove JRE' (If that's not there, select remove Java Runtime). Make sure you skip the re-install Java option!

:step2: Please download rKill to your desktop

  • Double click it (Win 7, 8 and Vista users, right-click and select run as admin)
  • The tool will run and then a log file should open.
  • Please post the contents of it in your next reply.

Please don't restart your computer before running the next step.

:step3: Please download AdwCleaner to your desktop

  • Double click adwcleaner_x.xxx.exe. (Win 7, 8 and Vista users, right-click and select run as admin)
  • If prompted, click I agree.
  • Click scan. When it's finished, select clean.
  • Allow AdwCleaner to restart your computer.
  • Once your computer's restarted, a log should appear.
  • Please post this in your next reply.

:step4: Please download Junkware Removal Tool to your desktop

  • Double click JRT.exe. (Win 7, 8 and Vista users, right-click and select run as admin)
  • Press any key and the scan will begin.
  • At the end, a log will open. Please post this in your next reply.

:step5: Please visit the ESET Online Scanner webpage
:exclame: Internet Explorer MUST be used for this step.  :exclame:

  • Click the checkbox next to 'Yes, I accept the Terms of Use' and click start.
  • Select the checkboxes which are displayed in the picture below.

jqnp8z.png

  • Press start and the scan will now begin - this scan will take a long time.
  • When the scand finished, select list threats and then export.
  • Choose a name for the log (e.g ESET) and click save (to your desktop)
  • Press the back button and then click finish. Please include the contents of the log in your reply.


#5 Twinmum

Twinmum
  • Topic Starter

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:25 PM

Posted 22 December 2014 - 07:28 AM

lol, you were not kidding when you said the last one would take a long time.. I probably should have started this earlier tonight. Anyway, done now and time for bed again......

 

 

Rkill 2.6.9 by Lawrence Abrams (Grinler)

http://www.bleepingcomputer.com/

Copyright 2008-2014 BleepingComputer.com

More Information about Rkill can be found at this link:

 http://www.bleepingcomputer.com/forums/topic308364.html

 

Program started at: 12/22/2014 09:12:12 PM in x64 mode.

Windows Version: Windows 7 Home Premium Service Pack 1

 

Checking for Windows services to stop:

 

 * No malware services found to stop.

 

Checking for processes to terminate:

 

 * C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe (PID: 6752) [AU-HEUR]

 

1 proccess terminated!

 

Checking Registry for malware related settings:

 

 * No issues found in the Registry.

 

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

 

Performing miscellaneous checks:

 

 * Windows Defender Disabled

 

   [HKLM\SOFTWARE\Microsoft\Windows Defender]

   "DisableAntiSpyware" = dword:00000001

 

Checking Windows Service Integrity:

 

 * Windows Defender (WinDefend) is not Running.

   Startup Type set to: Manual

 

Searching for Missing Digital Signatures:

 

 * No issues found.

 

Checking HOSTS File:

 

 * No issues found.

 

Program finished at: 12/22/2014 09:13:52 PM

Execution time: 0 hours(s), 1 minute(s), and 39 seconds(s)

 

 

 

 

# AdwCleaner v4.106 - Report created 22/12/2014 at 21:17:23

# Updated 21/12/2014 by Xplode

# Database : 2014-12-21.4 [Live]

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : Ashlee - ASHLEE-PC

# Running from : C:\Users\Ashlee\Desktop\adwcleaner_4.106.exe

# Option : Clean

 

***** [ Services ] *****

 

[#] Service Deleted : vToolbarUpdater17.1.2

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\ProgramData\apn

Folder Deleted : C:\ProgramData\AVG Security Toolbar

Folder Deleted : C:\ProgramData\NCH Software

Folder Deleted : C:\ProgramData\Kromtech

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pro PC Cleaner

Folder Deleted : C:\Program Files (x86)\globalUpdate

Folder Deleted : C:\Program Files (x86)\NCH Software

Folder Deleted : C:\Windows\SysWOW64\ARFC

Folder Deleted : C:\Windows\SysWOW64\jmdp

Folder Deleted : C:\Windows\SysWOW64\WNLT

Folder Deleted : C:\Windows\System32\ljkb

Folder Deleted : C:\Users\Ashlee\AppData\Local\AVG Secure Search

Folder Deleted : C:\Users\Ashlee\AppData\Local\Bundled software uninstaller

Folder Deleted : C:\Users\Ashlee\AppData\Local\globalUpdate

Folder Deleted : C:\Users\Ashlee\AppData\Local\CrashRpt

Folder Deleted : C:\Users\Ashlee\AppData\Local\Kromtech

Folder Deleted : C:\Users\Ashlee\AppData\LocalLow\AVG Secure Search

Folder Deleted : C:\Users\Ashlee\AppData\Roaming\NCH Software

Folder Deleted : C:\Users\Ashlee\AppData\Roaming\Pro PC Cleaner

Folder Deleted : C:\Users\Public\Documents\ShopperPro

File Deleted : C:\Users\Ashlee\AppData\Local\Temp\Uninstall.exe

File Deleted : C:\Windows\System32\ImhxxpComm.dll

File Deleted : C:\Users\Ashlee\AppData\LocalLow\SkwConfig.bin

File Deleted : C:\Users\Ashlee\AppData\Roaming\Mozilla\Firefox\Profiles\xlv2ckr7.default\searchplugins\ask-search.xml

File Deleted : C:\Users\Ashlee\AppData\Roaming\Mozilla\Firefox\Profiles\xlv2ckr7.default\searchplugins\avg-secure-search.xml

File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml

File Deleted : C:\Users\Ashlee\AppData\Roaming\Mozilla\Firefox\Profiles\xlv2ckr7.default\searchplugins\SweetIM Search.xml

File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml

 

***** [ Scheduled Tasks ] *****

 

Task Deleted : SMupdate1

Task Deleted : SomotoUpdateCheckerAutoStart

Task Deleted : YTDownloader

Task Deleted : ProPCCleaner_Start

Task Deleted : ProPCCleaner_Popup

 

***** [ Shortcuts ] *****

 

Shortcut Disinfected : C:\Users\Ashlee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player\Uninstall.lnk

 

***** [ Registry ] *****

 

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0

Key Deleted : HKLM\SOFTWARE\Classes\S

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\GlobalUpdate

Key Deleted : HKCU\Software\IM

Key Deleted : HKCU\Software\ImInstaller

Key Deleted : HKCU\Software\InstalledBrowserExtensions

Key Deleted : HKCU\Software\SmartBar

Key Deleted : HKCU\Software\Tutorials

Key Deleted : HKCU\Software\Webplayer

Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar

Key Deleted : HKLM\SOFTWARE\Conduit

Key Deleted : HKLM\SOFTWARE\GlobalUpdate

Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions

Key Deleted : HKLM\SOFTWARE\Tutorials

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3060724-6AC7-4BEF-B516-4F6B1D90887D}

Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions

Key Deleted : [x64] HKLM\SOFTWARE\ShopperPro

Key Deleted : [x64] HKLM\SOFTWARE\YTDownloader

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v11.0.9600.17496

 

 

-\\ Mozilla Firefox v34.0.5 (x86 en-US)

 

[xlv2ckr7.default\prefs.js] - Line Deleted : user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"zoom-controls\",\"edit-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-but[...]

[xlv2ckr7.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.DockingPositionDown", false);

[xlv2ckr7.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.LastHiddenTime", 23085971);

[xlv2ckr7.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.SmartbarDisabled", true);

[xlv2ckr7.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);

[xlv2ckr7.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.Visibility", true);

[xlv2ckr7.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.countryiso", "au");

[xlv2ckr7.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.downloadprovider", "somoto");

[xlv2ckr7.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.installationid", "c3fc415b-f9c2-b171-ac96-9bb95775a7ac");

[xlv2ckr7.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.installdate", "23/11/2013");

[xlv2ckr7.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.publisher", "somoto");

[xlv2ckr7.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled", false);

[xlv2ckr7.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "");

[xlv2ckr7.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "allin1convert@mindspark.com");

[xlv2ckr7.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");

[xlv2ckr7.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");

[xlv2ckr7.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");

 

*************************

 

AdwCleaner[R0].txt - [10728 octets] - [22/12/2014 21:16:04]

AdwCleaner[S0].txt - [10710 octets] - [22/12/2014 21:17:23]

 

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10771 octets] ##########

 

 

 

 

 

-----------------------------------------------------------

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.4.0 (11.29.2014:1)

OS: Windows 7 Home Premium x64

Ran by Ashlee on Mon 22/12/2014 at 21:25:27.47

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

Successfully deleted: [Folder] "C:\Users\Ashlee\appdata\local\pro_pc_cleaner"

Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"

Successfully deleted: [Folder] "C:\Users\Ashlee\documents\propccleaner"

 

 

 

~~~ FireFox

 

Successfully deleted the following from C:\Users\Ashlee\AppData\Roaming\mozilla\firefox\profiles\xlv2ckr7.default\prefs.js

 

user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-

Emptied folder: C:\Users\Ashlee\AppData\Roaming\mozilla\firefox\profiles\xlv2ckr7.default\minidumps [209 files]

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Mon 22/12/2014 at 21:30:29.93

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

 

 

 

C:\Windows\SysWOW64\mjcm\dnkt.exe            a variant of Win32/Toolbar.Perion.H potentially unwanted application       

C:\Windows\SysWOW64\mjcm\5108\nsib.dll            a variant of Win32/Toolbar.Perion.H potentially unwanted application       

C:\Windows\SysWOW64\mjcm\5113\nsib.dll            a variant of Win32/Toolbar.Perion.H potentially unwanted application       

C:\Windows\SysWOW64\mjcm\5119\nsib.dll            a variant of Win32/Toolbar.Perion.H potentially unwanted application       

C:\Windows\SysWOW64\mjcm\5123\nsib.dll            a variant of Win32/Toolbar.Perion.H potentially unwanted application       

C:\Windows\SysWOW64\mjcm\5131\nsib.dll            a variant of Win32/Toolbar.Perion.H potentially unwanted application       

C:\Windows\SysWOW64\mjcm\5132\nsib.dll            a variant of Win32/Toolbar.Perion.H potentially unwanted application       

C:\Windows\SysWOW64\mjcm\5141\nsib.dll            a variant of Win32/Toolbar.Perion.H potentially unwanted application       

C:\Windows\SysWOW64\mjcm\5152\nsib.dll            a variant of Win32/Toolbar.Perion.H potentially unwanted application       

C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\Debut\debut.exe.vir            a variant of Win32/Toolbar.Conduit.H potentially unwanted application            deleted - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\Debut\debutsetup_v1.82.exe.vir            a variant of Win32/Toolbar.Conduit.H potentially unwanted application            deleted - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\ExpressZip\expresszip.exe.vir            a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application            deleted - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\ExpressZip\expresszipsetup_v2.28.exe.vir    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application            deleted - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\Prism\prism.exe.vir            a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application            deleted - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\Prism\prismsetup_v2.18.exe.vir            a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application            deleted - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\VideoPad\videopad.exe.vir    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application            deleted - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\VideoPad\videopadsetup_v3.14.exe.vir       a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application            deleted - quarantined

C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\jmdp\lmrn.dll.vir            a variant of Win32/Toolbar.Perion.H potentially unwanted application            deleted - quarantined

C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\jmdp\stij.exe.vir            a variant of Win32/Toolbar.Perion.H potentially unwanted application            deleted - quarantined

C:\Program Files\Common Files\System\SysMenu.dll            a variant of Win32/SBWatchman.D potentially unwanted application            deleted - quarantined

C:\Program Files\Common Files\System\SysMenu64.dll            a variant of Win32/SBWatchman.D potentially unwanted application            deleted - quarantined

C:\Users\Ashlee\AppData\Local\Temp\ICReinstall_nsfAD87.tmp       a variant of Win32/InstallCore.PK potentially unwanted application            deleted - quarantined

C:\Users\Ashlee\AppData\Local\Temp\ICReinstall_nswA992.tmp      a variant of Win32/InstallCore.OZ potentially unwanted application            deleted - quarantined

C:\Users\Ashlee\AppData\Local\Temp\nsfAD87.tmp a variant of Win32/InstallCore.PK potentially unwanted application            deleted - quarantined

C:\Users\Ashlee\AppData\Local\Temp\nswA992.tmp a variant of Win32/InstallCore.OZ potentially unwanted application            deleted - quarantined

C:\Users\Ashlee\AppData\Local\Temp\tu17p84.exe    a variant of Win32/SBWatchman.D potentially unwanted application            deleted - quarantined

C:\Users\Ashlee\AppData\Local\Temp\Install_15942\ins_shopperpro.exe            a variant of Win32/SpeedBit.D potentially unwanted application            deleted - quarantined

C:\Users\Ashlee\AppData\Local\Temp\Install_15942\ins_ytd.exe       a variant of Win32/SpeedBit.D potentially unwanted application            deleted - quarantined

C:\Users\Ashlee\AppData\Roaming\FRVOIK            JS/Toolbar.Crossrider.C potentially unwanted application            deleted - quarantined

C:\Users\Ashlee\AppData\Roaming\WF            JS/Toolbar.Crossrider.C potentially unwanted application            deleted - quarantined

C:\Windows\System32\mjcm\dnkt.exe a variant of Win32/Toolbar.Perion.H potentially unwanted application            deleted - quarantined

C:\Windows\System32\mjcm\5108\nsib.dll            a variant of Win32/Toolbar.Perion.H potentially unwanted application            deleted - quarantined

C:\Windows\System32\mjcm\5113\nsib.dll            a variant of Win32/Toolbar.Perion.H potentially unwanted application            deleted - quarantined

C:\Windows\System32\mjcm\5119\nsib.dll            a variant of Win32/Toolbar.Perion.H potentially unwanted application            deleted - quarantined

C:\Windows\System32\mjcm\5123\nsib.dll            a variant of Win32/Toolbar.Perion.H potentially unwanted application            deleted - quarantined

C:\Windows\System32\mjcm\5131\nsib.dll            a variant of Win32/Toolbar.Perion.H potentially unwanted application            deleted - quarantined

C:\Windows\System32\mjcm\5132\nsib.dll            a variant of Win32/Toolbar.Perion.H potentially unwanted application            deleted - quarantined

C:\Windows\System32\mjcm\5141\nsib.dll            a variant of Win32/Toolbar.Perion.H potentially unwanted application            deleted - quarantined

C:\Windows\System32\mjcm\5152\nsib.dll            a variant of Win32/Toolbar.Perion.H



#6 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 22 December 2014 - 07:53 AM

How is the PC now?



#7 Twinmum

Twinmum
  • Topic Starter

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Gender:Female

Posted 22 December 2014 - 03:54 PM

It was late when we finished the last lot of scans so I went straight to bed after, but I do know she wasn't getting the random pages opening for no reason. I'll check with her today to see how its running and let you know later.

Thanks again for your help

Norma



#8 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 22 December 2014 - 04:33 PM

Okay :thumbup2:



#9 Twinmum

Twinmum
  • Topic Starter

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:25 PM

Posted 22 December 2014 - 06:43 PM

Success. It seems that her computer is back to nomal and running fine.

 

Thank you LighthouseParty for helping us. Have a very merry Christmas

 

Norma



#10 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 22 December 2014 - 06:50 PM

Glad your issue is now resolved :)

For one last final step, please download Delfix from here and save it to your desktop. Right-click it and select run as administrator. Select the following and press run:

  • Remove disinfection tools
  • Purge system restore

To prevent infections in the future, I recommend you install the programs below:

As-well as that, please download the latest version of Flash Player from here. Remember to un-check the optional offers.

 

Have a merry Christmas and happy surfing!


Edited by LighthouseParty, 22 December 2014 - 06:51 PM.


#11 Twinmum

Twinmum
  • Topic Starter

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Gender:Female

Posted 23 December 2014 - 02:45 AM

Will do those last steps now thank you



#12 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 23 December 2014 - 05:04 AM

You're welcome :)






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users