Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

infected with Cryptowall 3 and whatever it opened doors too


  • This topic is locked This topic is locked
12 replies to this topic

#1 Jason6300

Jason6300

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:33 PM

Posted 22 April 2015 - 09:34 PM

Please help. I have had Cryptowall 3 on my vista computer at least 4 days.

of course no there are several things infected and encrypted now.

as well as the machine being very slow. 

I am not aware how it works so fear of moving files to back up has set in.

i know i will loose some files but all help is very appreciated.

 

frst.txt

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-04-2015 01
Ran by Jason (administrator) on JASON-LAPTOP on 22-04-2015 20:39:04
Running from C:\Users\Jason\Desktop\jan
Loaded Profiles: Jason (Available profiles: Jason)
Platform: Microsoft® Windows Vista™ Home Basic  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ALWIL Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Filipe Lourenço) C:\Program Files\BatteryCare\BatteryCare.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CartCrunch Israel Ltd.) C:\ProgramData\PicColor Utility\ColorMedia.exe
() C:\Program Files\SMINST\BLService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
() C:\Program Files\WebProtectorPlus\WebProtectorPlus.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
() C:\Users\Jason\AppData\Local\ospd_us_751\upospd_us_751.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CyberLink Corp.) C:\Program Files\HP\QuickPlay\QPService.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(ALWIL Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Power Software Ltd) C:\Users\Jason\Desktop\alex\PowerISO FULL 5.8 + Serials [ThumperDC]\PowerISO\PWRISOVM.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(BitTorrent, Inc.) C:\Users\Jason\Program Files\DNA\btdna.exe
() C:\Program Files\AeroSnap\AeroSnap.exe
(BitTorrent Inc.) C:\Users\Jason\AppData\Roaming\BitTorrent\BitTorrent.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Comfort Software Group) C:\Program Files\FreeCountdownTimer\FreeCountdownTimer.exe
(Microsoft Corporation) C:\Windows\System32\regsvr32.exe
(Microsoft Corporation) C:\Windows\System32\regsvr32.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Users\Jason\AppData\Roaming\sbbxbsc.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Glasstest) C:\Users\Jason\AppData\Local\Ordfics\tmp5B87.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
() C:\ProgramData\cd96e4ae2fbb46d9b627abb8e45312b8\cd96e4ae2fbb46d9b627abb8e45312b8.exe
(Microsoft Corporation) C:\Windows\System32\wercon.exe
(ALWIL Software) C:\Program Files\Alwil Software\Avast5\Setup\avast.setup
(Microsoft Corporation) C:\Windows\System32\RacAgent.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1049896 2008-04-17] (Synaptics, Inc.)
HKLM\...\Run: [QPService] => C:\Program Files\HP\QuickPlay\QPService.exe [468264 2008-09-23] (CyberLink Corp.)
HKLM\...\Run: [UpdateLBPShortCut] => C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM\...\Run: [UpdatePSTShortCut] => C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2008-10-06] (CyberLink Corp.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [202032 2008-08-01] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [UpdateP2GoShortCut] => C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM\...\Run: [UpdatePDIRShortCut] => C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM\...\Run: [HP Health Check Scheduler] => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75008 2008-10-09] (Hewlett-Packard)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM\...\Run: [hpWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752 2008-04-15] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [1501064 2009-05-21] (Microsoft Corporation)
HKLM\...\Run: [avast5] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2743104 2010-01-19] (ALWIL Software)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152544 2012-12-12] (Apple Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [PWRISOVM.EXE] => C:\Users\Jason\Desktop\alex\PowerISO FULL 5.8 + Serials [ThumperDC]\PowerISO\PWRISOVM.EXE [366904 2014-10-08] (Power Software Ltd)
HKLM\...\Run: [ospd_us_751] => [X]
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [yraje] => C:\Users\Jason\AppData\Local\yraje\yraje.exe [377944 2015-04-12] (RatePolygonal)
HKLM\...\RunOnce: [upospd_us_751.exe] => C:\Users\Jason\AppData\Local\ospd_us_751\upospd_us_751.exe [3307712 2015-01-23] ()
HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ATTENTION
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\Run: [BitTorrent DNA] => C:\Users\Jason\Program Files\DNA\btdna.exe [323392 2009-11-06] (BitTorrent, Inc.)
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\Run: [AeroSnap] => C:\Program Files\AeroSnap\AeroSnap.exe [886784 2008-12-06] ()
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\Run: [Hobbyist Software VLC Streamer] => "C:\Program Files\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe" /startup
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\Run: [BitTorrent] => C:\Users\Jason\AppData\Roaming\BitTorrent\BitTorrent.exe [1744472 2015-03-03] (BitTorrent Inc.)
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\Run: [GameHug Arcade] => C:\Users\Jason\AppData\Roaming\GameHugArcade\GameHug Arcade\GameHugArcade.exe /b
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\Run: [FreeCT] => C:\Program Files\FreeCountdownTimer\FreeCountdownTimer.exe [2432280 2014-02-25] (Comfort Software Group)
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\Run: [Ordfics] => C:\Users\Jason\AppData\Local\Ordfics\tmp5B87.exe [192512 2015-04-12] (Glasstest)
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\Run: [Ibjhsoft] => regsvr32.exe C:\Users\Jason\AppData\Local\Ibjhsoft\loader_u.dll <===== ATTENTION
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\Run: [YhfxPack] => C:\Windows\System32\regsvr32.exe C:\Users\Jason\AppData\Local\Ordfics\loader_u.dll
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\Run: [FlashPlayerUpdate] => C:\Users\Jason\AppData\Local\Macromedia\Flash Player\FlashPlayerUpdateService.exe [166912 2015-04-22] ()
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\Run: [audiodevv2] => C:\Users\Jason\Documents\audiodevv2.exe
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\Run: [msdedf] => C:\Users\Jason\AppData\Roaming\sbbxbsc.exe [483328 2015-04-21] ()
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\MountPoints2: F - F:\autorun.exe
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\MountPoints2: G - G:\autorun.exe
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\MountPoints2: {f09673b8-d912-11e1-a5f2-001f1670e2a0} - G:\LaunchU3.exe -a
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [879616 2008-01-20] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2015-01-25]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk [2015-01-17]
ShortcutTarget: CodecPackUpdateChecker.lnk -> C:\Windows\System32\C2MP\UpdateChecker.exe ()
Startup: C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameHugArcadeApp.lnk [2015-01-26]
ShortcutTarget: GameHugArcadeApp.lnk -> C:\Users\Jason\AppData\Roaming\GameHugArcade\GameHug Arcade\GameHugArcadeApp.exe (No File)
Startup: C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.HTML [2015-04-21] ()
Startup: C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.PNG.ecc [2015-04-21] ()
Startup: C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.TXT.ecc [2015-04-21] ()
InternetURL: C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.URL -> hxxp://7oqnsnzwwnm6zb7y.partypayonion.com/e5kQ9p
Startup: C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_RESTORE_FILES.txt [2015-04-22] ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
URLSearchHook: HKLM - Default Value = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D}
SearchScopes: HKLM -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKLM -> {7DC7C2A9-63BE-4EDF-99EF-028F49D65B85} URL = http://search.live.com/results.aspx?q={searchTerms}&FORM=HPNTDF
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000 -> {7DC7C2A9-63BE-4EDF-99EF-028F49D65B85} URL = http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}
SearchScopes: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000 -> {B5E44D46-B927-4BE9-A657-C5B22D06A5CB} URL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=ie8
SearchScopes: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000 -> {CF30714C-F446-4AFE-AFDF-64680C58C9F0} URL = http://www.ant.com/search?s=browser&q={searchTerms}
BHO: saveruabOX -> {66ecc486-5bf1-4288-9188-f19f46a6614f} -> C:\Program Files\saveruabOX\dRnZ80Y38lMYCs.dll [2015-03-26] ()
Toolbar: HKU\.DEFAULT -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} -  No File
Toolbar: HKU\.DEFAULT -> No Name - {2E924F4F-67F0-4BD8-9560-49F468E843D2} -  No File
Toolbar: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} -  No File
Toolbar: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000 -> No Name - {6CD56C02-CB4D-41B5-A0FE-B479061CCB41} -  No File
Toolbar: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-12-18] (Google Inc.)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2009-10-09] (Skype Technologies)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Winsock: Catalog9 01 C:\Windows\system32\ColorMedia.dll [324776 2015-01-24] (CartCrunch Israel Ltd.)
Winsock: Catalog9 02 C:\Windows\system32\ColorMedia.dll [324776 2015-01-24] (CartCrunch Israel Ltd.)
Winsock: Catalog9 03 C:\Windows\system32\ColorMedia.dll [324776 2015-01-24] (CartCrunch Israel Ltd.)
Winsock: Catalog9 04 C:\Windows\system32\ColorMedia.dll [324776 2015-01-24] (CartCrunch Israel Ltd.)
Winsock: Catalog9 16 C:\Windows\system32\ColorMedia.dll [324776 2015-01-24] (CartCrunch Israel Ltd.)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [2009-02-02] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1215155.dll [2014-12-02] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2012-10-31] ()
FF Plugin: @bittorrent.com/BitTorrentDNA -> C:\Program Files\DNA\plugins\npbtdna.dll [2009-05-31] (BitTorrent, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Windows\system32\npdeployJava1.dll [2015-01-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-01-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-01-08] (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll [2010-06-01] (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.4 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2009-06-09] (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-15] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin: BYOND -> C:\Program Files\BYOND\bin\npbyond.dll [2008-07-08] (BYOND)
FF Plugin HKU\S-1-5-21-1441847595-3396335443-3013822310-1000: @bittorrent.com/BitTorrentDNA -> C:\Users\Jason\Program Files\DNA\plugins\npbtdna.dll [2009-11-06] (BitTorrent, Inc.)
FF Extension: No Name - C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2012-09-10]
FF Extension: OneClickDownloader - C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\profiles\extensions\OneClickDownload@OneClickDownload.com [2012-08-01]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-05-03]
FF HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\Firefox\Extensions: [{d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}] - C:\Users\Jason\Program Files\DNA
FF Extension: DNA - C:\Users\Jason\Program Files\DNA [2009-06-01]
 
Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-25]
CHR Extension: (No Name) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-25]
CHR Extension: (No Name) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-25]
CHR Extension: (No Name) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-25]
CHR Extension: (No Name) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-25]
CHR Extension: (No Name) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-25]
CHR Extension: (No Name) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-25]
CHR Extension: (No Name) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2015-02-24]
CHR Extension: (No Name) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhmokalkpaiacdofbcddkogifepbaijk [2015-03-26]
CHR Extension: (No Name) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlpcbjmcojciinknchcafgalmphlpjjn [2015-03-06]
CHR Extension: (No Name) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpjmmnldeimboalmkeklmimiidigpdcp [2015-02-15]
CHR Extension: (No Name) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfecnpmgnlnbmipaogfhoacoioifjgko [2015-04-21]
CHR Extension: (No Name) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-25]
CHR Extension: (No Name) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifdfchgmkfglcccmkoofhbnmkdlbgag [2015-04-16]
CHR Extension: (No Name) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflmllfnnabikmfkkaddkoolinlfninn [2015-02-15]
CHR Extension: (No Name) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-25]
CHR HKLM\...\Chrome\Extension: [kfecnpmgnlnbmipaogfhoacoioifjgko] - http://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kfecnpmgnlnbmipaogfhoacoioifjgko] - http://clients2.google.com/service/update2/crx
 
Opera: 
=======
OPR Extension: (AdBlock) - C:\Users\Jason\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2015-01-08]
OPR Extension: (YouTube Downloader) - C:\Users\Jason\AppData\Roaming\Opera Software\Opera Stable\Extensions\kclijeogghhkmenkommbnjobhnndpfba [2015-01-17]
OPR Extension: (FastestTube - YouTube Video Downloader) - C:\Users\Jason\AppData\Roaming\Opera Software\Opera Stable\Extensions\phahnhbgfdhgobenebnjbgmacgpbfaag [2015-01-17]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 5c8a92f4; c:\Program Files\SystemAssister\SystemAssister.dll [1563136 2015-02-14] () [File not signed]
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [40384 2010-01-19] (ALWIL Software)
R3 avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [40384 2010-01-19] (ALWIL Software)
R3 avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [40384 2010-01-19] (ALWIL Software)
R2 ColorMedia; C:\ProgramData\PicColor Utility\ColorMedia.exe [1398304 2015-01-07] (CartCrunch Israel Ltd.) [File not signed]
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation)
R2 Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [365952 2008-10-06] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [241734 2008-09-15] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-20] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswFsBlk; C:\Windows\system32\Drivers\aswFsBlk.sys [19024 2010-01-19] (ALWIL Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [51792 2010-01-19] (ALWIL Software)
R1 aswRdr; C:\Windows\system32\Drivers\aswRdr.sys [23248 2010-01-19] (ALWIL Software)
R1 aswSP; C:\Windows\system32\Drivers\aswSP.sys [162640 2010-01-19] (ALWIL Software)
R1 aswTdi; C:\Windows\system32\Drivers\aswTdi.sys [46544 2010-01-19] (ALWIL Software)
R1 cmwd; C:\Windows\system32\Drivers\cmwd.sys [20096 2015-01-07] () [File not signed]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl.sys [18432 2010-04-19] (Apple Inc.) [File not signed]
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [570880 2007-12-14] (Ralink Technology Corp.)
S3 P1171VID; C:\Windows\System32\DRIVERS\P1171Vid.sys [91392 2004-03-19] (Creative Technology Ltd.)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [113904 2014-10-08] (Power Software Ltd)
R3 WinRing0_1_2_0; C:\Program Files\BatteryCare\WinRing0.sys [14416 2008-07-26] (OpenLibSys.org)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-20] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Jason\AppData\Local\Temp\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S1 MpKsl51d446e2; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C0A3756E-DFB4-413A-BA99-4D92230DAA5C}\MpKsl51d446e2.sys [X]
S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVENG.SYS [X]
S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVEX15.SYS [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S1 qilartzz; \??\C:\Windows\system32\drivers\qilartzz.sys [X]
S1 SRTSP; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SRTSP.SYS [X]
S1 SRTSPX; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SRTSPX.SYS [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-22 21:01 - 2015-04-22 21:01 - 00000000 ____D () C:\Users\Jason\AppData\Local\gmsd_us_479
2015-04-22 20:44 - 2015-04-22 20:44 - 00008624 _____ () C:\Users\Jason\HELP_DECRYPT.HTML
2015-04-22 20:44 - 2015-04-22 20:44 - 00004252 _____ () C:\Users\Jason\HELP_DECRYPT.TXT
2015-04-22 20:44 - 2015-04-22 20:44 - 00000292 _____ () C:\Users\Jason\HELP_DECRYPT.URL
2015-04-22 20:43 - 2015-04-22 20:43 - 00004252 _____ () C:\Users\Jason\AppData\HELP_DECRYPT.TXT
2015-04-22 20:42 - 2015-04-22 20:42 - 00004252 _____ () C:\ProgramData\HELP_DECRYPT.TXT
2015-04-22 20:29 - 2015-04-22 20:39 - 00000000 ____D () C:\FRST
2015-04-22 20:25 - 2015-04-22 20:25 - 00000714 _____ () C:\Windows\setupact.log
2015-04-22 20:25 - 2015-04-22 20:25 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-22 06:00 - 2015-04-22 06:25 - 00000000 ___SD () C:\ComboFix
2015-04-22 05:54 - 2015-04-22 05:54 - 00143520 _____ () C:\Windows\Minidump\Mini042215-01.dmp
2015-04-22 01:56 - 2015-04-22 01:56 - 00002960 _____ () C:\Users\Jason\AppData\HELP_RESTORE_FILES.txt
2015-04-22 01:56 - 2015-04-22 01:56 - 00002674 _____ () C:\Users\Jason\AppData\Roaming\HELP_RESTORE_FILES.txt
2015-04-22 01:55 - 2015-04-22 01:55 - 00002674 _____ () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HELP_RESTORE_FILES.txt
2015-04-22 01:55 - 2015-04-22 01:55 - 00002674 _____ () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\HELP_RESTORE_FILES.txt
2015-04-21 06:16 - 2015-04-22 20:45 - 00000292 _____ () C:\Users\Jason\Desktop\HELP_DECRYPT.URL
2015-04-21 06:16 - 2015-04-22 20:44 - 00008624 _____ () C:\Users\Jason\Desktop\HELP_DECRYPT.HTML
2015-04-21 06:15 - 2015-04-22 20:44 - 00004252 _____ () C:\Users\Jason\Desktop\HELP_DECRYPT.TXT
2015-04-21 06:07 - 2015-04-21 06:07 - 00008624 _____ () C:\Users\Public\HELP_DECRYPT.HTML
2015-04-21 06:07 - 2015-04-21 06:07 - 00008624 _____ () C:\Users\Public\Documents\HELP_DECRYPT.HTML
2015-04-21 06:07 - 2015-04-21 06:07 - 00004252 _____ () C:\Users\Public\HELP_DECRYPT.TXT
2015-04-21 06:07 - 2015-04-21 06:07 - 00004252 _____ () C:\Users\Public\Documents\HELP_DECRYPT.TXT
2015-04-21 06:07 - 2015-04-21 06:07 - 00000292 _____ () C:\Users\Public\HELP_DECRYPT.URL
2015-04-21 06:07 - 2015-04-21 06:07 - 00000292 _____ () C:\Users\Public\Documents\HELP_DECRYPT.URL
2015-04-21 04:22 - 2015-04-22 20:43 - 00008624 _____ () C:\Users\Jason\Documents\HELP_DECRYPT.HTML
2015-04-21 04:22 - 2015-04-22 20:43 - 00004252 _____ () C:\Users\Jason\Documents\HELP_DECRYPT.TXT
2015-04-21 04:22 - 2015-04-22 20:43 - 00000292 _____ () C:\Users\Jason\Documents\HELP_DECRYPT.URL
2015-04-21 04:22 - 2015-04-21 04:22 - 00008624 _____ () C:\Users\Jason\Downloads\HELP_DECRYPT.HTML
2015-04-21 04:22 - 2015-04-21 04:22 - 00004252 _____ () C:\Users\Jason\Downloads\HELP_DECRYPT.TXT
2015-04-21 04:22 - 2015-04-21 04:22 - 00000292 _____ () C:\Users\Jason\Downloads\HELP_DECRYPT.URL
2015-04-21 03:34 - 2015-04-22 00:03 - 00002674 _____ () C:\Users\Jason\AppData\Local\HELP_RESTORE_FILES.txt
2015-04-21 03:34 - 2015-04-21 23:34 - 00002674 _____ () C:\Users\Jason\AppData\Local\Apps\HELP_RESTORE_FILES.txt
2015-04-21 02:33 - 2015-04-22 21:01 - 00003824 _____ () C:\ProgramData\HELP_RESTORE_FILES.txt
2015-04-21 02:33 - 2015-04-22 21:01 - 00002960 _____ () C:\Users\Public\Documents\HELP_RESTORE_FILES.txt
2015-04-21 02:16 - 2015-04-22 20:31 - 00000512 _____ () C:\Users\Jason\Documents\RECOVERY_KEY.TXT
2015-04-21 02:16 - 2015-04-22 04:20 - 11207038 _____ () C:\Users\Jason\AppData\Roaming\log.html
2015-04-21 02:16 - 2015-04-21 02:32 - 00000752 _____ () C:\Users\Jason\AppData\Roaming\key.dat
2015-04-21 02:16 - 2015-04-21 02:15 - 00483328 _____ () C:\Users\Jason\AppData\Roaming\sbbxbsc.exe
2015-04-21 01:32 - 2015-04-22 20:43 - 00008624 _____ () C:\Users\Jason\AppData\HELP_DECRYPT.HTML
2015-04-21 01:32 - 2015-04-22 20:43 - 00000292 _____ () C:\Users\Jason\AppData\HELP_DECRYPT.URL
2015-04-21 01:32 - 2015-04-22 01:54 - 00045572 _____ () C:\Users\Jason\AppData\Roaming\HELP_DECRYPT.PNG.ecc
2015-04-21 01:32 - 2015-04-22 01:54 - 00004276 _____ () C:\Users\Jason\AppData\Roaming\HELP_DECRYPT.TXT.ecc
2015-04-21 01:32 - 2015-04-21 03:25 - 00045572 _____ () C:\Users\Jason\AppData\HELP_DECRYPT.PNG.ecc
2015-04-21 01:32 - 2015-04-21 03:25 - 00004276 _____ () C:\Users\Jason\AppData\HELP_DECRYPT.TXT.ecc
2015-04-21 01:32 - 2015-04-21 01:32 - 00008624 _____ () C:\Users\Jason\AppData\Roaming\HELP_DECRYPT.HTML
2015-04-21 01:32 - 2015-04-21 01:32 - 00000292 _____ () C:\Users\Jason\AppData\Roaming\HELP_DECRYPT.URL
2015-04-21 01:09 - 2015-04-21 03:38 - 00045572 _____ () C:\Users\Jason\AppData\Local\HELP_DECRYPT.PNG.ecc
2015-04-21 01:09 - 2015-04-21 03:38 - 00004276 _____ () C:\Users\Jason\AppData\Local\HELP_DECRYPT.TXT.ecc
2015-04-21 01:09 - 2015-04-21 01:09 - 00008624 _____ () C:\Users\Jason\AppData\Local\HELP_DECRYPT.HTML
2015-04-21 01:09 - 2015-04-21 01:09 - 00000292 _____ () C:\Users\Jason\AppData\Local\HELP_DECRYPT.URL
2015-04-21 01:01 - 2015-04-21 03:34 - 00045572 _____ () C:\Users\Jason\AppData\Local\Apps\HELP_DECRYPT.PNG.ecc
2015-04-21 01:01 - 2015-04-21 03:34 - 00004276 _____ () C:\Users\Jason\AppData\Local\Apps\HELP_DECRYPT.TXT.ecc
2015-04-21 01:01 - 2015-04-21 01:01 - 00008624 _____ () C:\Users\Jason\AppData\Local\Apps\HELP_DECRYPT.HTML
2015-04-21 01:01 - 2015-04-21 01:01 - 00000292 _____ () C:\Users\Jason\AppData\Local\Apps\HELP_DECRYPT.URL
2015-04-21 00:45 - 2015-04-22 20:42 - 00008624 _____ () C:\ProgramData\HELP_DECRYPT.HTML
2015-04-21 00:45 - 2015-04-22 20:42 - 00000292 _____ () C:\ProgramData\HELP_DECRYPT.URL
2015-04-21 00:45 - 2015-04-21 17:46 - 00045652 _____ () C:\ProgramData\HELP_DECRYPT.PNG.ecc
2015-04-21 00:45 - 2015-04-21 17:46 - 00004308 _____ () C:\ProgramData\HELP_DECRYPT.TXT.ecc
2015-04-21 00:34 - 2015-04-22 20:45 - 00000000 ___HD () C:\6156cf8e
2015-04-21 00:24 - 2015-04-21 03:38 - 00000000 ____D () C:\Users\Jason\AppData\Local\Macromedia
2015-04-21 00:23 - 2015-04-22 20:25 - 00000000 ___HD () C:\ProgramData\{49A0BAC7-3326-4433-9373-4AA8793ABB5C}
2015-04-20 18:19 - 2015-04-20 18:20 - 34404626 _____ () C:\Users\Jason\Downloads\torbrowser-install-4.0.8_en-US.exe
2015-04-19 19:52 - 2015-04-19 19:53 - 00000000 ____D () C:\Program Files\BYOND
2015-04-19 19:52 - 2015-04-19 19:52 - 00001485 _____ () C:\Users\Public\Desktop\BYOND.lnk
2015-04-19 19:33 - 2015-04-19 19:34 - 00143520 _____ () C:\Windows\Minidump\Mini041915-01.dmp
2015-04-17 20:45 - 1999-12-17 09:13 - 00086016 _____ (MindVision Software) C:\Windows\unvise32.exe
2015-04-17 20:44 - 2015-04-17 20:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eternal damnation
2015-04-17 20:44 - 2015-04-17 20:44 - 00001180 _____ () C:\Users\Jason\Desktop\Shortcut to EternalDamnation.exe.lnk
2015-04-16 03:45 - 2015-04-16 03:45 - 00001043 _____ () C:\Users\Jason\Desktop\AWP.exe - Shortcut.lnk
2015-04-16 01:29 - 2015-04-16 01:29 - 00001991 _____ () C:\Users\Public\Desktop\Postal 2 Apocalypse Weekend Expansion Pack.lnk
2015-04-16 01:29 - 2015-04-16 01:29 - 00001811 _____ () C:\Users\Public\Desktop\Postal 2 Share The Pain.lnk
2015-04-16 01:29 - 2015-04-16 01:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-04-16 01:24 - 2015-04-16 01:24 - 00000000 ____D () C:\Program Files\GOG.com
2015-04-15 21:04 - 2015-04-21 04:25 - 00000000 ____D () C:\Users\Jason\AppData\Local\Prompt Downloader
2015-04-15 20:35 - 2015-04-22 21:01 - 00000177 _____ () C:\Windows\system32\SetupComponents.exe
2015-04-14 14:39 - 2015-04-14 14:40 - 00000000 ____D () C:\Program Files\WebProtector
2015-04-14 14:39 - 2015-04-14 14:39 - 00000000 __RSH () C:\MSDOS.SYS
2015-04-14 14:39 - 2015-04-14 14:39 - 00000000 __RSH () C:\IO.SYS
2015-04-14 14:39 - 2015-04-14 14:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Web Protector Plus
2015-04-14 14:39 - 2015-04-14 14:39 - 00000000 ____D () C:\Program Files\WebProtectorPlus
2015-04-12 12:35 - 2015-04-21 04:25 - 00000000 ____D () C:\Users\Jason\AppData\Local\Ordfics
2015-04-12 12:35 - 2015-04-21 03:38 - 00000000 ____D () C:\Users\Jason\AppData\Local\Ibjhsoft
2015-04-12 11:36 - 2015-04-21 04:58 - 00000000 ____D () C:\Users\Jason\AppData\Local\yraje
2015-04-10 17:06 - 2015-04-10 17:07 - 00873634 _____ () C:\Users\Jason\Documents\savegame.dat
2015-04-10 03:05 - 2015-04-10 03:05 - 00000884 _____ () C:\Users\Jason\Desktop\Free Countdown Timer.lnk
2015-04-10 03:05 - 2015-04-10 03:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Countdown Timer
2015-04-10 03:04 - 2015-04-10 03:05 - 00000000 ____D () C:\Program Files\FreeCountdownTimer
2015-04-07 16:35 - 2015-04-07 16:35 - 00000000 ____D () C:\Windows\MRLH
2015-04-04 12:48 - 2015-04-21 04:58 - 00000000 ____D () C:\Users\Jason\AppData\Local\_
2015-04-04 12:31 - 2015-04-21 04:25 - 00000000 ____D () C:\Users\Jason\AppData\Local\NBTExplorer
2015-04-01 21:07 - 2015-04-01 21:07 - 00001598 _____ () C:\Users\Jason\Desktop\oPryzeLP Mod Tool.lnk
2015-03-30 06:50 - 2015-03-30 06:51 - 00143520 _____ () C:\Windows\Minidump\Mini033015-01.dmp
2015-03-29 20:29 - 2015-04-21 04:21 - 00000000 ____D () C:\Users\Jason\Documents\MC360NBT
2015-03-29 20:29 - 2015-04-21 03:38 - 00000000 __SHD () C:\Users\Jason\AppData\Local\icsxml
2015-03-29 20:29 - 2015-04-21 02:33 - 00000000 __SHD () C:\ProgramData\icsxml
2015-03-29 20:29 - 2015-04-21 02:33 - 00000000 __SHD () C:\ProgramData\DIBsection
2015-03-26 23:30 - 2015-04-22 01:55 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-03-26 23:30 - 2015-03-26 23:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-03-26 19:16 - 2015-03-29 02:27 - 00000000 ____D () C:\Program Files\saveruabOX
2015-03-26 19:16 - 2015-03-29 02:27 - 00000000 ____D () C:\Program Files\Bookmark Search
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-22 21:02 - 2009-05-31 22:03 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\BitTorrent
2015-04-22 21:00 - 2009-05-31 22:02 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\DNA
2015-04-22 20:58 - 2009-07-05 20:14 - 00000422 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{A2278271-91F5-45C0-91F4-37B192C68C51}.job
2015-04-22 20:44 - 2009-05-03 21:21 - 00000000 ____D () C:\Users\Jason
2015-04-22 20:43 - 2013-07-08 23:37 - 00000000 ____D () C:\Users\Jason\.android
2015-04-22 20:43 - 2011-11-05 15:12 - 00000000 ____D () C:\Users\Jason\Calibre Library
2015-04-22 20:43 - 2011-06-12 21:20 - 00000000 ____D () C:\Users\Jason\.oanda
2015-04-22 20:43 - 2011-01-31 13:36 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Yahoo!
2015-04-22 20:43 - 2011-01-31 13:36 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Yahoo!
2015-04-22 20:39 - 2015-01-25 02:51 - 00000000 ____D () C:\Users\Jason\Desktop\jan
2015-04-22 20:38 - 2009-03-09 09:48 - 01097228 _____ () C:\Windows\WindowsUpdate.log
2015-04-22 20:36 - 2012-04-26 00:24 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-22 20:33 - 2006-11-02 05:33 - 00006528 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-22 20:29 - 2015-01-24 21:37 - 00000000 ____D () C:\Users\Jason\AppData\Local\ospd_us_751
2015-04-22 20:27 - 2009-03-09 10:20 - 00000284 _____ () C:\ProgramData\hpqp.ini
2015-04-22 20:27 - 2006-11-02 07:45 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-22 20:27 - 2006-11-02 07:45 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-22 20:24 - 2012-09-14 19:42 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-22 20:23 - 2006-11-02 07:58 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-22 10:01 - 2009-11-19 02:46 - 00001356 _____ () C:\Users\Jason\AppData\Local\d3d9caps.dat
2015-04-22 06:27 - 2015-01-24 21:35 - 00000000 ____D () C:\ProgramData\PicColor Utility
2015-04-22 06:27 - 2015-01-24 21:35 - 00000000 ____D () C:\ProgramData\cd96e4ae2fbb46d9b627abb8e45312b8
2015-04-22 06:24 - 2015-01-25 02:56 - 00000000 ____D () C:\AdwCleaner
2015-04-22 06:23 - 2015-01-08 08:48 - 00000892 _____ () C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-04-22 06:19 - 2012-05-02 00:12 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\BatteryCare
2015-04-22 06:15 - 2015-01-25 07:00 - 00015000 _____ () C:\Windows\PFRO.log
2015-04-22 05:54 - 2009-12-03 09:49 - 00000000 ____D () C:\Windows\Minidump
2015-04-22 05:53 - 2015-02-14 00:27 - 225880604 _____ () C:\Windows\MEMORY.DMP
2015-04-22 05:49 - 2010-10-17 20:18 - 00000000 ____D () C:\Users\Jason\Desktop\Expo 7
2015-04-22 05:03 - 2012-09-14 19:42 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-22 03:28 - 2011-07-19 01:33 - 12919188 _____ () C:\Users\Jason\Desktop\Document.rtf.ecc
2015-04-22 03:28 - 2011-04-04 23:47 - 00380020 _____ () C:\Users\Jason\Desktop\dibs1.pdf.ecc
2015-04-22 03:28 - 2011-04-04 23:47 - 00243012 _____ () C:\Users\Jason\Desktop\dibs2.pdf.ecc
2015-04-22 03:28 - 2010-11-09 21:49 - 00000000 ____D () C:\Users\Jason\Desktop\charpics
2015-04-22 03:08 - 2015-01-08 00:14 - 00000000 ____D () C:\Users\Jason\Desktop\alex
2015-04-22 03:08 - 2012-07-23 00:47 - 00000000 ____D () C:\Users\Jason\Desktop\backups
2015-04-22 03:08 - 2011-11-06 17:29 - 00264932 _____ () C:\Users\Jason\Desktop\Blackmart Alpha 0.49_b93.apk.ecc
2015-04-22 03:08 - 2010-04-14 20:13 - 00000468 _____ () C:\Users\Jason\Desktop\Capital Gains 2010 Carry forward to 2011.txt.ecc
2015-04-22 01:56 - 2015-01-17 23:09 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Tomabo
2015-04-22 01:56 - 2012-08-01 22:45 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\WinRAR
2015-04-22 01:56 - 2012-07-10 12:02 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Yahoo!
2015-04-22 01:56 - 2011-11-07 20:44 - 02997380 _____ () C:\Users\Jason\Desktop\Aimtrak.zip.ecc
2015-04-22 01:56 - 2011-06-12 02:44 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\TorrentEasy
2015-04-22 01:56 - 2011-04-19 00:27 - 00014756 _____ () C:\Users\Jason\Desktop\20235_1303167412432_1027886554_936517_1694363_n.jpg.ecc
2015-04-22 01:56 - 2011-04-04 01:49 - 00038564 _____ () C:\Users\Jason\Desktop\11-15first.ods.ecc
2015-04-22 01:56 - 2010-12-19 14:09 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\WindSolutions
2015-04-22 01:56 - 2010-11-15 01:55 - 00038548 _____ () C:\Users\Jason\Desktop\11-15midnight-8690.ods.ecc
2015-04-22 01:56 - 2010-10-29 15:09 - 00000132 ____H () C:\Users\Jason\Desktop\.~lock.Resume Indiana.doc#.ecc
2015-04-22 01:56 - 2010-10-11 00:53 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\ViGlance
2015-04-22 01:56 - 2010-08-23 00:58 - 00034132 _____ () C:\Users\Jason\Desktop\08-23midnight-1383.ods.ecc
2015-04-22 01:56 - 2010-08-03 00:37 - 00037620 _____ () C:\Users\Jason\Desktop\08-03midnight-1868.ods.ecc
2015-04-22 01:56 - 2010-05-04 01:11 - 00055044 _____ () C:\Users\Jason\Desktop\2009_Federal_Return.pdf.ecc
2015-04-22 01:56 - 2010-02-07 13:35 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\vlc
2015-04-22 01:56 - 2009-11-08 13:33 - 00031588 _____ () C:\Users\Jason\Desktop\2008_Indiana_Return.pdf.ecc
2015-04-22 01:56 - 2009-11-08 13:30 - 00038596 _____ () C:\Users\Jason\Desktop\2008_Federal_Return.pdf.ecc
2015-04-22 01:56 - 2009-07-30 20:43 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Vso
2015-04-22 01:56 - 2009-05-08 06:17 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\WildTangent
2015-04-22 01:56 - 2009-05-04 00:15 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\U3
2015-04-22 01:55 - 2015-03-10 05:50 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2015-04-22 01:55 - 2015-03-04 19:08 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Little Inferno 1.00
2015-04-22 01:55 - 2015-02-01 13:21 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\New Version Available
2015-04-22 01:55 - 2015-01-30 00:40 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASPackage
2015-04-22 01:55 - 2015-01-27 20:22 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft Games
2015-04-22 01:55 - 2015-01-26 06:42 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameHug Arcade
2015-04-22 01:55 - 2015-01-24 14:34 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
2015-04-22 01:55 - 2015-01-17 12:13 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Pinger Inc
2015-04-22 01:55 - 2015-01-16 18:19 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\PowerISO
2015-04-22 01:55 - 2015-01-12 20:37 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Notepad++
2015-04-22 01:55 - 2015-01-12 20:37 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-04-22 01:55 - 2015-01-12 20:28 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\PixelPiracy
2015-04-22 01:55 - 2015-01-10 21:25 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\NevoSoft Games
2015-04-22 01:55 - 2015-01-10 11:29 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual Villagers
2015-04-22 01:55 - 2015-01-10 11:29 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-04-22 01:55 - 2015-01-08 08:42 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Opera Software
2015-04-22 01:55 - 2015-01-08 00:21 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\oPryzeLP MC360 Mod Tool
2015-04-22 01:55 - 2012-11-04 15:58 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Black Shades
2015-04-22 01:55 - 2012-08-27 23:06 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell Inc
2015-04-22 01:55 - 2012-07-28 20:55 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Party Buffalo Drive Explorer
2015-04-22 01:55 - 2012-07-28 19:30 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Mozilla
2015-04-22 01:55 - 2012-04-21 21:22 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\redsn0w
2015-04-22 01:55 - 2010-12-19 14:09 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Suite
2015-04-22 01:55 - 2010-06-28 22:08 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Template
2015-04-22 01:55 - 2010-01-22 00:31 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\SharePod
2015-04-22 01:55 - 2010-01-07 04:17 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\RemoteHelper
2015-04-22 01:55 - 2010-01-07 04:17 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Remote Jr
2015-04-22 01:55 - 2009-12-31 00:02 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\MoveFab
2015-04-22 01:55 - 2009-12-29 23:36 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-04-22 01:55 - 2009-12-01 23:20 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\skypePM
2015-04-22 01:55 - 2009-12-01 23:11 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Skype
2015-04-22 01:55 - 2009-11-19 02:17 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Orbit
2015-04-22 01:55 - 2009-10-22 18:30 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\RipIt4Me
2015-04-22 01:55 - 2009-06-15 23:25 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\SpinTop Games
2015-04-22 01:55 - 2009-06-08 00:05 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\OpenOffice.org
2015-04-22 01:55 - 2009-05-31 21:59 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\SpinTop
2015-04-22 01:55 - 2009-05-03 21:21 - 00000000 ___RD () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-04-22 01:55 - 2009-05-03 21:21 - 00000000 ___RD () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-22 01:55 - 2009-05-03 21:21 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2015-04-22 01:54 - 2015-03-04 19:10 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Little Inferno
2015-04-22 01:54 - 2015-02-01 13:21 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Free Video Joiner
2015-04-22 01:54 - 2015-02-01 13:18 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Audacity
2015-04-22 01:54 - 2015-01-30 00:40 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\ASPackage
2015-04-22 01:54 - 2015-01-24 12:29 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\DubStepPiano
2015-04-22 01:54 - 2015-01-08 00:56 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Easy2Convert
2015-04-22 01:54 - 2012-09-10 01:52 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\DVDVideoSoft
2015-04-22 01:54 - 2011-11-05 20:04 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Dropbox
2015-04-22 01:54 - 2011-11-05 15:11 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\calibre
2015-04-22 01:54 - 2011-10-29 20:19 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Google
2015-04-22 01:54 - 2011-06-19 16:19 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\DVD Flick
2015-04-22 01:54 - 2011-04-16 20:31 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Download Manager
2015-04-22 01:54 - 2010-12-25 23:02 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Hobbyist Software
2015-04-22 01:54 - 2010-01-24 20:57 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\AVS4YOU
2015-04-22 01:54 - 2010-01-24 02:37 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\DiskAid
2015-04-22 01:54 - 2010-01-07 01:31 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\GTek
2015-04-22 01:54 - 2009-12-29 21:25 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\dvdcss
2015-04-22 01:54 - 2009-11-19 01:51 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\FDRLab
2015-04-22 01:54 - 2009-11-15 00:51 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\HandBrake
2015-04-22 01:54 - 2009-11-14 19:02 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Apple Computer
2015-04-22 01:54 - 2009-07-30 20:07 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\DVDFab
2015-04-22 01:54 - 2009-06-08 19:59 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\FloodLightGames
2015-04-22 01:54 - 2009-05-27 08:14 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\CyberLink
2015-04-22 01:54 - 2009-05-03 21:35 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Macromedia
2015-04-22 01:54 - 2009-05-03 21:30 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Hewlett-Packard
2015-04-22 01:54 - 2009-05-03 21:23 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\HP TCS
2015-04-21 19:40 - 2009-07-26 15:50 - 00000012 _____ () C:\Windows\bthservsdp.dat
2015-04-21 19:40 - 2006-11-02 07:58 - 00032626 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-21 17:42 - 2015-02-22 12:35 - 00000020 _____ () C:\Users\Jason\AppData\Roaming\appdataFr3.bin
2015-04-21 06:15 - 1999-03-30 13:17 - 00000000 ___HD () C:\System.sav
2015-04-21 06:08 - 2008-10-23 00:34 - 00000000 ___HD () C:\HP
2015-04-21 06:07 - 2011-04-22 01:19 - 00000000 ____D () C:\Users\Jason\{76478521-61e1-4f7a-afcd-e31437989e75}
2015-04-21 06:07 - 2006-11-02 06:18 - 00000000 ___RD () C:\Users\Public
2015-04-21 05:29 - 2010-01-11 02:01 - 00000000 ____D () C:\Users\Jason\Desktop\Trade office docs
2015-04-21 05:09 - 2015-02-22 12:36 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\ACD Systems
2015-04-21 05:09 - 2012-08-01 22:34 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\.minecraft
2015-04-21 05:09 - 2010-10-11 00:52 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\AeroSnapApp
2015-04-21 05:09 - 2010-04-05 03:10 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Antcom ToolBar
2015-04-21 05:09 - 2009-05-03 21:35 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Adobe
2015-04-21 04:58 - 2012-07-29 16:16 - 00000000 ____D () C:\Users\Jason\AppData\Local\XboxMB
2015-04-21 04:58 - 2012-07-29 16:15 - 00000000 ____D () C:\Users\Jason\AppData\Local\Xenocode
2015-04-21 04:58 - 2011-04-16 20:41 - 00000000 ____D () C:\Users\Jason\AppData\Local\{73DF8C24-FEEC-41AF-B020-3FABC7890954}
2015-04-21 04:58 - 2009-09-26 16:41 - 00000000 ____D () C:\Users\Jason\AppData\Local\Yahoo
2015-04-21 04:58 - 2009-05-03 21:29 - 00000000 ____D () C:\Users\Jason\AppData\Local\VirtualStore
2015-04-21 04:29 - 2011-11-05 20:13 - 00000000 ___RD () C:\Users\Jason\Dropbox
2015-04-21 04:25 - 2015-01-17 12:16 - 00000000 ____D () C:\Users\Jason\AppData\Local\pinger.com
2015-04-21 04:25 - 2015-01-08 08:42 - 00000000 ____D () C:\Users\Jason\AppData\Local\Opera Software
2015-04-21 04:25 - 2014-08-12 02:20 - 00000000 ____D () C:\Users\Jason\AppData\Local\Microsoft Corporation
2015-04-21 04:25 - 2012-07-28 20:16 - 00000000 ____D () C:\Users\Jason\AppData\Local\Revolt
2015-04-21 04:25 - 2012-04-17 22:42 - 00000000 ____D () C:\Users\Jason\AppData\Local\msGLnet
2015-04-21 04:25 - 2010-02-01 20:43 - 00000000 ____D () C:\Users\Jason\AppData\Local\PokerStars
2015-04-21 04:25 - 2009-11-14 01:01 - 00000000 ____D () C:\Users\Jason\AppData\Local\Microsoft Help
2015-04-21 04:25 - 2009-06-17 09:42 - 00000000 ____D () C:\Users\Jason\AppData\Local\Oberon Games
2015-04-21 04:25 - 2009-05-30 18:35 - 00000000 ____D () C:\Users\Jason\AppData\Local\SpreadsheetTools
2015-04-21 04:25 - 2009-05-27 08:14 - 00000000 ____D () C:\Users\Jason\AppData\Local\QuickPlay
2015-04-21 04:25 - 2009-05-08 06:09 - 00000000 ____D () C:\Users\Jason\AppData\Local\Microsoft Games
2015-04-21 04:22 - 2015-01-24 14:34 - 00000000 ____D () C:\Users\Jason\Documents\VirtualDJ
2015-04-21 04:21 - 2015-01-31 13:41 - 00000000 ____D () C:\Users\Jason\Documents\LDW
2015-04-21 04:21 - 2015-01-17 10:54 - 00000000 ____D () C:\Users\Jason\Documents\My Games
2015-04-21 04:21 - 2015-01-08 10:10 - 00000000 ____D () C:\Users\Jason\Documents\MCEdit
2015-04-21 04:21 - 2012-01-28 19:44 - 00000000 ____D () C:\Users\Jason\Documents\dvd
2015-04-21 04:21 - 2011-10-02 15:46 - 00000000 ____D () C:\Users\Jason\Documents\BYOND
2015-04-21 04:21 - 2011-04-23 16:02 - 00000000 ____D () C:\Users\Jason\Desktop\X
2015-04-21 04:21 - 2010-03-12 03:37 - 00000000 ___SD () C:\Users\Jason\Documents\My DocsToGo
2015-04-21 04:20 - 2011-11-09 22:19 - 00000000 ____D () C:\Users\Jason\Desktop\win32diskimager-RELEASE-0.3-r27-binary
2015-04-21 04:17 - 2009-11-21 16:07 - 00000000 ____D () C:\Users\Jason\Desktop\Nov09 London Squeeze Seminar Disk
2015-04-21 04:03 - 2011-11-10 03:16 - 00000000 ____D () C:\Users\Jason\Desktop\nook image
2015-04-21 04:02 - 2012-03-07 23:40 - 00000000 ____D () C:\Users\Jason\Desktop\Infiniteyield Newstrading
2015-04-21 04:02 - 2010-03-07 20:46 - 00000000 ____D () C:\Users\Jason\Desktop\Expo5
2015-04-21 03:39 - 2010-03-07 20:27 - 00000000 ____D () C:\Users\Jason\Desktop\Expo4
2015-04-21 03:38 - 2011-04-16 20:42 - 00000000 ___SD () C:\Users\Jason\AppData\Local\Memeo
2015-04-21 03:38 - 2010-12-25 23:03 - 00000000 ____D () C:\Users\Jason\AppData\Local\Hobbyist_Software
2015-04-21 03:38 - 2010-12-19 13:51 - 00000000 ____D () C:\Users\Jason\AppData\Local\MediaMonkey
2015-04-21 03:38 - 2009-05-03 21:39 - 00000000 ____D () C:\Users\Jason\AppData\Local\Google
2015-04-21 03:38 - 2009-05-03 21:30 - 00000000 ____D () C:\Users\Jason\AppData\Local\Hewlett-Packard
2015-04-21 03:35 - 2015-01-26 06:42 - 00000000 ____D () C:\Users\Jason\AppData\Local\GameHugArcade
2015-04-21 03:35 - 2012-11-05 10:40 - 00000000 ____D () C:\Users\Jason\AppData\Local\Daring_Development_Inc
2015-04-21 03:35 - 2012-09-29 22:33 - 00000000 ____D () C:\Users\Jason\AppData\Local\GameTuts
2015-04-21 03:35 - 2010-12-25 22:59 - 00000000 ____D () C:\Users\Jason\AppData\Local\Downloaded Installations
2015-04-21 03:35 - 2009-12-06 20:55 - 00000000 ____D () C:\Users\Jason\AppData\Local\Evernote
2015-04-21 03:35 - 2009-05-31 22:02 - 00000000 ____D () C:\Users\Jason\AppData\Local\DNA
2015-04-21 03:35 - 2009-05-03 21:39 - 00000000 ____D () C:\Users\Jason\AppData\Local\Deployment
2015-04-21 03:34 - 2015-01-17 12:15 - 00000000 ____D () C:\Users\Jason\AppData\Local\Caphyon
2015-04-21 03:34 - 2012-07-28 20:17 - 00000000 ____D () C:\Users\Jason\AppData\Local\Coma
2015-04-21 03:34 - 2010-04-05 01:49 - 00000000 ____D () C:\Users\Jason\AppData\Local\Ant.com
2015-04-21 03:34 - 2009-12-13 20:24 - 00000000 ____D () C:\Users\Jason\AppData\Local\Cranium_Consulting_and_Cu
2015-04-21 03:34 - 2009-11-14 19:02 - 00000000 ____D () C:\Users\Jason\AppData\Local\Apple Computer
2015-04-21 03:34 - 2009-11-14 18:54 - 00000000 ____D () C:\Users\Jason\AppData\Local\Apple
2015-04-21 03:34 - 2009-05-03 21:39 - 00000000 ____D () C:\Users\Jason\AppData\Local\Apps\2.0
2015-04-21 03:25 - 2015-02-22 12:41 - 00000000 ____D () C:\Users\Jason\AppData\Local\ACD Systems
2015-04-21 03:25 - 2010-10-11 00:52 - 00000000 ____D () C:\Users\Jason\AppData\Local\AeroSnapApp
2015-04-21 03:25 - 2009-11-15 00:35 - 00000000 ____D () C:\Users\Jason\AppData\Local\AirVideoServer
2015-04-21 03:25 - 2009-05-04 01:59 - 00000000 ____D () C:\Users\Jason\AppData\Local\Adobe
2015-04-21 02:50 - 2009-11-14 18:59 - 00000000 ____D () C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2015-04-21 02:50 - 2008-10-23 01:31 - 00000000 ____D () C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
2015-04-21 02:33 - 2014-08-12 03:30 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-21 02:33 - 2013-07-08 23:48 - 00000000 ____D () C:\ProgramData\Samsung
2015-04-21 02:33 - 2011-10-29 19:20 - 00000000 ____D () C:\ProgramData\Google
2015-04-21 02:33 - 2011-06-12 02:44 - 00000000 ____D () C:\ProgramData\TorrentEasy
2015-04-21 02:33 - 2011-04-16 20:42 - 00000000 ___SD () C:\ProgramData\Memeo
2015-04-21 02:33 - 2011-03-14 00:10 - 00000000 ____D () C:\ProgramData\McAfee
2015-04-21 02:33 - 2010-12-19 14:09 - 00000000 ____D () C:\ProgramData\WindSolutions
2015-04-21 02:33 - 2010-03-26 01:00 - 00000000 ____D () C:\ProgramData\Office Genuine Advantage
2015-04-21 02:33 - 2010-03-12 05:00 - 00000000 ____D () C:\ProgramData\Sun
2015-04-21 02:33 - 2010-01-24 20:57 - 00000000 ____D () C:\ProgramData\AVS4YOU
2015-04-21 02:33 - 2009-12-01 23:10 - 00000000 ____D () C:\ProgramData\Skype
2015-04-21 02:33 - 2009-11-19 02:50 - 00000000 ____D () C:\ProgramData\WindowsSearch
2015-04-21 02:33 - 2009-10-22 18:39 - 00000000 ____D () C:\ProgramData\DVD Shrink
2015-04-21 02:33 - 2009-09-26 16:28 - 00000000 ____D () C:\ProgramData\Yahoo!
2015-04-21 02:33 - 2009-07-30 18:41 - 00000000 ____D () C:\ProgramData\vsosdk
2015-04-21 02:33 - 2009-06-08 19:59 - 00000000 ____D () C:\ProgramData\FloodLightGames
2015-04-21 02:33 - 2009-05-30 15:32 - 00000000 ____D () C:\ProgramData\SpinTop Games
2015-04-21 02:33 - 2009-05-27 08:14 - 00000340 _____ () C:\ProgramData\hpqp.txt.ecc
2015-04-21 02:33 - 2009-05-03 22:23 - 00000000 ____D () C:\ProgramData\LightScribe
2015-04-21 02:33 - 2009-03-09 09:48 - 00000000 ____D () C:\ProgramData\Atheros
2015-04-21 02:33 - 2008-10-23 01:34 - 00000000 ____D () C:\ProgramData\Temp
2015-04-21 02:33 - 2008-10-23 01:34 - 00000000 ____D () C:\ProgramData\CyberLink
2015-04-21 02:33 - 2008-10-23 00:47 - 00000000 ____D () C:\ProgramData\WildTangent
2015-04-21 02:33 - 2008-10-23 00:31 - 00000000 ____D () C:\ProgramData\Norton
2015-04-21 02:33 - 2008-10-23 00:29 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2015-04-21 02:31 - 2011-01-31 13:36 - 00000000 ____D () C:\ProgramData\Ant.com
2015-04-21 02:31 - 2010-01-28 02:44 - 00000000 ____D () C:\ProgramData\Alwil Software
2015-04-21 02:31 - 2009-11-14 18:55 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-04-21 02:31 - 2009-11-14 18:50 - 00000000 ____D () C:\ProgramData\Apple
2015-04-21 02:31 - 2008-10-23 01:34 - 00000000 ____D () C:\ProgramData\Adobe
2015-04-21 02:30 - 2015-01-25 02:18 - 00000000 ____D () C:\ProgramData\741706000001478
2015-04-21 02:30 - 2012-12-15 22:33 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2015-04-21 02:30 - 2011-04-21 20:41 - 00000000 ____D () C:\CtDriverInstTemp
2015-04-21 02:26 - 2014-12-06 00:12 - 00000000 ____D () C:\7cdb5e908fc343e6a7a41fe6ad
2015-04-21 02:26 - 2014-10-06 02:07 - 00000000 ____D () C:\596e74175438715360c0
2015-04-19 19:52 - 2011-10-02 15:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BYOND
2015-04-16 04:16 - 2015-01-12 18:29 - 00000000 ____D () C:\Games
2015-04-07 19:58 - 2008-10-23 00:29 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-04-02 05:06 - 2009-10-13 02:42 - 00100352 _____ () C:\Users\Jason\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
==================== Files in the root of some directories =======
 
2015-02-22 12:35 - 2015-04-21 17:42 - 0000020 _____ () C:\Users\Jason\AppData\Roaming\appdataFr3.bin
2011-06-19 15:49 - 2013-12-01 03:32 - 0632247 _____ () C:\Users\Jason\AppData\Roaming\data.dat
2015-04-21 01:32 - 2015-04-21 01:32 - 0008624 _____ () C:\Users\Jason\AppData\Roaming\HELP_DECRYPT.HTML
2015-04-21 01:32 - 2015-04-22 01:54 - 0045572 _____ () C:\Users\Jason\AppData\Roaming\HELP_DECRYPT.PNG.ecc
2015-04-21 01:32 - 2015-04-22 01:54 - 0004276 _____ () C:\Users\Jason\AppData\Roaming\HELP_DECRYPT.TXT.ecc
2015-04-21 01:32 - 2015-04-21 01:32 - 0000292 _____ () C:\Users\Jason\AppData\Roaming\HELP_DECRYPT.URL
2015-04-22 01:56 - 2015-04-22 01:56 - 0002674 _____ () C:\Users\Jason\AppData\Roaming\HELP_RESTORE_FILES.txt
2009-07-30 20:43 - 2009-12-30 02:07 - 0087608 _____ () C:\Users\Jason\AppData\Roaming\inst.exe
2015-04-21 02:16 - 2015-04-21 02:32 - 0000752 _____ () C:\Users\Jason\AppData\Roaming\key.dat
2015-04-21 02:16 - 2015-04-22 04:20 - 11207038 _____ () C:\Users\Jason\AppData\Roaming\log.html
2009-07-30 20:43 - 2009-12-30 02:07 - 0007887 _____ () C:\Users\Jason\AppData\Roaming\pcouffin.cat
2009-07-30 20:43 - 2009-12-30 02:07 - 0001144 _____ () C:\Users\Jason\AppData\Roaming\pcouffin.inf
2009-07-30 20:44 - 2009-12-30 02:07 - 0000034 _____ () C:\Users\Jason\AppData\Roaming\pcouffin.log
2009-07-30 20:43 - 2009-12-30 02:07 - 0047360 _____ (VSO Software) C:\Users\Jason\AppData\Roaming\pcouffin.sys
2015-04-21 02:16 - 2015-04-21 02:15 - 0483328 _____ () C:\Users\Jason\AppData\Roaming\sbbxbsc.exe
2015-01-17 13:49 - 2015-01-24 09:49 - 0000128 _____ () C:\Users\Jason\AppData\Roaming\WB.CFG
2010-01-05 04:18 - 2010-01-07 01:25 - 0000600 _____ () C:\Users\Jason\AppData\Roaming\winscp.rnd
2010-06-28 22:08 - 2011-02-03 23:02 - 0000190 _____ () C:\Users\Jason\AppData\Roaming\wklnhst.dat
2009-05-03 21:30 - 2009-05-03 21:30 - 0000000 _____ () C:\Users\Jason\AppData\Local\AtStart.txt
2009-11-19 02:46 - 2015-04-22 10:01 - 0001356 _____ () C:\Users\Jason\AppData\Local\d3d9caps.dat
2009-10-13 02:42 - 2015-04-02 05:06 - 0100352 _____ () C:\Users\Jason\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-19 03:49 - 2015-01-19 03:49 - 0000010 _____ () C:\Users\Jason\AppData\Local\DSI.DAT
2015-01-19 03:49 - 2015-01-19 03:49 - 0022528 _____ () C:\Users\Jason\AppData\Local\dsisetup638933912.exe
2009-05-03 21:30 - 2009-05-03 21:30 - 0000000 _____ () C:\Users\Jason\AppData\Local\DSwitch.txt
2010-11-03 22:21 - 2010-11-03 22:21 - 0000000 _____ () C:\Users\Jason\AppData\Local\FnF4.txt
2015-04-21 01:09 - 2015-04-21 01:09 - 0008624 _____ () C:\Users\Jason\AppData\Local\HELP_DECRYPT.HTML
2015-04-21 01:09 - 2015-04-21 03:38 - 0045572 _____ () C:\Users\Jason\AppData\Local\HELP_DECRYPT.PNG.ecc
2015-04-21 01:09 - 2015-04-21 03:38 - 0004276 _____ () C:\Users\Jason\AppData\Local\HELP_DECRYPT.TXT.ecc
2015-04-21 01:09 - 2015-04-21 01:09 - 0000292 _____ () C:\Users\Jason\AppData\Local\HELP_DECRYPT.URL
2015-04-21 03:34 - 2015-04-22 00:03 - 0002674 _____ () C:\Users\Jason\AppData\Local\HELP_RESTORE_FILES.txt
2010-01-05 04:02 - 2010-01-05 04:02 - 0000600 _____ () C:\Users\Jason\AppData\Local\PUTTY.RND
2009-05-03 21:30 - 2009-05-03 21:30 - 0000000 _____ () C:\Users\Jason\AppData\Local\QSwitch.txt
2011-11-11 05:30 - 2011-11-11 05:30 - 0000000 _____ () C:\Users\Jason\AppData\Local\{78E52F41-7523-49DD-8012-95A8EA24AB07}
2010-04-05 01:45 - 2011-01-31 13:36 - 0006067 _____ () C:\ProgramData\AntLog.txt
2009-12-01 23:20 - 2009-12-01 23:20 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2015-04-21 00:45 - 2015-04-22 20:42 - 0008624 _____ () C:\ProgramData\HELP_DECRYPT.HTML
2015-04-22 20:43 - 2015-04-22 20:43 - 0045655 _____ () C:\ProgramData\HELP_DECRYPT.PNG
2015-04-21 00:45 - 2015-04-21 17:46 - 0045652 _____ () C:\ProgramData\HELP_DECRYPT.PNG.ecc
2015-04-22 20:42 - 2015-04-22 20:42 - 0004252 _____ () C:\ProgramData\HELP_DECRYPT.TXT
2015-04-21 00:45 - 2015-04-21 17:46 - 0004308 _____ () C:\ProgramData\HELP_DECRYPT.TXT.ecc
2015-04-21 00:45 - 2015-04-22 20:42 - 0000292 _____ () C:\ProgramData\HELP_DECRYPT.URL
2015-04-21 02:33 - 2015-04-22 21:01 - 0003824 _____ () C:\ProgramData\HELP_RESTORE_FILES.txt
2009-03-09 10:20 - 2015-04-22 20:27 - 0000284 _____ () C:\ProgramData\hpqp.ini
2009-05-27 08:14 - 2015-04-21 02:33 - 0000340 _____ () C:\ProgramData\hpqp.txt.ecc
2009-03-09 10:24 - 2009-03-09 10:24 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2008-10-23 01:44 - 2008-10-23 01:44 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2009-03-09 10:23 - 2009-03-09 10:23 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2008-10-23 01:36 - 2008-10-23 01:38 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2009-03-09 10:21 - 2009-03-09 10:21 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2009-03-09 10:23 - 2009-03-09 10:23 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2008-10-23 01:35 - 2008-10-23 01:36 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2008-10-23 01:38 - 2008-10-23 01:44 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2009-03-09 10:24 - 2009-03-09 10:24 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
 
Files to move or delete:
====================
C:\Users\Jason\AppData\Roaming\data.dat
 
 
Some content of TEMP:
====================
C:\Users\Jason\AppData\Local\Temp\downloader.dll
C:\Users\Jason\AppData\Local\Temp\Quarantine.exe
C:\Users\Jason\AppData\Local\Temp\Setup_14020.exe
C:\Users\Jason\AppData\Local\Temp\Setup_2038.exe
C:\Users\Jason\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-04-22 20:30
 
==================== End Of Log ============================
 
addition.txt
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 22-04-2015 01
Ran by Jason at 2015-04-22 21:06:52
Running from C:\Users\Jason\Desktop\jan
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AV: avast! Antivirus (Enabled - Out of date) {C37D8F93-0602-E43C-40AA-47DAD597F308}
AS: avast! Antivirus (Enabled - Out of date) {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 10.0.22.87 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.7.700.202 - Adobe Systems Incorporated)
Adobe Flash Player 16 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 (HKLM\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Reader 9.5.5 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.5.155 - Adobe Systems, Inc.)
Adobe SVG Viewer 3.0 (HKLM\...\Adobe SVG Viewer) (Version:  3.0 - )
AeroSnap 0.61 (HKLM\...\{1DCCB2B0-A482-464F-94F6-1219693E34F0}_is1) (Version:  - Christian Schoch)
AnySend (HKLM\...\ASPackage) (Version: 1.0.0.0 - CMI Limited) <==== ATTENTION!
Apple Application Support (HKLM\...\{CCE825DB-347A-4004-A186-5F4A6FDD8547}) (Version: 2.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{459699C3-9430-4381-964B-4248D87B49F9}) (Version: 6.0.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Driver Installation Program (HKLM\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 5.2 - Atheros)
Audacity 2.0.6 (HKLM\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
avast! Free Antivirus (HKLM\...\avast5) (Version: 5.0.377.0 - Alwil Software)
AviSynth 2.5 (HKLM\...\AviSynth) (Version:  - )
BatteryCare 0.9.9.1 (HKLM\...\{C6A6036D-FBD0-4324-BEAA-C0845257160C}_is1) (Version: 0.9.9.1 - Filipe Lourenço)
BitTorrent (HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\BitTorrent) (Version: 7.9.2.38914 - BitTorrent Inc.)
Bodog Poker (HKLM\...\Bodog Poker_is1) (Version:  - Bodog Poker)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BYOND (HKLM\...\BYOND) (Version: 507.1283 - BYOND)
CacheList (HKLM\...\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}) (Version:  - ) <==== ATTENTION
CCleaner (HKLM\...\CCleaner) (Version: 4.03 - Piriform)
Cheat Engine 6.4 (HKLM\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Cisco EAP-FAST Module (HKLM\...\{415B2719-AD3A-4944-B404-C472DB6085B3}) (Version: 2.1.6 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.)
Cole2k Media - Codec Pack (Advanced) 8.0.2 (HKLM\...\Cole2k Media - Codec Pack) (Version: 8.0.2 - Cole2k Media)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6425.1000 - Microsoft Corporation)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.58.1.0 - Conexant)
CopyTrans Suite Remove Only (HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\CopyTrans Suite) (Version: 2.15 - WindSolutions)
Creative WebCam Notebook Driver (1.04.01.0322) (HKLM\...\Creative PD1171) (Version:  - )
CrossBrowser (HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\CrossBrowser) (Version: 36.0.1985.137 - CrossBrowser) <==== ATTENTION!
CyberLink DVD Suite (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2203 - CyberLink Corp.)
Dell Driver Download Manager (HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\bd4d3a0508d364f5) (Version: 3.0.0.0 - Dell Inc)
DivX Pro 6.8.0 VFW (HKLM\...\divx650vfw_is1) (Version: 6.8.0.14 - )
DNA (HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\BitTorrent DNA) (Version: 2.2.4 (16502) - BitTorrent Inc.)
Driver Restore (HKLM\...\Driver Restore) (Version: 2.3.0.0 - 383 Media, Inc.)
DVD Shrink 3.2 (HKLM\...\DVD Shrink_is1) (Version:  - DVD Shrink)
DVDFab 6.0.1.0 by CATER / AHCU (HKLM\...\DVDFab 6 by CATER / AHCU_is1) (Version:  - )
DVDFab 6.2.1.6 Beta (25/12/2009) (HKLM\...\DVDFab 6_is1) (Version:  - Fengtao Software Inc.)
DVDFab 8.0.5.0 (18/11/2010) (HKLM\...\DVDFab 8_is1) (Version:  - Fengtao Software Inc.)
ESU for Microsoft Vista (HKLM\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Eternal Damnation: A Postal 2 Modification (HKLM\...\Eternal Damnation: A Postal 2 Modification) (Version:  - )
Free Countdown Timer 3.1.0 (HKLM\...\{404245D0-E836-4737-9C12-D4D0034540F5}_is1) (Version: 3.1 - Comfort Software Group)
Free Video Joiner 5.5.8 (HKLM\...\Free Video Joiner_is1) (Version:  - MediaRightSoft, Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 40.0.2214.91 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.4.3607.2246 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_HERMOSA_HSF) (Version:  - )
Horizon v2.7.9.0 (HKLM\...\d4cfeebc-b821-40b7-9f81-d366b1466f03_is1) (Version: 2.7.9.0 - Daring Development Inc.)
HP Active Support Library (HKLM\...\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}) (Version: 3.1.9.1 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM\...\{57A5AEC1-97FC-474D-92C4-908FCC2253D4}) (Version: 5.7.0.2664 - Hewlett-Packard)
HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.03.0001 - Hewlett-Packard)
HP DVD Play 3.7 (HKLM\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version: 3.7.0.5723 - Hewlett-Packard)
HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP Help and Support (HKLM\...\{0054A0F6-00C9-4498-B821-B5C9578F433E}) (Version: 2.1.1.0 - Hewlett-Packard Company)
HP Quick Launch Buttons 6.40 H2 (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.40 H2 - Hewlett-Packard)
HP Total Care Advisor (HKLM\...\{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}) (Version: 2.4.4941.2798 - Hewlett-Packard)
HP Update (HKLM\...\{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}) (Version: 4.000.010.008 - Hewlett-Packard)
HP User Guides 0118 (HKLM\...\{B6D0B141-B2BE-4DD0-B08F-B9186F3E36B3}) (Version: 1.00.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}) (Version: 3.00 K2 - Hewlett-Packard)
HPAsset component for HP Active Support Library (Version: 3.0.2.2 - Hewlett-Packard) Hidden
HPNetworkAssistant (Version: 1.1.70 - Hewlett-Packard.) Hidden
HPTCSSetup (HKLM\...\{846DDADA-0239-4B67-A6B1-33658863793B}) (Version: 1.1.1963.2799 - Hewlett-Packard Company)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
iPhoneBrowser (HKLM\...\{495B6040-801F-474C-ADB8-309F132CF5F9}) (Version: 1.9.1 - Cranium Consulting and Custom Software)
iTunes (HKLM\...\{B0261E53-B6F1-474A-864B-E7C3CBF468E0}) (Version: 11.0.1.12 - Apple Inc.)
Java 7 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
K-Lite Codec Pack 9.2.0 (Basic) (HKLM\...\KLiteCodecPack_is1) (Version: 9.2.0 - )
LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.0926 - CyberLink Corp.)
LabelPrint (Version: 2.5.0926 - CyberLink Corp.) Hidden
Linksys Dual-Band Wireless-N USB Network Adapter (HKLM\...\InstallShield_{90EC11E4-854E-4C0F-9B4C-76D6C7CF7C68}) (Version: 1.0.0.1 - Linksys)
Linksys WUSB600N Dual-Band Wireless-N USB Network Adapter (Version: 1.0.0.1 - Linksys) Hidden
Little Inferno 1.00 (HKLM\...\Little Inferno 1.00) (Version: 1.00 - Cat-A-Cat)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft IntelliType Pro 7.0 (HKLM\...\{94A065E8-455D-41C1-AF1F-F0C1AF8F50F3}) (Version: 7.0.260.0 - Microsoft)
Microsoft Live Search Toolbar (HKLM\...\{96384578-C6A2-4EC6-92CD-B62A60713040}) (Version: 3.0.541.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 2 (SP2) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version:  - Microsoft)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.4 (HKLM\...\{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}) (Version: 2.0.3008.0 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Modio (HKLM\...\{3DA224A5-666B-4941-8998-2F19C6D126A5}_is1) (Version:  - GameTuts)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee Reveal (HKLM\...\{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}) (Version: 7.0.35.6951 - muvee Technologies Pte Ltd)
NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.52 - BVRP Software, Inc)
Notepad++ (HKLM\...\Notepad++) (Version: 6.7.4 - Notepad++ Team)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
OpenOffice.org 3.1 (HKLM\...\{E6B87DC4-2B3D-4483-ADFF-E483BF718991}) (Version: 3.1.9399 - OpenOffice.org)
Opera Stable 26.0.1656.60 (HKLM\...\Opera 26.0.1656.60) (Version: 26.0.1656.60 - Opera Software ASA)
oPryzeLP MC360 Mod Tool (HKLM\...\oPryzeLP MC360 Mod Tool) (Version:  - )
Pinger (HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\Pinger 1.4.0.0) (Version: 1.4.0.0 - Pinger Inc.)
Pinger (Version: 1.4.0.0 - Pinger Inc.) Hidden
PokerStars (HKLM\...\PokerStars) (Version:  - PokerStars)
Postal 2 Share The Pain (HKLM\...\Postal 2 Share The Pain_is1) (Version:  - GOG.com)
Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.2202 - CyberLink Corp.)
Power2Go (Version: 6.0.2202 - CyberLink Corp.) Hidden
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.2201 - CyberLink Corp.)
PowerDirector (Version: 7.0.2201 - CyberLink Corp.) Hidden
PowerISO (HKLM\...\PowerISO) (Version: 6.1 - Power Software Ltd)
Prompt Downloader (HKLM\...\Prompt Downloader) (Version:  - )
QuickTime (HKLM\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Rapid Mortgage Calculator 1.0 (HKLM\...\Rapid_Mortgage_Calculator_10) (Version:  - )
Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Remote Helper (HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\b3371ee8b61a04b3) (Version: 3.0.5.5 - Remote Jr.)
Remote Mouse version 1.09 (HKLM\...\{F34EE6D2-9356-4294-B3B3-AE04428C8C43}_is1) (Version: 1.09 - Remote Mouse)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.14.0 - SAMSUNG Electronics Co., Ltd.)
Skype web features (HKLM\...\{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}) (Version: 1.0.3971 - Skype Technologies S.A.)
Skype™ 4.1 (HKLM\...\{D103C4BA-F905-437A-8049-DB24763BBE36}) (Version: 4.1.179 - Skype Technologies S.A.)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.1.3.0 - Synaptics)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB981715) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{661B3F32-FFE4-4606-AE3A-DFA11DCC0D79}) (Version:  - Microsoft)
ViGlance (HKLM\...\ViGlance) (Version: 1001275 - Lee-Soft.com)
Viva Pinata (HKLM\...\InstallShield_{343EFA17-5BC5-44DA-924F-539ECBEFF68C}) (Version: 1.00.0000 - Microsoft Game Studios:)
VLC media player 1.0.5 (HKLM\...\VLC media player) (Version: 1.0.5 - VideoLAN Team)
Web Protector IE (HKLM\...\WebProtector) (Version: 1.0.0.2 - WebProtector)
Web Protector Plus (uninstall only) (HKLM\...\WebProtectorPlus) (Version:  - )
Windows 7 Codec Pack 4.1.0 (HKLM\...\Windows 7 - Codec Pack) (Version: 4.1.0 - Windows 7 Codec Pack)
Windows 7 Upgrade Advisor (HKLM\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Installer Clean Up (HKLM\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{10A44844-4465-456E-8C97-80BDD4F68845}) (Version: 6.500.3146.0 - Microsoft Corporation)
Windows Live OneCare safety scanner (HKLM\...\Windows Live OneCare safety scanner) (Version:  - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinSCP 4.2.5 (HKLM\...\winscp3_is1) (Version: 4.2.5 - Martin Prikryl)
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)
CustomCLSID: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000_Classes\CLSID\{06EEE834-461C-42C2-8DCF-1502B527B1F9}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000_Classes\CLSID\{42042206-2D85-11D3-8CFF-005004838597}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)
CustomCLSID: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000_Classes\CLSID\{4516CEE1-97DA-4030-A444-2D8E296B96B6}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000_Classes\CLSID\{6F237DF9-9DDB-47AD-B218-400D54C286AD}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000_Classes\CLSID\{942BC614-676C-464E-B384-D3202AAA02DA}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000_Classes\CLSID\{9E385F0A-0BA2-430C-96AA-4399C5E40F6C}\localserver32 -> C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000_Classes\CLSID\{a3c6dafc-e193-42fc-adca-5316b5d6d653}\InprocServer32 -> C:\Users\Jason\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
CustomCLSID: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)
CustomCLSID: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)
CustomCLSID: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)
CustomCLSID: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)
CustomCLSID: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000_Classes\CLSID\{DCA74850-096D-40CD-BB81-17034E51ACB6}\localserver32 -> C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000_Classes\CLSID\{F7117AE6-81F2-45B8-96EE-56F6FD357A48}\InprocServer32 -> C:\ProgramData\{49A0BAC7-3326-4433-9373-4AA8793ABB5C}\d3d10core.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000_Classes\CLSID\{FBF23B40-E3F0-101B-8488-00AA003E56F8}\InprocServer32 -> No File Path
 
==================== Restore Points  =========================
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2006-11-02 05:23 - 2012-07-23 00:47 - 00000734 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0CFA2101-537A-4B5C-BD3A-CC325F6B6214} - System32\Tasks\{A2310BEC-EE85-481C-AA8C-93D24B3EFB6E} => C:\Program Files\Skype\Phone\Skype.exe [2009-10-09] (Skype Technologies S.A.)
Task: {0FC222F4-97CC-4C61-B938-C81D4CE81037} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {10CC0405-E2DF-4A16-A827-E1F2718CA7AD} - System32\Tasks\LaunchSignup => C:\Program Files\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {1C3738CF-46A3-4A60-A567-DB55C9A2CB8F} - System32\Tasks\GNVLNUPDH => C:\ProgramData\cd96e4ae2fbb46d9b627abb8e45312b8\cd96e4ae2fbb46d9b627abb8e45312b8.exe [2015-01-22] ()
Task: {309E1581-BE85-435A-89CD-AE12EC3B9DC1} - System32\Tasks\ConsumerInputUpdateTaskMachineUA => C:\Program Files\Consumer Input\Update\ConsumerInputUpdate.exe <==== ATTENTION
Task: {5771EEC4-1152-4023-8980-E89E6046358D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-25] (Adobe Systems Incorporated)
Task: {5ED77898-269A-435B-A8AC-DCB4F795835F} - System32\Tasks\Opera scheduled Autoupdate 1420724524 => C:\Program Files\Opera\launcher.exe [2014-12-16] (Opera Software)
Task: {62890FFF-86BD-4C54-A9CB-909730A33C56} - System32\Tasks\{3B87E622-6C5A-44E1-AA8E-F3D1EA06BD73} => pcalua.exe -a C:\Users\Jason\AppData\Local\Temp\Temp1_MBE2_image.zip\MBE2_image\wd_windows_tools\WDSetup.exe
Task: {6853635C-D63E-403E-8412-7CED3FB2F21D} - System32\Tasks\{4D173310-63E0-4889-8FEF-6F37A2769638} => pcalua.exe -a C:\Users\Jason\Downloads\Install-Chess-Free.exe -d C:\Users\Jason\Desktop
Task: {6F92FB5A-70C7-4766-AF84-9A6324C50B8E} - System32\Tasks\ConsumerInputUpdateTaskMachineCore => C:\Program Files\Consumer Input\Update\ConsumerInputUpdate.exe <==== ATTENTION
Task: {72D72FE8-176C-45D6-A266-62E80E1C04AB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-27] (Google Inc.)
Task: {73CF5A8D-1171-4B9E-BC48-C482DC0C1903} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_16_0_0_235_pepper.exe
Task: {788FC2A8-7DB3-4BBA-8C1E-EA394F2AB0EC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-27] (Google Inc.)
Task: {78AA59BD-B92E-4525-B507-3EBEFBF32A69} - System32\Tasks\DriverRestore_ScheduledScan => C:\Program Files\DriverRestore\DriverRestore.exe
Task: {8BDCD209-7627-4DA6-9F81-6EDC8C4E7C67} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9691955E-93FD-4C98-B337-A9C141A01482} - System32\Tasks\HP Health Check => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09] (Hewlett-Packard)
Task: {9C2A5BF5-D47D-49E1-A355-102EC1377060} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1441847595-3396335443-3013822310-1000UA => C:\Users\Jason\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {C5D53882-73CD-4638-8766-01A9D44C5209} - System32\Tasks\Web Protector Plus Server => C:\Program Files\WebProtectorPlus\WebProtectorPlusServer.exe
Task: {CE69B8D4-CDB5-418A-83D9-FF7F0DF77F2F} - System32\Tasks\BatteryCareAuto => C:\Program Files\BatteryCare\BatteryCare.exe [2012-03-07] (Filipe Lourenço)
Task: {D811512C-5B21-4909-921C-551AEF641A9F} - System32\Tasks\DriverRestore_DailyScan => C:\Program Files\DriverRestore\DriverRestore.exe
Task: {E0AD6386-6E2D-48F8-8A68-34B84D6F7060} - System32\Tasks\{301B22F9-3893-40C8-8DB1-A0021897023C} => pcalua.exe -a "C:\Users\Jason\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LKQ4UDUZ\msicuu2[1].exe" -d C:\Users\Jason\Desktop
Task: {F393ADBB-359C-4CC7-87AF-6B9ABE6E8F0D} - System32\Tasks\Web Protector Plus => C:\Program Files\WebProtectorPlus\WebProtectorPlus.exe [2015-02-19] ()
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\system32\Macromed\Flash\FlashUtil32_16_0_0_235_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{A2278271-91F5-45C0-91F4-37B192C68C51}.job => C:\Windows\system32\msfeedssync.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2010-02-25 22:52 - 2010-02-25 11:57 - 00669184 _____ () C:\Program Files\Alwil Software\Avast5\defs\10022500\algo.dll
2010-01-28 02:44 - 2010-01-19 08:17 - 00175152 _____ () C:\Program Files\Alwil Software\Avast5\Setup\SetIFace.dll
2015-04-12 12:35 - 2015-04-12 12:35 - 00021504 _____ () C:\Users\Jason\AppData\Local\Ibjhsoft\loader_u.dll
2014-05-12 04:49 - 2014-05-12 04:49 - 00260608 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2012-02-20 21:29 - 2012-02-20 21:29 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 21:28 - 2012-02-20 21:28 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2008-10-23 01:51 - 2008-10-06 11:54 - 00365952 _____ () C:\Program Files\SMINST\BLService.exe
2008-10-23 01:51 - 2008-10-06 11:54 - 00132480 _____ () C:\Program Files\SMINST\STWmiM.dll
2008-10-23 01:44 - 2008-09-15 09:13 - 00241734 _____ () C:\Program Files\CyberLink\Shared files\RichVideo.exe
2015-02-19 10:27 - 2015-02-19 10:27 - 00253440 _____ () C:\Program Files\WebProtectorPlus\WebProtectorPlus.exe
2015-01-24 21:37 - 2015-01-23 14:38 - 03307712 _____ () C:\Users\Jason\AppData\Local\ospd_us_751\upospd_us_751.exe
2010-10-11 00:50 - 2008-12-06 19:32 - 00886784 _____ () C:\Program Files\AeroSnap\AeroSnap.exe
2010-10-11 00:50 - 2008-12-06 19:31 - 00046080 _____ () C:\Program Files\AeroSnap\AeroSnap.Application.dll
2015-04-19 19:37 - 2015-04-19 19:37 - 00071168 _____ () C:\Users\Jason\AppData\Local\Ordfics\loader_u.dll
2015-04-21 02:16 - 2015-04-21 02:15 - 00483328 _____ () C:\Users\Jason\AppData\Roaming\sbbxbsc.exe
2008-10-23 00:44 - 2008-04-11 11:04 - 00685360 _____ () C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
2015-01-24 21:35 - 2015-01-22 22:01 - 00506880 _____ () C:\ProgramData\cd96e4ae2fbb46d9b627abb8e45312b8\cd96e4ae2fbb46d9b627abb8e45312b8.exe
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:178D4338
AlternateDataStreams: C:\ProgramData\Temp:3B5038B1
AlternateDataStreams: C:\ProgramData\Temp:3E69E337
AlternateDataStreams: C:\ProgramData\Temp:409A775B
AlternateDataStreams: C:\ProgramData\Temp:4AC9B4B7
AlternateDataStreams: C:\ProgramData\Temp:64648EF8
AlternateDataStreams: C:\ProgramData\Temp:77A023CE
AlternateDataStreams: C:\ProgramData\Temp:7C60A173
AlternateDataStreams: C:\ProgramData\Temp:8BB2EC84
AlternateDataStreams: C:\ProgramData\Temp:DFC3B090
AlternateDataStreams: C:\ProgramData\Temp:F1C0B203
AlternateDataStreams: C:\ProgramData\Temp:FE9F7F81
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\cmwd.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\cmwd.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ColorMedia => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
 
 
 
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\Software\Classes\.exe: exefile =>  <===== ATTENTION!
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 209.18.47.61 - 209.18.47.62
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1441847595-3396335443-3013822310-500 - Administrator - Disabled)
Guest (S-1-5-21-1441847595-3396335443-3013822310-501 - Limited - Disabled)
Jason (S-1-5-21-1441847595-3396335443-3013822310-1000 - Administrator - Enabled) => C:\Users\Jason
 
==================== Faulty Device Manager Devices =============
 
Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: isatap.{8F4D1CEB-01DE-4E24-8717-77911BC65E9F}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: isatap.{8F4D1CEB-01DE-4E24-8717-77911BC65E9F}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: isatap.{8F4D1CEB-01DE-4E24-8717-77911BC65E9F}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: isatap.{8F4D1CEB-01DE-4E24-8717-77911BC65E9F}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: isatap.{8F4D1CEB-01DE-4E24-8717-77911BC65E9F}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: isatap.{66D17D95-77C4-4E1C-9BAB-065675D4461C}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: isatap.{8F4D1CEB-01DE-4E24-8717-77911BC65E9F}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: isatap.{8F4D1CEB-01DE-4E24-8717-77911BC65E9F}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: isatap.{BFBEAC4D-3A07-4854-9825-C4B545F4CB9A}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: isatap.{BFBEAC4D-3A07-4854-9825-C4B545F4CB9A}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (04/22/2015 09:13:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18904, time stamp 0x4b835fec, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x0005e27d,
process id 0x2744, application start time 0xiexplore.exe0.
 
Error: (04/22/2015 09:13:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18904, time stamp 0x4b835fec, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x0039e14a,
process id 0x133c, application start time 0xiexplore.exe0.
 
Error: (04/22/2015 08:41:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application Dwm.exe, version 6.0.6001.18000, time stamp 0x47918c97, faulting module ntdll.dll, version 6.0.6001.18538, time stamp 0x4cb733dc, exception code 0x80000003, fault offset 0x0003e199,
process id 0x720, application start time 0xDwm.exe0.
 
Error: (04/22/2015 08:33:54 PM) (Source: LoadPerf) (EventID: 3011) (User: )
Description: WmiApRplWmiApRpl8
 
Error: (04/22/2015 08:33:54 PM) (Source: LoadPerf) (EventID: 3012) (User: )
Description: Performance16
 
Error: (04/22/2015 08:25:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/22/2015 08:21:37 PM) (Source: LoadPerf) (EventID: 3011) (User: )
Description: WmiApRplWmiApRpl8
 
Error: (04/22/2015 08:21:37 PM) (Source: LoadPerf) (EventID: 3012) (User: )
Description: Performance16
 
Error: (04/22/2015 06:35:15 AM) (Source: LoadPerf) (EventID: 3011) (User: )
Description: WmiApRplWmiApRpl8
 
Error: (04/22/2015 06:35:15 AM) (Source: LoadPerf) (EventID: 3012) (User: )
Description: Performance16
 
 
System errors:
=============
 
Microsoft Office Sessions:
=========================
Error: (04/21/2012 05:21:07 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 102 seconds with 60 seconds of active time.  This session ended with a crash.
 
Error: (08/17/2011 00:33:44 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 105 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (11/12/2010 02:03:11 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6524.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 94 seconds with 0 seconds of active time.  This session ended with a crash.
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-04-22 20:47:42.227
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-04-22 20:47:39.279
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-04-22 20:47:37.434
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-04-22 20:47:34.984
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-04-22 20:47:22.614
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-04-22 20:47:20.709
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-04-22 20:47:18.042
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-04-22 20:47:15.740
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-04-22 20:35:00.711
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-04-22 20:35:00.318
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Genuine Intel® CPU 585 @ 2.16GHz
Percentage of memory in use: 66%
Total physical RAM: 1978.45 MB
Available physical RAM: 670.29 MB
Total Pagefile: 4202.16 MB
Available Pagefile: 2174.64 MB
Total Virtual: 2047.88 MB
Available Virtual: 1882.14 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:138.7 GB) (Free:34.32 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:10.34 GB) (Free:1.77 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: 58BF6AE5)
Partition 1: (Active) - (Size=138.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=10.3 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
 
 
 
 
 
 
 
 
 
 

Attached Files



BC AdBot (Login to Remove)

 


#2 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,041 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:03:33 AM

Posted 23 April 2015 - 11:02 AM

Greetings and :welcome: to BleepingComputer,
My name is xXToffeeXx, but feel free to call me Toffee if it is easier for you. I will be helping you with your malware problems.
 
A few points to cover before we start:

  • Do not run any tools without being instructed to as this makes my job much harder in trying to figure out what you have done.
  • Make sure to read my instructions fully before attempting a step.
  • If you have problems or questions with any of the steps, feel free to ask me. I will be happy to answer any questions you have.
  • Please follow the topic by clicking on the "Follow this topic" button, and make sure a tick is in the "receive notifications" and is set to "Instantly". Any replies should be made in this topic by clicking the "Reply to this topic" button.
  • Important information in my posts will often be in bold, make sure to take note of these.
  • I will attempt to reply as soon as possible, and normally within 24 hours of your reply. If this is not possible or I have a delay then I will let you know.
  • I will bump a topic after 3 days of no activity, and then will give you another 2 days to reply before a topic is closed. If you need more time than this please let me know.
  • Lets get going now :thumbup2:

==========================
 
Hi Jason6300,
 
Did you install or download GameHugArcade?
 
We need to remove some programs with Revo Uninstaller Free:
 
Note: Revo Uninstaller is more thorough in deleting programs on your computer than using the Add/Remove option in Windows. Since it is a more powerful tool, please be sure to follow the instructions carefully.
Note: If the program you want to uninstall is not listed by Revo, let me know and we will try an altenate method of removal.

  • Please download and install Revo Uninstaller Free
    note: there is no need to click anything on that page, the download will start automatically
  • Double click Revo Uninstaller to run it
  • From the list of programs double click on the listed program(s), or anything similar, to remove it:
AnySend
CacheList
CrossBrowser
Web Protector IE
Web Protector Plus (uninstall only)
  • When prompted if you want to uninstall click Yes
  • Be sure the Moderate option is selected then click Next
  • The program will run, If prompted again click Yes
  • When the built-in uninstaller is finished click on Next
  • Once the program has searched for leftovers click Next
  • Check the items in bold only on the list then click Delete
    note: you may have to expand some folders by clicking the "+" mark
  • When prompted click on Yes and then on Next
  • Put a check on any folders that are found and select Delete
  • When prompted select Yes then Next
  • Once done click Finish

--------------

We need to run a fix with FRST:

  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter.
  • Copy and paste the script below in the notepad document:​
() C:\Users\Jason\AppData\Roaming\sbbxbsc.exe
(Glasstest) C:\Users\Jason\AppData\Local\Ordfics\tmp5B87.exe
() C:\ProgramData\cd96e4ae2fbb46d9b627abb8e45312b8\cd96e4ae2fbb46d9b627abb8e45312b8.exe
HKLM\...\Run: [ospd_us_751] => [X]
HKLM\...\Run: [yraje] => C:\Users\Jason\AppData\Local\yraje\yraje.exe [377944 2015-04-12] (RatePolygonal)
HKLM\...\RunOnce: [upospd_us_751.exe] => C:\Users\Jason\AppData\Local\ospd_us_751\upospd_us_751.exe [3307712 2015-01-23] ()
HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ATTENTION
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\Run: [Ordfics] => C:\Users\Jason\AppData\Local\Ordfics\tmp5B87.exe [192512 2015-04-12] (Glasstest)
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\Run: [Ibjhsoft] => regsvr32.exe C:\Users\Jason\AppData\Local\Ibjhsoft\loader_u.dll <===== ATTENTION
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\Run: [YhfxPack] => C:\Windows\System32\regsvr32.exe C:\Users\Jason\AppData\Local\Ordfics\loader_u.dll
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\Run: [audiodevv2] => C:\Users\Jason\Documents\audiodevv2.exe
C:\Users\Jason\Documents\audiodevv2.exe
C:\Users\Jason\AppData\Roaming\sbbxbsc.exe
C:\Users\Jason\AppData\Local\yraje
C:\Users\Jason\AppData\Local\ospd_us_751
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\Run: [msdedf] => C:\Users\Jason\AppData\Roaming\sbbxbsc.exe [483328 2015-04-21] ()
Startup: C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.HTML [2015-04-21] ()
Startup: C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.PNG.ecc [2015-04-21] ()
Startup: C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.TXT.ecc [2015-04-21] ()
InternetURL: C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.URL -> hxxp://7oqnsnzwwnm6zb7y.partypayonion.com/e5kQ9p
Startup: C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_RESTORE_FILES.txt [2015-04-22] ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
URLSearchHook: HKLM - Default Value = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D}
SearchScopes: HKLM -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
Toolbar: HKU\.DEFAULT -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} -  No File
Toolbar: HKU\.DEFAULT -> No Name - {2E924F4F-67F0-4BD8-9560-49F468E843D2} -  No File
Toolbar: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} -  No File
Toolbar: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000 -> No Name - {6CD56C02-CB4D-41B5-A0FE-B479061CCB41} -  No File
Winsock: Catalog9 01 C:\Windows\system32\ColorMedia.dll [324776 2015-01-24] (CartCrunch Israel Ltd.)
Winsock: Catalog9 02 C:\Windows\system32\ColorMedia.dll [324776 2015-01-24] (CartCrunch Israel Ltd.)
Winsock: Catalog9 03 C:\Windows\system32\ColorMedia.dll [324776 2015-01-24] (CartCrunch Israel Ltd.)
Winsock: Catalog9 04 C:\Windows\system32\ColorMedia.dll [324776 2015-01-24] (CartCrunch Israel Ltd.)
Winsock: Catalog9 16 C:\Windows\system32\ColorMedia.dll [324776 2015-01-24] (CartCrunch Israel Ltd.)
C:\Windows\system32\ColorMedia.dll
CMD: netsh winsock reset
CustomCLSID: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000_Classes\CLSID\{06EEE834-461C-42C2-8DCF-1502B527B1F9}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000_Classes\CLSID\{42042206-2D85-11D3-8CFF-005004838597}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000_Classes\CLSID\{4516CEE1-97DA-4030-A444-2D8E296B96B6}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000_Classes\CLSID\{6F237DF9-9DDB-47AD-B218-400D54C286AD}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000_Classes\CLSID\{942BC614-676C-464E-B384-D3202AAA02DA}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000_Classes\CLSID\{F7117AE6-81F2-45B8-96EE-56F6FD357A48}\InprocServer32 -> C:\ProgramData\{49A0BAC7-3326-4433-9373-4AA8793ABB5C}\d3d10core.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000_Classes\CLSID\{FBF23B40-E3F0-101B-8488-00AA003E56F8}\InprocServer32 -> No File Path
C:\ProgramData\{49A0BAC7-3326-4433-9373-4AA8793ABB5C}
Task: {1C3738CF-46A3-4A60-A567-DB55C9A2CB8F} - System32\Tasks\GNVLNUPDH => C:\ProgramData\cd96e4ae2fbb46d9b627abb8e45312b8\cd96e4ae2fbb46d9b627abb8e45312b8.exe [2015-01-22] ()
Task: {E0AD6386-6E2D-48F8-8A68-34B84D6F7060} - System32\Tasks\{301B22F9-3893-40C8-8DB1-A0021897023C} => pcalua.exe -a "C:\Users\Jason\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LKQ4UDUZ\msicuu2[1].exe" -d C:\Users\Jason\Desktop
AlternateDataStreams: C:\ProgramData\Temp:178D4338
AlternateDataStreams: C:\ProgramData\Temp:3B5038B1
AlternateDataStreams: C:\ProgramData\Temp:3E69E337
AlternateDataStreams: C:\ProgramData\Temp:409A775B
AlternateDataStreams: C:\ProgramData\Temp:4AC9B4B7
AlternateDataStreams: C:\ProgramData\Temp:64648EF8
AlternateDataStreams: C:\ProgramData\Temp:77A023CE
AlternateDataStreams: C:\ProgramData\Temp:7C60A173
AlternateDataStreams: C:\ProgramData\Temp:8BB2EC84
AlternateDataStreams: C:\ProgramData\Temp:DFC3B090
AlternateDataStreams: C:\ProgramData\Temp:F1C0B203
AlternateDataStreams: C:\ProgramData\Temp:FE9F7F81
2015-04-21 00:34 - 2015-04-22 20:45 - 00000000 ___HD () C:\6156cf8e
2015-04-21 00:23 - 2015-04-22 20:25 - 00000000 ___HD () C:\ProgramData\{49A0BAC7-3326-4433-9373-4AA8793ABB5C}
2015-04-12 12:35 - 2015-04-21 04:25 - 00000000 ____D () C:\Users\Jason\AppData\Local\Ordfics
2015-04-12 12:35 - 2015-04-21 03:38 - 00000000 ____D () C:\Users\Jason\AppData\Local\Ibjhsoft
2015-04-12 11:36 - 2015-04-21 04:58 - 00000000 ____D () C:\Users\Jason\AppData\Local\yraje
2015-04-22 06:27 - 2015-01-24 21:35 - 00000000 ____D () C:\ProgramData\cd96e4ae2fbb46d9b627abb8e45312b8
2015-04-21 02:50 - 2009-11-14 18:59 - 00000000 ____D () C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2015-04-21 02:50 - 2008-10-23 01:31 - 00000000 ____D () C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
2015-04-21 02:30 - 2015-01-25 02:18 - 00000000 ____D () C:\ProgramData\741706000001478
2015-04-21 02:30 - 2012-12-15 22:33 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
  • Save the file to your desktop and name it as fixlist.txt

Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

  • Run FRST.exe/FRST64.exe and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run.
  • Please copy and paste the log in your next reply.

--------------
 
Please re-run FRST from the desktop (like you did before) and press the scan button. It will produce a FRST.txt log located on the desktop. Please copy and paste the log into your next reply.
 
xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#3 Jason6300

Jason6300
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:33 PM

Posted 24 April 2015 - 11:08 PM

Thank you for your kind help.

I actually watched the virus encrypt the fixlist.txt in the time it took to start frst.exe

i just shook my head.

 

I of course made another and ran the the fix you prepared, and then frst scan and attached files below.

 

I know I've lost a tremendous amount of data and have no system restore to recover. but with your help maybe I can salvage some of it before its all destroyed.

 

Thank

Jason

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 22-04-2015 01
Ran by Jason at 2015-04-24 22:43:41 Run:1
Running from C:\Users\Jason\Desktop\jan
Loaded Profiles: Jason (Available profiles: Jason)
Boot Mode: Normal
 
==============================================
 
Content of fixlist:
*****************
() C:\Users\Jason\AppData\Roaming\sbbxbsc.exe
(Glasstest) C:\Users\Jason\AppData\Local\Ordfics\tmp5B87.exe
() C:\ProgramData\cd96e4ae2fbb46d9b627abb8e45312b8\cd96e4ae2fbb46d9b627abb8e45312b8.exe
HKLM\...\Run: [ospd_us_751] => [X]
HKLM\...\Run: [yraje] => C:\Users\Jason\AppData\Local\yraje\yraje.exe [377944 2015-04-12] (RatePolygonal)
HKLM\...\RunOnce: [upospd_us_751.exe] => C:\Users\Jason\AppData\Local\ospd_us_751\upospd_us_751.exe [3307712 2015-01-23] ()
HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ATTENTION
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\Run: [Ordfics] => C:\Users\Jason\AppData\Local\Ordfics\tmp5B87.exe [192512 2015-04-12] (Glasstest)
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\Run: [Ibjhsoft] => regsvr32.exe C:\Users\Jason\AppData\Local\Ibjhsoft\loader_u.dll <===== ATTENTION
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\Run: [YhfxPack] =>
C:\Windows\System32\regsvr32.exe C:\Users\Jason\AppData\Local\Ordfics\loader_u.dll
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\Run: [audiodevv2] => C:\Users\Jason\Documents\audiodevv2.exe
C:\Users\Jason\Documents\audiodevv2.exe
C:\Users\Jason\AppData\Roaming\sbbxbsc.exe
C:\Users\Jason\AppData\Local\yraje
C:\Users\Jason\AppData\Local\ospd_us_751
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\Run: [msdedf] => C:\Users\Jason\AppData\Roaming\sbbxbsc.exe [483328 2015-04-21] ()
Startup: C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.HTML [2015-04-21] ()
Startup: C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.PNG.ecc [2015-04-21] ()
Startup: C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.TXT.ecc [2015-04-21] ()
InternetURL: C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.URL ->
hxxp://7oqnsnzwwnm6zb7y.partypayonion.com/e5kQ9p
Startup: C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_RESTORE_FILES.txt [2015-04-22] ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
URLSearchHook: HKLM - Default Value = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D}
SearchScopes: HKLM -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 ->
DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
Toolbar: HKU\.DEFAULT -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} -  No File
Toolbar: HKU\.DEFAULT -> No Name - {2E924F4F-67F0-4BD8-9560-49F468E843D2} -  No File
Toolbar: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} -  No File
Toolbar: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000 -> No Name - {6CD56C02-CB4D-41B5-A0FE-B479061CCB41} -  No File
Winsock: Catalog9 01 C:\Windows\system32\ColorMedia.dll [324776 2015-01-24] (CartCrunch Israel Ltd.)
Winsock: Catalog9 02 C:\Windows\system32\ColorMedia.dll [324776 2015-01-24] (CartCrunch Israel Ltd.)
Winsock: Catalog9 03 C:\Windows\system32\ColorMedia.dll
[324776 2015-01-24] (CartCrunch Israel Ltd.)
Winsock: Catalog9 04 C:\Windows\system32\ColorMedia.dll [324776 2015-01-24] (CartCrunch Israel Ltd.)
Winsock: Catalog9 16 C:\Windows\system32\ColorMedia.dll [324776 2015-01-24] (CartCrunch Israel Ltd.)
C:\Windows\system32\ColorMedia.dll
CMD: netsh winsock reset
CustomCLSID: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000_Classes\CLSID\{06EEE834-461C-42C2-8DCF-1502B527B1F9}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000_Classes\CLSID\{42042206-2D85-11D3-8CFF-005004838597}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000_Classes\CLSID\{4516CEE1-97DA-4030-A444-2D8E296B96B6}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> No File Path
CustomCLSID:
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000_Classes\CLSID\{6F237DF9-9DDB-47AD-B218-400D54C286AD}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000_Classes\CLSID\{942BC614-676C-464E-B384-D3202AAA02DA}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000_Classes\CLSID\{F7117AE6-81F2-45B8-96EE-56F6FD357A48}\InprocServer32 -> C:\ProgramData\{49A0BAC7-3326-4433-9373-4AA8793ABB5C}\d3d10core.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000_Classes\CLSID\{FBF23B40-E3F0-101B-8488-00AA003E56F8}\InprocServer32 -> No File Path
C:\ProgramData\{49A0BAC7-3326-4433-9373-4AA8793ABB5C}
Task: {1C3738CF-46A3-4A60-A567-DB55C9A2CB8F} - System32\Tasks\GNVLNUPDH => C:\ProgramData\cd96e4ae2fbb46d9b627abb8e45312b8\cd96e4ae2fbb46d9b627abb8e45312b8.exe [2015-01-22] ()
Task: {E0AD6386-6E2D-48F8-8A68-34B84D6F7060} -
System32\Tasks\{301B22F9-3893-40C8-8DB1-A0021897023C} => pcalua.exe -a "C:\Users\Jason\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LKQ4UDUZ\msicuu2[1].exe" -d C:\Users\Jason\Desktop
AlternateDataStreams: C:\ProgramData\Temp:178D4338
AlternateDataStreams: C:\ProgramData\Temp:3B5038B1
AlternateDataStreams: C:\ProgramData\Temp:3E69E337
AlternateDataStreams: C:\ProgramData\Temp:409A775B
AlternateDataStreams: C:\ProgramData\Temp:4AC9B4B7
AlternateDataStreams: C:\ProgramData\Temp:64648EF8
AlternateDataStreams: C:\ProgramData\Temp:77A023CE
AlternateDataStreams: C:\ProgramData\Temp:7C60A173
AlternateDataStreams: C:\ProgramData\Temp:8BB2EC84
AlternateDataStreams: C:\ProgramData\Temp:DFC3B090
AlternateDataStreams: C:\ProgramData\Temp:F1C0B203
AlternateDataStreams: C:\ProgramData\Temp:FE9F7F81
2015-04-21 00:34 - 2015-04-22 20:45 - 00000000 ___HD () C:\6156cf8e
2015-04-21 00:23 - 2015-04-22 20:25 - 00000000 ___HD ()
C:\ProgramData\{49A0BAC7-3326-4433-9373-4AA8793ABB5C}
2015-04-12 12:35 - 2015-04-21 04:25 - 00000000 ____D () C:\Users\Jason\AppData\Local\Ordfics
2015-04-12 12:35 - 2015-04-21 03:38 - 00000000 ____D () C:\Users\Jason\AppData\Local\Ibjhsoft
2015-04-12 11:36 - 2015-04-21 04:58 - 00000000 ____D () C:\Users\Jason\AppData\Local\yraje
2015-04-22 06:27 - 2015-01-24 21:35 - 00000000 ____D () C:\ProgramData\cd96e4ae2fbb46d9b627abb8e45312b8
2015-04-21 02:50 - 2009-11-14 18:59 - 00000000 ____D () C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2015-04-21 02:50 - 2008-10-23 01:31 - 00000000 ____D () C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
2015-04-21 02:30 - 2015-01-25 02:18 - 00000000 ____D () C:\ProgramData\741706000001478
2015-04-21 02:30 - 2012-12-15 22:33 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
*****************
 
[4368] C:\Users\Jason\AppData\Roaming\sbbxbsc.exe => Process closed successfully.
[4424] C:\Users\Jason\AppData\Local\Ordfics\tmp5B87.exe => Process closed successfully.
C:\ProgramData\cd96e4ae2fbb46d9b627abb8e45312b8\cd96e4ae2fbb46d9b627abb8e45312b8.exe => No running process found
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ospd_us_751 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\yraje => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\upospd_us_751.exe => value deleted successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Ordfics => value deleted successfully.
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Ibjhsoft => value deleted successfully.
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\Software\Microsoft\Windows\CurrentVersion\Run\\YhfxPack => value deleted successfully.
"C:\Windows\System32\regsvr32.exe C:\Users\Jason\AppData\Local\Ordfics\loader_u.dll" => File/Directory not found.
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\Software\Microsoft\Windows\CurrentVersion\Run\\audiodevv2 => value deleted successfully.
"C:\Users\Jason\Documents\audiodevv2.exe" => File/Directory not found.
C:\Users\Jason\AppData\Roaming\sbbxbsc.exe => Moved successfully.
 
"C:\Users\Jason\AppData\Local\yraje" directory move:
 
Could not move "C:\Users\Jason\AppData\Local\yraje" directory. => Scheduled to move on reboot.
 
C:\Users\Jason\AppData\Local\ospd_us_751 => Moved successfully.
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\Software\Microsoft\Windows\CurrentVersion\Run\\msdedf => value deleted successfully.
C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.HTML => Moved successfully.
C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.PNG.ecc => Moved successfully.
C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.TXT.ecc => Moved successfully.
C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.URL => Moved successfully.
hxxp://7oqnsnzwwnm6zb7y.partypayonion.com/e5kQ9p => Error: No automatic fix found for this entry.
C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_RESTORE_FILES.txt => Moved successfully.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\Microsoft\Internet Explorer\URLSearchHooks\\ => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}" => Key deleted successfully.
HKCR\CLSID\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} => Key not found. 
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77}" => Key deleted successfully.
HKCR\CLSID\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} => Key not found. 
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\SearchScopes: HKU\S-1-5-19 ->\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\SearchScopes: HKU\S-1-5-19 -> => Value not found.
DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = => Error: No automatic fix found for this entry.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => Key deleted successfully.
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found. 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} => value deleted successfully.
HKCR\CLSID\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} => Key not found. 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2E924F4F-67F0-4BD8-9560-49F468E843D2} => value deleted successfully.
HKCR\CLSID\{2E924F4F-67F0-4BD8-9560-49F468E843D2} => Key not found. 
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} => value deleted successfully.
HKCR\CLSID\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} => Key not found. 
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{6CD56C02-CB4D-41B5-A0FE-B479061CCB41} => value deleted successfully.
HKCR\CLSID\{6CD56C02-CB4D-41B5-A0FE-B479061CCB41} => Key not found. 
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001 => Key could not be deleted. Access denied.
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002 => Key could not be deleted. Access denied.
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003 => Key could not be deleted. Access denied.
[324776 2015-01-24] (CartCrunch Israel Ltd.) => Error: No automatic fix found for this entry.
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004 => Key could not be deleted. Access denied.
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000016 => Key could not be deleted. Access denied.
Could not move "C:\Windows\system32\ColorMedia.dll" => Scheduled to move on reboot.
 
=========  netsh winsock reset =========
 
Access is denied.
 
 
 
========= End of CMD: =========
 
"HKU\S-1-5-21-1441847595-3396335443-3013822310-1000_Classes\CLSID\{06EEE834-461C-42C2-8DCF-1502B527B1F9}" => Key deleted successfully.
"HKU\S-1-5-21-1441847595-3396335443-3013822310-1000_Classes\CLSID\{42042206-2D85-11D3-8CFF-005004838597}" => Key deleted successfully.
"HKU\S-1-5-21-1441847595-3396335443-3013822310-1000_Classes\CLSID\{4516CEE1-97DA-4030-A444-2D8E296B96B6}" => Key deleted successfully.
"HKU\S-1-5-21-1441847595-3396335443-3013822310-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}" => Key deleted successfully.
CustomCLSID: => Key could not be deleted. Error: 0xC000003B
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000_Classes\CLSID\{6F237DF9-9DDB-47AD-B218-400D54C286AD}\InprocServer32 -> No File Path => Error: No automatic fix found for this entry.
"HKU\S-1-5-21-1441847595-3396335443-3013822310-1000_Classes\CLSID\{942BC614-676C-464E-B384-D3202AAA02DA}" => Key deleted successfully.
"HKU\S-1-5-21-1441847595-3396335443-3013822310-1000_Classes\CLSID\{F7117AE6-81F2-45B8-96EE-56F6FD357A48}" => Key deleted successfully.
"HKU\S-1-5-21-1441847595-3396335443-3013822310-1000_Classes\CLSID\{FBF23B40-E3F0-101B-8488-00AA003E56F8}" => Key deleted successfully.
 
"C:\ProgramData\{49A0BAC7-3326-4433-9373-4AA8793ABB5C}" directory move:
 
Could not move "C:\ProgramData\{49A0BAC7-3326-4433-9373-4AA8793ABB5C}" directory. => Scheduled to move on reboot.
 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1C3738CF-46A3-4A60-A567-DB55C9A2CB8F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1C3738CF-46A3-4A60-A567-DB55C9A2CB8F}" => Key deleted successfully.
C:\Windows\System32\Tasks\GNVLNUPDH => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GNVLNUPDH" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\Task: {E0AD6386-6E2D-48F8-8A68-34B84D6F7060} - => Key not found. 
System32\Tasks\{301B22F9-3893-40C8-8DB1-A0021897023C} => pcalua.exe -a "C:\Users\Jason\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LKQ4UDUZ\msicuu2[1].exe" -d C:\Users\Jason\Desktop => Error: No automatic fix found for this entry.
C:\ProgramData\Temp => ":178D4338" ADS removed successfully.
C:\ProgramData\Temp => ":3B5038B1" ADS removed successfully.
C:\ProgramData\Temp => ":3E69E337" ADS removed successfully.
C:\ProgramData\Temp => ":409A775B" ADS removed successfully.
C:\ProgramData\Temp => ":4AC9B4B7" ADS removed successfully.
C:\ProgramData\Temp => ":64648EF8" ADS removed successfully.
C:\ProgramData\Temp => ":77A023CE" ADS removed successfully.
C:\ProgramData\Temp => ":7C60A173" ADS removed successfully.
C:\ProgramData\Temp => ":8BB2EC84" ADS removed successfully.
C:\ProgramData\Temp => ":DFC3B090" ADS removed successfully.
C:\ProgramData\Temp => ":F1C0B203" ADS removed successfully.
C:\ProgramData\Temp => ":FE9F7F81" ADS removed successfully.
C:\6156cf8e => Moved successfully.
"2015-04-21 00:23 - 2015-04-22 20:25 - 00000000 ___HD ()" => File/Directory not found.
 
"C:\ProgramData\{49A0BAC7-3326-4433-9373-4AA8793ABB5C}" directory move:
 
Could not move "C:\ProgramData\{49A0BAC7-3326-4433-9373-4AA8793ABB5C}" directory. => Scheduled to move on reboot.
 
C:\Users\Jason\AppData\Local\Ordfics => Moved successfully.
C:\Users\Jason\AppData\Local\Ibjhsoft => Moved successfully.
 
"C:\Users\Jason\AppData\Local\yraje" directory move:
 
Could not move "C:\Users\Jason\AppData\Local\yraje" directory. => Scheduled to move on reboot.
 
C:\ProgramData\cd96e4ae2fbb46d9b627abb8e45312b8 => Moved successfully.
C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD} => Moved successfully.
C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3} => Moved successfully.
C:\ProgramData\741706000001478 => Moved successfully.
C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 => Moved successfully.
 
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-04-24 22:51:12)<=
 
C:\Users\Jason\AppData\Local\yraje => Is moved successfully.
"C:\Windows\system32\ColorMedia.dll" => File could not move.
C:\ProgramData\{49A0BAC7-3326-4433-9373-4AA8793ABB5C} => Is moved successfully.
C:\ProgramData\{49A0BAC7-3326-4433-9373-4AA8793ABB5C} => Is moved successfully.
C:\Users\Jason\AppData\Local\yraje => Is moved successfully.
 
==== End of Fixlog 22:51:12 ====
 
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-04-2015 01
Ran by Jason (administrator) on JASON-LAPTOP on 24-04-2015 22:54:55
Running from C:\Users\Jason\Desktop\jan
Loaded Profiles: Jason (Available profiles: Jason)
Platform: Microsoft® Windows Vista™ Home Basic  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ALWIL Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CartCrunch Israel Ltd.) C:\ProgramData\PicColor Utility\ColorMedia.exe
() C:\Program Files\SMINST\BLService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CyberLink Corp.) C:\Program Files\HP\QuickPlay\QPService.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(ALWIL Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Power Software Ltd) C:\Users\Jason\Desktop\alex\PowerISO FULL 5.8 + Serials [ThumperDC]\PowerISO\PWRISOVM.EXE
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
(BitTorrent, Inc.) C:\Users\Jason\Program Files\DNA\btdna.exe
() C:\Program Files\AeroSnap\AeroSnap.exe
(BitTorrent Inc.) C:\Users\Jason\AppData\Roaming\BitTorrent\BitTorrent.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Comfort Software Group) C:\Program Files\FreeCountdownTimer\FreeCountdownTimer.exe
() C:\Windows\System32\C2MP\UpdateChecker.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1049896 2008-04-17] (Synaptics, Inc.)
HKLM\...\Run: [QPService] => C:\Program Files\HP\QuickPlay\QPService.exe [468264 2008-09-23] (CyberLink Corp.)
HKLM\...\Run: [UpdateLBPShortCut] => C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM\...\Run: [UpdatePSTShortCut] => C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2008-10-06] (CyberLink Corp.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [202032 2008-08-01] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [UpdateP2GoShortCut] => C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM\...\Run: [UpdatePDIRShortCut] => C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM\...\Run: [HP Health Check Scheduler] => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75008 2008-10-09] (Hewlett-Packard)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM\...\Run: [hpWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752 2008-04-15] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [1501064 2009-05-21] (Microsoft Corporation)
HKLM\...\Run: [avast5] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2743104 2010-01-19] (ALWIL Software)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152544 2012-12-12] (Apple Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [PWRISOVM.EXE] => C:\Users\Jason\Desktop\alex\PowerISO FULL 5.8 + Serials [ThumperDC]\PowerISO\PWRISOVM.EXE [366904 2014-10-08] (Power Software Ltd)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\Run: [BitTorrent DNA] => C:\Users\Jason\Program Files\DNA\btdna.exe [323392 2009-11-06] (BitTorrent, Inc.)
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\Run: [AeroSnap] => C:\Program Files\AeroSnap\AeroSnap.exe [886784 2008-12-06] ()
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\Run: [Hobbyist Software VLC Streamer] => "C:\Program Files\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe" /startup
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\Run: [BitTorrent] => C:\Users\Jason\AppData\Roaming\BitTorrent\BitTorrent.exe [1744472 2015-03-03] (BitTorrent Inc.)
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\Run: [GameHug Arcade] => C:\Users\Jason\AppData\Roaming\GameHugArcade\GameHug Arcade\GameHugArcade.exe /b
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\Run: [FreeCT] => C:\Program Files\FreeCountdownTimer\FreeCountdownTimer.exe [2432280 2014-02-25] (Comfort Software Group)
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\Run: [FlashPlayerUpdate] => C:\Users\Jason\AppData\Local\Macromedia\Flash Player\FlashPlayerUpdateService.exe [159744 2015-04-24] ()
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\Run: [yraje] => "C:\Users\Jason\AppData\Local\yraje\yraje.exe"
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\MountPoints2: F - F:\autorun.exe
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\MountPoints2: G - G:\autorun.exe
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\MountPoints2: {f09673b8-d912-11e1-a5f2-001f1670e2a0} - G:\LaunchU3.exe -a
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [879616 2008-01-20] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2015-01-25]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk [2015-01-17]
ShortcutTarget: CodecPackUpdateChecker.lnk -> C:\Windows\System32\C2MP\UpdateChecker.exe ()
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
SearchScopes: HKLM -> {7DC7C2A9-63BE-4EDF-99EF-028F49D65B85} URL = http://search.live.com/results.aspx?q={searchTerms}&FORM=HPNTDF
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000 -> {7DC7C2A9-63BE-4EDF-99EF-028F49D65B85} URL = http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}
SearchScopes: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000 -> {B5E44D46-B927-4BE9-A657-C5B22D06A5CB} URL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=ie8
SearchScopes: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000 -> {CF30714C-F446-4AFE-AFDF-64680C58C9F0} URL = http://www.ant.com/search?s=browser&q={searchTerms}
Toolbar: HKU\S-1-5-21-1441847595-3396335443-3013822310-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-12-18] (Google Inc.)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2009-10-09] (Skype Technologies)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Winsock: Catalog9 01 C:\Windows\system32\ColorMedia.dll [324776 2015-01-24] (CartCrunch Israel Ltd.)
Winsock: Catalog9 02 C:\Windows\system32\ColorMedia.dll [324776 2015-01-24] (CartCrunch Israel Ltd.)
Winsock: Catalog9 03 C:\Windows\system32\ColorMedia.dll [324776 2015-01-24] (CartCrunch Israel Ltd.)
Winsock: Catalog9 04 C:\Windows\system32\ColorMedia.dll [324776 2015-01-24] (CartCrunch Israel Ltd.)
Winsock: Catalog9 16 C:\Windows\system32\ColorMedia.dll [324776 2015-01-24] (CartCrunch Israel Ltd.)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [2009-02-02] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1215155.dll [2014-12-02] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2012-10-31] ()
FF Plugin: @bittorrent.com/BitTorrentDNA -> C:\Program Files\DNA\plugins\npbtdna.dll [2009-05-31] (BitTorrent, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Windows\system32\npdeployJava1.dll [2015-01-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-01-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-01-08] (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll [2010-06-01] (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.4 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2009-06-09] (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-15] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin: BYOND -> C:\Program Files\BYOND\bin\npbyond.dll [2008-07-08] (BYOND)
FF Plugin HKU\S-1-5-21-1441847595-3396335443-3013822310-1000: @bittorrent.com/BitTorrentDNA -> C:\Users\Jason\Program Files\DNA\plugins\npbtdna.dll [2009-11-06] (BitTorrent, Inc.)
FF Extension: No Name - C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2012-09-10]
FF Extension: OneClickDownloader - C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\profiles\extensions\OneClickDownload@OneClickDownload.com [2012-08-01]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-05-03]
FF HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\Firefox\Extensions: [{d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}] - C:\Users\Jason\Program Files\DNA
FF Extension: DNA - C:\Users\Jason\Program Files\DNA [2009-06-01]
 
Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-25]
CHR Extension: (No Name) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-25]
CHR Extension: (No Name) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-25]
CHR Extension: (No Name) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-25]
CHR Extension: (No Name) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-25]
CHR Extension: (No Name) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-25]
CHR Extension: (No Name) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-25]
CHR Extension: (No Name) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2015-02-24]
CHR Extension: (No Name) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhmokalkpaiacdofbcddkogifepbaijk [2015-03-26]
CHR Extension: (No Name) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlpcbjmcojciinknchcafgalmphlpjjn [2015-03-06]
CHR Extension: (No Name) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpjmmnldeimboalmkeklmimiidigpdcp [2015-02-15]
CHR Extension: (No Name) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfecnpmgnlnbmipaogfhoacoioifjgko [2015-04-21]
CHR Extension: (No Name) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-25]
CHR Extension: (No Name) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifdfchgmkfglcccmkoofhbnmkdlbgag [2015-04-16]
CHR Extension: (No Name) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflmllfnnabikmfkkaddkoolinlfninn [2015-02-15]
CHR Extension: (No Name) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-25]
CHR HKLM\...\Chrome\Extension: [kfecnpmgnlnbmipaogfhoacoioifjgko] - http://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kfecnpmgnlnbmipaogfhoacoioifjgko] - http://clients2.google.com/service/update2/crx
 
Opera: 
=======
OPR Extension: (AdBlock) - C:\Users\Jason\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2015-01-08]
OPR Extension: (YouTube Downloader) - C:\Users\Jason\AppData\Roaming\Opera Software\Opera Stable\Extensions\kclijeogghhkmenkommbnjobhnndpfba [2015-01-17]
OPR Extension: (FastestTube - YouTube Video Downloader) - C:\Users\Jason\AppData\Roaming\Opera Software\Opera Stable\Extensions\phahnhbgfdhgobenebnjbgmacgpbfaag [2015-01-17]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 5c8a92f4; c:\Program Files\SystemAssister\SystemAssister.dll [1563136 2015-02-14] () [File not signed]
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [40384 2010-01-19] (ALWIL Software)
R3 avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [40384 2010-01-19] (ALWIL Software)
R3 avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [40384 2010-01-19] (ALWIL Software)
R2 ColorMedia; C:\ProgramData\PicColor Utility\ColorMedia.exe [1398304 2015-01-07] (CartCrunch Israel Ltd.) [File not signed]
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation)
R2 Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [365952 2008-10-06] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [241734 2008-09-15] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-20] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswFsBlk; C:\Windows\system32\Drivers\aswFsBlk.sys [19024 2010-01-19] (ALWIL Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [51792 2010-01-19] (ALWIL Software)
R1 aswRdr; C:\Windows\system32\Drivers\aswRdr.sys [23248 2010-01-19] (ALWIL Software)
R1 aswSP; C:\Windows\system32\Drivers\aswSP.sys [162640 2010-01-19] (ALWIL Software)
R1 aswTdi; C:\Windows\system32\Drivers\aswTdi.sys [46544 2010-01-19] (ALWIL Software)
R1 cmwd; C:\Windows\system32\Drivers\cmwd.sys [20096 2015-01-07] () [File not signed]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl.sys [18432 2010-04-19] (Apple Inc.) [File not signed]
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [570880 2007-12-14] (Ralink Technology Corp.)
S3 P1171VID; C:\Windows\System32\DRIVERS\P1171Vid.sys [91392 2004-03-19] (Creative Technology Ltd.)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [113904 2014-10-08] (Power Software Ltd)
S3 WinRing0_1_2_0; C:\Program Files\BatteryCare\WinRing0.sys [14416 2008-07-26] (OpenLibSys.org)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-20] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Jason\AppData\Local\Temp\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S1 MpKsl51d446e2; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C0A3756E-DFB4-413A-BA99-4D92230DAA5C}\MpKsl51d446e2.sys [X]
S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVENG.SYS [X]
S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVEX15.SYS [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S1 qilartzz; \??\C:\Windows\system32\drivers\qilartzz.sys [X]
S1 SRTSP; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SRTSP.SYS [X]
S1 SRTSPX; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SRTSPX.SYS [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-24 22:55 - 2015-04-24 22:55 - 06103040 _____ () C:\Program Files\GUTF5F3.tmp
2015-04-24 22:55 - 2015-04-24 22:55 - 00000000 ____D () C:\Program Files\GUMF5F2.tmp
2015-04-24 22:09 - 2015-04-24 22:38 - 00002674 _____ () C:\Users\Public\HELP_RESTORE_FILES.txt
2015-04-24 22:09 - 2015-04-24 22:38 - 00002674 _____ () C:\Users\Public\Downloads\HELP_RESTORE_FILES.txt
2015-04-24 22:09 - 2015-04-24 22:38 - 00002674 _____ () C:\Users\Jason\HELP_RESTORE_FILES.txt
2015-04-24 21:34 - 2015-04-24 22:38 - 00002674 _____ () C:\Users\Jason\Documents\HELP_RESTORE_FILES.txt
2015-04-24 21:34 - 2015-04-24 22:36 - 00002674 _____ () C:\Users\Jason\Downloads\HELP_RESTORE_FILES.txt
2015-04-24 19:58 - 2015-04-24 19:58 - 00001017 _____ () C:\Users\Jason\Desktop\Revo Uninstaller.lnk
2015-04-24 19:57 - 2015-04-24 19:57 - 00000000 ____D () C:\Program Files\VS Revo Group
2015-04-22 21:01 - 2015-04-22 21:05 - 00000000 ____D () C:\Users\Jason\AppData\Local\gmsd_us_479
2015-04-22 21:01 - 2015-04-22 21:03 - 00000000 ____D () C:\Program Files\gmsd_us_479
2015-04-22 20:44 - 2015-04-24 21:34 - 00045684 _____ () C:\Users\Jason\HELP_DECRYPT.PNG.ecc
2015-04-22 20:44 - 2015-04-24 21:34 - 00004276 _____ () C:\Users\Jason\HELP_DECRYPT.TXT.ecc
2015-04-22 20:44 - 2015-04-22 20:44 - 00008624 _____ () C:\Users\Jason\HELP_DECRYPT.HTML
2015-04-22 20:44 - 2015-04-22 20:44 - 00000292 _____ () C:\Users\Jason\HELP_DECRYPT.URL
2015-04-22 20:29 - 2015-04-24 22:55 - 00000000 ____D () C:\FRST
2015-04-22 20:25 - 2015-04-22 20:25 - 00000714 _____ () C:\Windows\setupact.log
2015-04-22 20:25 - 2015-04-22 20:25 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-22 06:00 - 2015-04-22 06:25 - 00000000 ___SD () C:\ComboFix
2015-04-22 05:54 - 2015-04-22 05:54 - 00143520 _____ () C:\Windows\Minidump\Mini042215-01.dmp
2015-04-22 01:56 - 2015-04-24 22:34 - 00002960 _____ () C:\Users\Jason\AppData\HELP_RESTORE_FILES.txt
2015-04-22 01:56 - 2015-04-24 22:34 - 00002674 _____ () C:\Users\Jason\AppData\Roaming\HELP_RESTORE_FILES.txt
2015-04-22 01:55 - 2015-04-24 22:38 - 00002674 _____ () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\HELP_RESTORE_FILES.txt
2015-04-22 01:55 - 2015-04-24 20:32 - 00002674 _____ () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HELP_RESTORE_FILES.txt
2015-04-21 06:16 - 2015-04-24 21:27 - 00045684 _____ () C:\Users\Jason\Desktop\HELP_DECRYPT.PNG.ecc
2015-04-21 06:16 - 2015-04-22 20:45 - 00000292 _____ () C:\Users\Jason\Desktop\HELP_DECRYPT.URL
2015-04-21 06:16 - 2015-04-22 20:44 - 00008624 _____ () C:\Users\Jason\Desktop\HELP_DECRYPT.HTML
2015-04-21 06:15 - 2015-04-24 21:27 - 00004276 _____ () C:\Users\Jason\Desktop\HELP_DECRYPT.TXT.ecc
2015-04-21 06:07 - 2015-04-24 22:09 - 00045620 _____ () C:\Users\Public\HELP_DECRYPT.PNG.ecc
2015-04-21 06:07 - 2015-04-24 22:09 - 00045620 _____ () C:\Users\Public\Documents\HELP_DECRYPT.PNG.ecc
2015-04-21 06:07 - 2015-04-24 22:09 - 00004276 _____ () C:\Users\Public\HELP_DECRYPT.TXT.ecc
2015-04-21 06:07 - 2015-04-24 22:09 - 00004276 _____ () C:\Users\Public\Documents\HELP_DECRYPT.TXT.ecc
2015-04-21 06:07 - 2015-04-21 06:07 - 00008624 _____ () C:\Users\Public\HELP_DECRYPT.HTML
2015-04-21 06:07 - 2015-04-21 06:07 - 00008624 _____ () C:\Users\Public\Documents\HELP_DECRYPT.HTML
2015-04-21 06:07 - 2015-04-21 06:07 - 00000292 _____ () C:\Users\Public\HELP_DECRYPT.URL
2015-04-21 06:07 - 2015-04-21 06:07 - 00000292 _____ () C:\Users\Public\Documents\HELP_DECRYPT.URL
2015-04-21 04:22 - 2015-04-24 21:34 - 00045572 _____ () C:\Users\Jason\Downloads\HELP_DECRYPT.PNG.ecc
2015-04-21 04:22 - 2015-04-24 21:34 - 00004276 _____ () C:\Users\Jason\Downloads\HELP_DECRYPT.TXT.ecc
2015-04-21 04:22 - 2015-04-24 21:33 - 00045684 _____ () C:\Users\Jason\Documents\HELP_DECRYPT.PNG.ecc
2015-04-21 04:22 - 2015-04-24 21:33 - 00004276 _____ () C:\Users\Jason\Documents\HELP_DECRYPT.TXT.ecc
2015-04-21 04:22 - 2015-04-22 20:43 - 00008624 _____ () C:\Users\Jason\Documents\HELP_DECRYPT.HTML
2015-04-21 04:22 - 2015-04-22 20:43 - 00000292 _____ () C:\Users\Jason\Documents\HELP_DECRYPT.URL
2015-04-21 04:22 - 2015-04-21 04:22 - 00008624 _____ () C:\Users\Jason\Downloads\HELP_DECRYPT.HTML
2015-04-21 04:22 - 2015-04-21 04:22 - 00000292 _____ () C:\Users\Jason\Downloads\HELP_DECRYPT.URL
2015-04-21 03:34 - 2015-04-24 22:36 - 00002674 _____ () C:\Users\Jason\AppData\Local\HELP_RESTORE_FILES.txt
2015-04-21 03:34 - 2015-04-24 20:14 - 00002674 _____ () C:\Users\Jason\AppData\Local\Apps\HELP_RESTORE_FILES.txt
2015-04-21 02:33 - 2015-04-24 22:38 - 00002960 _____ () C:\Users\Public\Documents\HELP_RESTORE_FILES.txt
2015-04-21 02:33 - 2015-04-24 22:33 - 00003824 _____ () C:\ProgramData\HELP_RESTORE_FILES.txt
2015-04-21 02:16 - 2015-04-24 22:39 - 00000752 _____ () C:\Users\Jason\AppData\Roaming\key.dat
2015-04-21 02:16 - 2015-04-24 22:38 - 13781450 _____ () C:\Users\Jason\AppData\Roaming\log.html
2015-04-21 02:16 - 2015-04-24 19:52 - 00000232 _____ () C:\Users\Jason\Documents\RECOVERY_KEY.TXT
2015-04-21 01:32 - 2015-04-22 21:05 - 00045684 _____ () C:\Users\Jason\AppData\HELP_DECRYPT.PNG.ecc
2015-04-21 01:32 - 2015-04-22 21:05 - 00004276 _____ () C:\Users\Jason\AppData\HELP_DECRYPT.TXT.ecc
2015-04-21 01:32 - 2015-04-22 20:43 - 00008624 _____ () C:\Users\Jason\AppData\HELP_DECRYPT.HTML
2015-04-21 01:32 - 2015-04-22 20:43 - 00000292 _____ () C:\Users\Jason\AppData\HELP_DECRYPT.URL
2015-04-21 01:32 - 2015-04-22 01:54 - 00045572 _____ () C:\Users\Jason\AppData\Roaming\HELP_DECRYPT.PNG.ecc
2015-04-21 01:32 - 2015-04-22 01:54 - 00004276 _____ () C:\Users\Jason\AppData\Roaming\HELP_DECRYPT.TXT.ecc
2015-04-21 01:32 - 2015-04-21 01:32 - 00008624 _____ () C:\Users\Jason\AppData\Roaming\HELP_DECRYPT.HTML
2015-04-21 01:32 - 2015-04-21 01:32 - 00000292 _____ () C:\Users\Jason\AppData\Roaming\HELP_DECRYPT.URL
2015-04-21 01:09 - 2015-04-21 03:38 - 00045572 _____ () C:\Users\Jason\AppData\Local\HELP_DECRYPT.PNG.ecc
2015-04-21 01:09 - 2015-04-21 03:38 - 00004276 _____ () C:\Users\Jason\AppData\Local\HELP_DECRYPT.TXT.ecc
2015-04-21 01:09 - 2015-04-21 01:09 - 00008624 _____ () C:\Users\Jason\AppData\Local\HELP_DECRYPT.HTML
2015-04-21 01:09 - 2015-04-21 01:09 - 00000292 _____ () C:\Users\Jason\AppData\Local\HELP_DECRYPT.URL
2015-04-21 01:01 - 2015-04-21 03:34 - 00045572 _____ () C:\Users\Jason\AppData\Local\Apps\HELP_DECRYPT.PNG.ecc
2015-04-21 01:01 - 2015-04-21 03:34 - 00004276 _____ () C:\Users\Jason\AppData\Local\Apps\HELP_DECRYPT.TXT.ecc
2015-04-21 01:01 - 2015-04-21 01:01 - 00008624 _____ () C:\Users\Jason\AppData\Local\Apps\HELP_DECRYPT.HTML
2015-04-21 01:01 - 2015-04-21 01:01 - 00000292 _____ () C:\Users\Jason\AppData\Local\Apps\HELP_DECRYPT.URL
2015-04-21 00:45 - 2015-04-24 19:54 - 00045716 _____ () C:\ProgramData\HELP_DECRYPT.PNG.ecc
2015-04-21 00:45 - 2015-04-24 19:54 - 00004308 _____ () C:\ProgramData\HELP_DECRYPT.TXT.ecc
2015-04-21 00:45 - 2015-04-22 20:42 - 00008624 _____ () C:\ProgramData\HELP_DECRYPT.HTML
2015-04-21 00:45 - 2015-04-22 20:42 - 00000292 _____ () C:\ProgramData\HELP_DECRYPT.URL
2015-04-21 00:24 - 2015-04-21 03:38 - 00000000 ____D () C:\Users\Jason\AppData\Local\Macromedia
2015-04-20 18:19 - 2015-04-20 18:20 - 34404626 _____ () C:\Users\Jason\Downloads\torbrowser-install-4.0.8_en-US.exe
2015-04-19 19:52 - 2015-04-19 19:53 - 00000000 ____D () C:\Program Files\BYOND
2015-04-19 19:52 - 2015-04-19 19:52 - 00001485 _____ () C:\Users\Public\Desktop\BYOND.lnk
2015-04-19 19:33 - 2015-04-19 19:34 - 00143520 _____ () C:\Windows\Minidump\Mini041915-01.dmp
2015-04-17 20:45 - 1999-12-17 09:13 - 00086016 _____ (MindVision Software) C:\Windows\unvise32.exe
2015-04-17 20:44 - 2015-04-17 20:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eternal damnation
2015-04-17 20:44 - 2015-04-17 20:44 - 00001180 _____ () C:\Users\Jason\Desktop\Shortcut to EternalDamnation.exe.lnk
2015-04-16 03:45 - 2015-04-16 03:45 - 00001043 _____ () C:\Users\Jason\Desktop\AWP.exe - Shortcut.lnk
2015-04-16 01:29 - 2015-04-16 01:29 - 00001991 _____ () C:\Users\Public\Desktop\Postal 2 Apocalypse Weekend Expansion Pack.lnk
2015-04-16 01:29 - 2015-04-16 01:29 - 00001811 _____ () C:\Users\Public\Desktop\Postal 2 Share The Pain.lnk
2015-04-16 01:29 - 2015-04-16 01:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-04-16 01:24 - 2015-04-16 01:24 - 00000000 ____D () C:\Program Files\GOG.com
2015-04-15 21:04 - 2015-04-21 04:25 - 00000000 ____D () C:\Users\Jason\AppData\Local\Prompt Downloader
2015-04-15 20:35 - 2015-04-22 21:25 - 00000177 _____ () C:\Windows\system32\SetupComponents.exe
2015-04-14 14:39 - 2015-04-14 14:39 - 00000000 __RSH () C:\MSDOS.SYS
2015-04-14 14:39 - 2015-04-14 14:39 - 00000000 __RSH () C:\IO.SYS
2015-04-10 17:06 - 2015-04-10 17:07 - 00873634 _____ () C:\Users\Jason\Documents\savegame.dat
2015-04-10 03:05 - 2015-04-10 03:05 - 00000884 _____ () C:\Users\Jason\Desktop\Free Countdown Timer.lnk
2015-04-10 03:05 - 2015-04-10 03:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Countdown Timer
2015-04-10 03:04 - 2015-04-10 03:05 - 00000000 ____D () C:\Program Files\FreeCountdownTimer
2015-04-07 16:35 - 2015-04-07 16:35 - 00000000 ____D () C:\Windows\MRLH
2015-04-04 12:48 - 2015-04-21 04:58 - 00000000 ____D () C:\Users\Jason\AppData\Local\_
2015-04-04 12:31 - 2015-04-21 04:25 - 00000000 ____D () C:\Users\Jason\AppData\Local\NBTExplorer
2015-04-01 21:07 - 2015-04-01 21:07 - 00001598 _____ () C:\Users\Jason\Desktop\oPryzeLP Mod Tool.lnk
2015-03-30 06:50 - 2015-03-30 06:51 - 00143520 _____ () C:\Windows\Minidump\Mini033015-01.dmp
2015-03-29 20:29 - 2015-04-24 21:33 - 00000000 ____D () C:\Users\Jason\Documents\MC360NBT
2015-03-29 20:29 - 2015-04-21 03:38 - 00000000 __SHD () C:\Users\Jason\AppData\Local\icsxml
2015-03-29 20:29 - 2015-04-21 02:33 - 00000000 __SHD () C:\ProgramData\icsxml
2015-03-29 20:29 - 2015-04-21 02:33 - 00000000 __SHD () C:\ProgramData\DIBsection
2015-03-26 23:30 - 2015-04-22 01:55 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-03-26 23:30 - 2015-03-26 23:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-03-26 19:16 - 2015-03-29 02:27 - 00000000 ____D () C:\Program Files\saveruabOX
2015-03-26 19:16 - 2015-03-29 02:27 - 00000000 ____D () C:\Program Files\Bookmark Search
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-24 22:56 - 2012-09-14 19:42 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-24 22:56 - 2012-09-14 19:42 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-24 22:54 - 2015-01-25 02:51 - 00000000 ____D () C:\Users\Jason\Desktop\jan
2015-04-24 22:52 - 2009-05-31 22:03 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\BitTorrent
2015-04-24 22:52 - 2009-03-09 10:20 - 00000284 _____ () C:\ProgramData\hpqp.ini
2015-04-24 22:51 - 2015-01-25 01:38 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2015-04-24 22:51 - 2009-05-31 22:02 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\DNA
2015-04-24 22:51 - 2006-11-02 07:45 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-24 22:51 - 2006-11-02 07:45 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-24 22:50 - 2015-01-25 07:00 - 00017676 _____ () C:\Windows\PFRO.log
2015-04-24 22:50 - 2009-07-05 20:14 - 00000422 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{A2278271-91F5-45C0-91F4-37B192C68C51}.job
2015-04-24 22:50 - 2006-11-02 07:58 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-24 22:49 - 2009-07-26 15:50 - 00000012 _____ () C:\Windows\bthservsdp.dat
2015-04-24 22:49 - 2009-03-09 09:48 - 01290545 _____ () C:\Windows\WindowsUpdate.log
2015-04-24 22:49 - 2006-11-02 07:58 - 00032626 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-24 22:46 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2015-04-24 22:38 - 2011-04-22 01:19 - 00000000 ____D () C:\WCamNbook
2015-04-24 22:38 - 2011-04-21 20:41 - 00000000 ____D () C:\WebCam Notebook
2015-04-24 22:36 - 2012-04-26 00:24 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-24 22:23 - 2015-01-08 08:48 - 00000892 _____ () C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-04-24 22:15 - 1999-03-30 13:17 - 00000000 ___HD () C:\System.sav
2015-04-24 22:11 - 2015-01-25 02:07 - 00000000 ____D () C:\shoplog
2015-04-24 22:11 - 2012-12-15 21:59 - 00000000 ____D () C:\sn0wbreeze
2015-04-24 22:11 - 2012-03-09 15:45 - 00000000 ____D () C:\Qoobox
2015-04-24 22:11 - 2010-03-30 01:57 - 00000000 ____D () C:\PFiles
2015-04-24 22:11 - 2010-01-24 01:35 - 00000000 ____D () C:\Shows
2015-04-24 22:11 - 2009-11-15 00:35 - 00000000 ___HD () C:\jexepackres
2015-04-24 22:11 - 2009-03-09 09:53 - 00000000 ____D () C:\Intel
2015-04-24 22:11 - 2008-10-23 00:34 - 00000000 ___HD () C:\HP
2015-04-24 22:09 - 2015-01-12 18:29 - 00000000 ____D () C:\Games
2015-04-24 22:09 - 2013-12-01 18:56 - 00000000 ____D () C:\eb04d6e2dab7fcaa659d44f4
2015-04-24 22:09 - 2011-04-22 01:19 - 00000000 ____D () C:\Users\Jason\{76478521-61e1-4f7a-afcd-e31437989e75}
2015-04-24 22:09 - 2010-06-08 00:03 - 00000000 ____D () C:\Users\Public\CyberLink
2015-04-24 22:09 - 2009-08-30 16:40 - 00000000 ____D () C:\Users\Jason\Tracing
2015-04-24 22:09 - 2009-05-27 08:14 - 00000000 ____D () C:\Users\Public\Recorded TV
2015-04-24 22:09 - 2009-05-03 21:21 - 00000000 ____D () C:\Users\Jason
2015-04-24 22:09 - 2006-11-02 06:18 - 00000000 ___RD () C:\Users\Public
2015-04-24 21:34 - 2015-01-24 14:34 - 00000000 ____D () C:\Users\Jason\Documents\VirtualDJ
2015-04-24 21:34 - 2013-01-23 23:17 - 00000484 ____H () C:\Users\Jason\Downloads\~$mension_Analysis2011.doc.ecc
2015-04-24 21:34 - 2011-11-05 20:13 - 00000000 ___RD () C:\Users\Jason\Dropbox
2015-04-24 21:33 - 2015-03-05 16:50 - 00000000 ____D () C:\Users\Jason\Documents\Hitman Blood Money
2015-04-24 21:33 - 2015-01-31 21:34 - 00000000 ____D () C:\Users\Jason\Documents\SimCity 4
2015-04-24 21:33 - 2015-01-31 13:41 - 00000000 ____D () C:\Users\Jason\Documents\LDW
2015-04-24 21:33 - 2015-01-17 12:05 - 00000388 _____ () C:\Users\Jason\Documents\txt.txt.ecc
2015-04-24 21:33 - 2015-01-17 10:54 - 00000000 ____D () C:\Users\Jason\Documents\My Games
2015-04-24 21:33 - 2015-01-08 10:10 - 00000000 ____D () C:\Users\Jason\Documents\MCEdit
2015-04-24 21:33 - 2012-01-28 19:44 - 00000000 ____D () C:\Users\Jason\Documents\dvd
2015-04-24 21:33 - 2012-01-28 19:34 - 00000000 ___HD () C:\Users\Jason\Documents\ShadowEditFiles
2015-04-24 21:33 - 2012-01-28 19:34 - 00000000 ____D () C:\Users\Jason\Documents\CyberLink
2015-04-24 21:33 - 2011-10-02 15:46 - 00000000 ____D () C:\Users\Jason\Documents\BYOND
2015-04-24 21:33 - 2011-10-01 22:33 - 00000000 ____D () C:\Users\Jason\Documents\My Cheat Tables
2015-04-24 21:33 - 2011-06-19 16:22 - 00000000 ____D () C:\Users\Jason\Documents\SolidDVDBurner
2015-04-24 21:33 - 2010-03-12 03:37 - 00000000 ___SD () C:\Users\Jason\Documents\My DocsToGo
2015-04-24 21:33 - 2010-01-10 14:17 - 06459828 _____ () C:\Users\Jason\Documents\Document.rtf.ecc
2015-04-24 21:33 - 2009-11-17 22:43 - 00000000 ____D () C:\Users\Jason\Documents\Microsoft Hardware
2015-04-24 21:33 - 2009-10-18 15:54 - 00000000 ____D () C:\Users\Jason\Documents\OneNote Notebooks
2015-04-24 21:33 - 2009-09-25 00:49 - 00011172 _____ () C:\Users\Jason\Documents\using 2oclock range for BO with 10-40 as filter on daily--- contradiction on hourly.ods.ecc
2015-04-24 21:33 - 2009-07-30 18:01 - 00000000 ____D () C:\Users\Jason\Documents\DVDFab
2015-04-24 21:32 - 2015-02-22 12:36 - 00000000 ____D () C:\Users\Jason\Documents\ACDSee Photo Editor
2015-04-24 21:32 - 2011-11-09 22:17 - 05648884 _____ () C:\Users\Jason\Desktop\win32diskimager-RELEASE-0.3-r27-binary.zip.ecc
2015-04-24 21:32 - 2011-04-23 16:02 - 00000000 ____D () C:\Users\Jason\Desktop\X
2015-04-24 21:32 - 2011-04-06 01:23 - 00040868 _____ () C:\Users\Jason\Desktop\Working4-6.ods.ecc
2015-04-24 21:32 - 2011-03-02 21:17 - 00000484 ____H () C:\Users\Jason\Desktop\~$sume Indiana.docx.ecc
2015-04-24 21:31 - 2011-11-10 01:52 - 105827476 _____ () C:\Users\Jason\Desktop\update-cm-7.1.0-encore-signed.zip.ecc
2015-04-24 21:31 - 2011-11-09 22:19 - 00000000 ____D () C:\Users\Jason\Desktop\win32diskimager-RELEASE-0.3-r27-binary
2015-04-24 21:30 - 2014-11-15 19:30 - 00617540 _____ () C:\Users\Jason\Desktop\twb4025_channel_slate_evansville_v03.pdf.ecc
2015-04-24 21:30 - 2010-09-02 14:21 - 00050660 _____ () C:\Users\Jason\Desktop\transcript.pdf.ecc
2015-04-24 21:30 - 2010-01-11 02:01 - 00000000 ____D () C:\Users\Jason\Desktop\Trade office docs
2015-04-24 21:29 - 2013-05-06 22:31 - 01335556 _____ () C:\Users\Jason\Desktop\photo.JPG.ecc
2015-04-24 21:29 - 2011-02-01 21:29 - 00024644 _____ () C:\Users\Jason\Desktop\Resume Indiana.docx.ecc
2015-04-24 21:29 - 2010-10-28 15:18 - 00067396 _____ () C:\Users\Jason\Desktop\Resume Indiana.doc.ecc
2015-04-24 21:29 - 2010-06-09 22:05 - 00026612 _____ () C:\Users\Jason\Desktop\SwgTime.ods.ecc
2015-04-24 21:29 - 2009-11-28 12:36 - 05790724 _____ () C:\Users\Jason\Desktop\Nov09 London.zip.ecc
2015-04-24 21:29 - 2009-11-21 16:07 - 00000000 ____D () C:\Users\Jason\Desktop\Nov09 London Squeeze Seminar Disk
2015-04-24 21:28 - 2011-11-10 03:16 - 00000000 ____D () C:\Users\Jason\Desktop\nook image
2015-04-24 21:28 - 2011-11-09 22:15 - 00000000 ____D () C:\Users\Jason\Desktop\NOOK-CWM3028-imgfiles
2015-04-24 21:27 - 2013-07-08 23:34 - 00000000 ____D () C:\Users\Jason\Desktop\motochopper
2015-04-24 21:27 - 2013-07-08 23:33 - 04246772 _____ () C:\Users\Jason\Desktop\motochopper.zip.ecc
2015-04-24 21:27 - 2012-03-07 23:40 - 00000000 ____D () C:\Users\Jason\Desktop\Infiniteyield Newstrading
2015-04-24 21:27 - 2011-11-22 23:20 - 04851540 _____ () C:\Users\Jason\Desktop\Infiniteyield Newstrading.zip.ecc
2015-04-24 21:27 - 2011-11-09 23:07 - 05818308 _____ () C:\Users\Jason\Desktop\gapps-gb-20110307-signed.zip.ecc
2015-04-24 21:27 - 2010-03-07 20:46 - 00000000 ____D () C:\Users\Jason\Desktop\Expo5
2015-04-24 21:27 - 2009-12-04 10:52 - 00229364 _____ () C:\Users\Jason\Desktop\Infinity73-08 600 watts.pdf.ecc
2015-04-24 21:27 - 2009-12-04 10:50 - 01014516 _____ () C:\Users\Jason\Desktop\infinity OM 6-08.pdf.ecc
2015-04-24 21:27 - 2009-12-04 10:50 - 00229364 _____ () C:\Users\Jason\Desktop\Infinity73-08.pdf.ecc
2015-04-24 21:20 - 2010-02-07 13:35 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\vlc
2015-04-24 20:57 - 2010-03-07 20:27 - 00000000 ____D () C:\Users\Jason\Desktop\Expo4
2015-04-24 20:35 - 2010-10-17 20:18 - 00000000 ____D () C:\Users\Jason\Desktop\Expo 7
2015-04-24 20:31 - 2012-05-02 00:12 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\BatteryCare
2015-04-24 19:54 - 2006-11-02 05:33 - 00006528 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-24 19:51 - 2015-02-22 12:35 - 00000020 _____ () C:\Users\Jason\AppData\Roaming\appdataFr3.bin
2015-04-22 21:34 - 2011-11-05 15:12 - 00000000 ____D () C:\Users\Jason\Calibre Library
2015-04-22 21:11 - 2009-11-19 02:46 - 00001356 _____ () C:\Users\Jason\AppData\Local\d3d9caps.dat
2015-04-22 21:05 - 2013-07-08 23:37 - 00000000 ____D () C:\Users\Jason\.android
2015-04-22 21:05 - 2011-06-12 21:20 - 00000000 ____D () C:\Users\Jason\.oanda
2015-04-22 21:05 - 2011-01-31 13:36 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Yahoo!
2015-04-22 21:05 - 2011-01-31 13:36 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Yahoo!
2015-04-22 06:27 - 2015-01-24 21:35 - 00000000 ____D () C:\ProgramData\PicColor Utility
2015-04-22 06:24 - 2015-01-25 02:56 - 00000000 ____D () C:\AdwCleaner
2015-04-22 05:54 - 2009-12-03 09:49 - 00000000 ____D () C:\Windows\Minidump
2015-04-22 05:53 - 2015-02-14 00:27 - 225880604 _____ () C:\Windows\MEMORY.DMP
2015-04-22 03:28 - 2011-07-19 01:33 - 12919188 _____ () C:\Users\Jason\Desktop\Document.rtf.ecc
2015-04-22 03:28 - 2011-04-04 23:47 - 00380020 _____ () C:\Users\Jason\Desktop\dibs1.pdf.ecc
2015-04-22 03:28 - 2011-04-04 23:47 - 00243012 _____ () C:\Users\Jason\Desktop\dibs2.pdf.ecc
2015-04-22 03:28 - 2010-11-09 21:49 - 00000000 ____D () C:\Users\Jason\Desktop\charpics
2015-04-22 03:08 - 2015-01-08 00:14 - 00000000 ____D () C:\Users\Jason\Desktop\alex
2015-04-22 03:08 - 2012-07-23 00:47 - 00000000 ____D () C:\Users\Jason\Desktop\backups
2015-04-22 03:08 - 2011-11-06 17:29 - 00264932 _____ () C:\Users\Jason\Desktop\Blackmart Alpha 0.49_b93.apk.ecc
2015-04-22 03:08 - 2010-04-14 20:13 - 00000468 _____ () C:\Users\Jason\Desktop\Capital Gains 2010 Carry forward to 2011.txt.ecc
2015-04-22 01:56 - 2015-01-17 23:09 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Tomabo
2015-04-22 01:56 - 2012-08-01 22:45 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\WinRAR
2015-04-22 01:56 - 2012-07-10 12:02 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Yahoo!
2015-04-22 01:56 - 2011-11-07 20:44 - 02997380 _____ () C:\Users\Jason\Desktop\Aimtrak.zip.ecc
2015-04-22 01:56 - 2011-06-12 02:44 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\TorrentEasy
2015-04-22 01:56 - 2011-04-19 00:27 - 00014756 _____ () C:\Users\Jason\Desktop\20235_1303167412432_1027886554_936517_1694363_n.jpg.ecc
2015-04-22 01:56 - 2011-04-04 01:49 - 00038564 _____ () C:\Users\Jason\Desktop\11-15first.ods.ecc
2015-04-22 01:56 - 2010-12-19 14:09 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\WindSolutions
2015-04-22 01:56 - 2010-11-15 01:55 - 00038548 _____ () C:\Users\Jason\Desktop\11-15midnight-8690.ods.ecc
2015-04-22 01:56 - 2010-10-29 15:09 - 00000132 ____H () C:\Users\Jason\Desktop\.~lock.Resume Indiana.doc#.ecc
2015-04-22 01:56 - 2010-10-11 00:53 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\ViGlance
2015-04-22 01:56 - 2010-08-23 00:58 - 00034132 _____ () C:\Users\Jason\Desktop\08-23midnight-1383.ods.ecc
2015-04-22 01:56 - 2010-08-03 00:37 - 00037620 _____ () C:\Users\Jason\Desktop\08-03midnight-1868.ods.ecc
2015-04-22 01:56 - 2010-05-04 01:11 - 00055044 _____ () C:\Users\Jason\Desktop\2009_Federal_Return.pdf.ecc
2015-04-22 01:56 - 2009-11-08 13:33 - 00031588 _____ () C:\Users\Jason\Desktop\2008_Indiana_Return.pdf.ecc
2015-04-22 01:56 - 2009-11-08 13:30 - 00038596 _____ () C:\Users\Jason\Desktop\2008_Federal_Return.pdf.ecc
2015-04-22 01:56 - 2009-07-30 20:43 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Vso
2015-04-22 01:56 - 2009-05-08 06:17 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\WildTangent
2015-04-22 01:56 - 2009-05-04 00:15 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\U3
2015-04-22 01:55 - 2015-03-10 05:50 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2015-04-22 01:55 - 2015-03-04 19:08 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Little Inferno 1.00
2015-04-22 01:55 - 2015-02-01 13:21 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\New Version Available
2015-04-22 01:55 - 2015-01-27 20:22 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft Games
2015-04-22 01:55 - 2015-01-26 06:42 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameHug Arcade
2015-04-22 01:55 - 2015-01-24 14:34 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
2015-04-22 01:55 - 2015-01-17 12:13 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Pinger Inc
2015-04-22 01:55 - 2015-01-16 18:19 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\PowerISO
2015-04-22 01:55 - 2015-01-12 20:37 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Notepad++
2015-04-22 01:55 - 2015-01-12 20:37 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-04-22 01:55 - 2015-01-12 20:28 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\PixelPiracy
2015-04-22 01:55 - 2015-01-10 21:25 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\NevoSoft Games
2015-04-22 01:55 - 2015-01-10 11:29 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual Villagers
2015-04-22 01:55 - 2015-01-10 11:29 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-04-22 01:55 - 2015-01-08 08:42 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Opera Software
2015-04-22 01:55 - 2015-01-08 00:21 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\oPryzeLP MC360 Mod Tool
2015-04-22 01:55 - 2012-11-04 15:58 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Black Shades
2015-04-22 01:55 - 2012-08-27 23:06 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell Inc
2015-04-22 01:55 - 2012-07-28 20:55 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Party Buffalo Drive Explorer
2015-04-22 01:55 - 2012-07-28 19:30 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Mozilla
2015-04-22 01:55 - 2012-04-21 21:22 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\redsn0w
2015-04-22 01:55 - 2010-12-19 14:09 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Suite
2015-04-22 01:55 - 2010-06-28 22:08 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Template
2015-04-22 01:55 - 2010-01-22 00:31 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\SharePod
2015-04-22 01:55 - 2010-01-07 04:17 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\RemoteHelper
2015-04-22 01:55 - 2010-01-07 04:17 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Remote Jr
2015-04-22 01:55 - 2009-12-31 00:02 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\MoveFab
2015-04-22 01:55 - 2009-12-29 23:36 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-04-22 01:55 - 2009-12-01 23:20 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\skypePM
2015-04-22 01:55 - 2009-12-01 23:11 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Skype
2015-04-22 01:55 - 2009-11-19 02:17 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Orbit
2015-04-22 01:55 - 2009-10-22 18:30 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\RipIt4Me
2015-04-22 01:55 - 2009-06-15 23:25 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\SpinTop Games
2015-04-22 01:55 - 2009-06-08 00:05 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\OpenOffice.org
2015-04-22 01:55 - 2009-05-31 21:59 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\SpinTop
2015-04-22 01:55 - 2009-05-03 21:21 - 00000000 ___RD () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-04-22 01:55 - 2009-05-03 21:21 - 00000000 ___RD () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-22 01:55 - 2009-05-03 21:21 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2015-04-22 01:54 - 2015-03-04 19:10 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Little Inferno
2015-04-22 01:54 - 2015-02-01 13:21 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Free Video Joiner
2015-04-22 01:54 - 2015-02-01 13:18 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Audacity
2015-04-22 01:54 - 2015-01-24 12:29 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\DubStepPiano
2015-04-22 01:54 - 2015-01-08 00:56 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Easy2Convert
2015-04-22 01:54 - 2012-09-10 01:52 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\DVDVideoSoft
2015-04-22 01:54 - 2011-11-05 20:04 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Dropbox
2015-04-22 01:54 - 2011-11-05 15:11 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\calibre
2015-04-22 01:54 - 2011-10-29 20:19 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Google
2015-04-22 01:54 - 2011-06-19 16:19 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\DVD Flick
2015-04-22 01:54 - 2011-04-16 20:31 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Download Manager
2015-04-22 01:54 - 2010-12-25 23:02 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Hobbyist Software
2015-04-22 01:54 - 2010-01-24 20:57 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\AVS4YOU
2015-04-22 01:54 - 2010-01-24 02:37 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\DiskAid
2015-04-22 01:54 - 2010-01-07 01:31 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\GTek
2015-04-22 01:54 - 2009-12-29 21:25 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\dvdcss
2015-04-22 01:54 - 2009-11-19 01:51 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\FDRLab
2015-04-22 01:54 - 2009-11-15 00:51 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\HandBrake
2015-04-22 01:54 - 2009-11-14 19:02 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Apple Computer
2015-04-22 01:54 - 2009-07-30 20:07 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\DVDFab
2015-04-22 01:54 - 2009-06-08 19:59 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\FloodLightGames
2015-04-22 01:54 - 2009-05-27 08:14 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\CyberLink
2015-04-22 01:54 - 2009-05-03 21:35 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Macromedia
2015-04-22 01:54 - 2009-05-03 21:30 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Hewlett-Packard
2015-04-22 01:54 - 2009-05-03 21:23 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\HP TCS
2015-04-21 05:09 - 2015-02-22 12:36 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\ACD Systems
2015-04-21 05:09 - 2012-08-01 22:34 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\.minecraft
2015-04-21 05:09 - 2010-10-11 00:52 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\AeroSnapApp
2015-04-21 05:09 - 2010-04-05 03:10 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Antcom ToolBar
2015-04-21 05:09 - 2009-05-03 21:35 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Adobe
2015-04-21 04:58 - 2012-07-29 16:16 - 00000000 ____D () C:\Users\Jason\AppData\Local\XboxMB
2015-04-21 04:58 - 2012-07-29 16:15 - 00000000 ____D () C:\Users\Jason\AppData\Local\Xenocode
2015-04-21 04:58 - 2011-04-16 20:41 - 00000000 ____D () C:\Users\Jason\AppData\Local\{73DF8C24-FEEC-41AF-B020-3FABC7890954}
2015-04-21 04:58 - 2009-09-26 16:41 - 00000000 ____D () C:\Users\Jason\AppData\Local\Yahoo
2015-04-21 04:58 - 2009-05-03 21:29 - 00000000 ____D () C:\Users\Jason\AppData\Local\VirtualStore
2015-04-21 04:25 - 2015-01-17 12:16 - 00000000 ____D () C:\Users\Jason\AppData\Local\pinger.com
2015-04-21 04:25 - 2015-01-08 08:42 - 00000000 ____D () C:\Users\Jason\AppData\Local\Opera Software
2015-04-21 04:25 - 2014-08-12 02:20 - 00000000 ____D () C:\Users\Jason\AppData\Local\Microsoft Corporation
2015-04-21 04:25 - 2012-07-28 20:16 - 00000000 ____D () C:\Users\Jason\AppData\Local\Revolt
2015-04-21 04:25 - 2012-04-17 22:42 - 00000000 ____D () C:\Users\Jason\AppData\Local\msGLnet
2015-04-21 04:25 - 2010-02-01 20:43 - 00000000 ____D () C:\Users\Jason\AppData\Local\PokerStars
2015-04-21 04:25 - 2009-11-14 01:01 - 00000000 ____D () C:\Users\Jason\AppData\Local\Microsoft Help
2015-04-21 04:25 - 2009-06-17 09:42 - 00000000 ____D () C:\Users\Jason\AppData\Local\Oberon Games
2015-04-21 04:25 - 2009-05-30 18:35 - 00000000 ____D () C:\Users\Jason\AppData\Local\SpreadsheetTools
2015-04-21 04:25 - 2009-05-27 08:14 - 00000000 ____D () C:\Users\Jason\AppData\Local\QuickPlay
2015-04-21 04:25 - 2009-05-08 06:09 - 00000000 ____D () C:\Users\Jason\AppData\Local\Microsoft Games
2015-04-21 03:38 - 2011-04-16 20:42 - 00000000 ___SD () C:\Users\Jason\AppData\Local\Memeo
2015-04-21 03:38 - 2010-12-25 23:03 - 00000000 ____D () C:\Users\Jason\AppData\Local\Hobbyist_Software
2015-04-21 03:38 - 2010-12-19 13:51 - 00000000 ____D () C:\Users\Jason\AppData\Local\MediaMonkey
2015-04-21 03:38 - 2009-05-03 21:39 - 00000000 ____D () C:\Users\Jason\AppData\Local\Google
2015-04-21 03:38 - 2009-05-03 21:30 - 00000000 ____D () C:\Users\Jason\AppData\Local\Hewlett-Packard
2015-04-21 03:35 - 2015-01-26 06:42 - 00000000 ____D () C:\Users\Jason\AppData\Local\GameHugArcade
2015-04-21 03:35 - 2012-11-05 10:40 - 00000000 ____D () C:\Users\Jason\AppData\Local\Daring_Development_Inc
2015-04-21 03:35 - 2012-09-29 22:33 - 00000000 ____D () C:\Users\Jason\AppData\Local\GameTuts
2015-04-21 03:35 - 2010-12-25 22:59 - 00000000 ____D () C:\Users\Jason\AppData\Local\Downloaded Installations
2015-04-21 03:35 - 2009-12-06 20:55 - 00000000 ____D () C:\Users\Jason\AppData\Local\Evernote
2015-04-21 03:35 - 2009-05-31 22:02 - 00000000 ____D () C:\Users\Jason\AppData\Local\DNA
2015-04-21 03:35 - 2009-05-03 21:39 - 00000000 ____D () C:\Users\Jason\AppData\Local\Deployment
2015-04-21 03:34 - 2015-01-17 12:15 - 00000000 ____D () C:\Users\Jason\AppData\Local\Caphyon
2015-04-21 03:34 - 2012-07-28 20:17 - 00000000 ____D () C:\Users\Jason\AppData\Local\Coma
2015-04-21 03:34 - 2010-04-05 01:49 - 00000000 ____D () C:\Users\Jason\AppData\Local\Ant.com
2015-04-21 03:34 - 2009-12-13 20:24 - 00000000 ____D () C:\Users\Jason\AppData\Local\Cranium_Consulting_and_Cu
2015-04-21 03:34 - 2009-11-14 19:02 - 00000000 ____D () C:\Users\Jason\AppData\Local\Apple Computer
2015-04-21 03:34 - 2009-11-14 18:54 - 00000000 ____D () C:\Users\Jason\AppData\Local\Apple
2015-04-21 03:34 - 2009-05-03 21:39 - 00000000 ____D () C:\Users\Jason\AppData\Local\Apps\2.0
2015-04-21 03:25 - 2015-02-22 12:41 - 00000000 ____D () C:\Users\Jason\AppData\Local\ACD Systems
2015-04-21 03:25 - 2010-10-11 00:52 - 00000000 ____D () C:\Users\Jason\AppData\Local\AeroSnapApp
2015-04-21 03:25 - 2009-11-15 00:35 - 00000000 ____D () C:\Users\Jason\AppData\Local\AirVideoServer
2015-04-21 03:25 - 2009-05-04 01:59 - 00000000 ____D () C:\Users\Jason\AppData\Local\Adobe
2015-04-21 02:33 - 2014-08-12 03:30 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-21 02:33 - 2013-07-08 23:48 - 00000000 ____D () C:\ProgramData\Samsung
2015-04-21 02:33 - 2011-10-29 19:20 - 00000000 ____D () C:\ProgramData\Google
2015-04-21 02:33 - 2011-06-12 02:44 - 00000000 ____D () C:\ProgramData\TorrentEasy
2015-04-21 02:33 - 2011-04-16 20:42 - 00000000 ___SD () C:\ProgramData\Memeo
2015-04-21 02:33 - 2011-03-14 00:10 - 00000000 ____D () C:\ProgramData\McAfee
2015-04-21 02:33 - 2010-12-19 14:09 - 00000000 ____D () C:\ProgramData\WindSolutions
2015-04-21 02:33 - 2010-03-26 01:00 - 00000000 ____D () C:\ProgramData\Office Genuine Advantage
2015-04-21 02:33 - 2010-03-12 05:00 - 00000000 ____D () C:\ProgramData\Sun
2015-04-21 02:33 - 2010-01-24 20:57 - 00000000 ____D () C:\ProgramData\AVS4YOU
2015-04-21 02:33 - 2009-12-01 23:10 - 00000000 ____D () C:\ProgramData\Skype
2015-04-21 02:33 - 2009-11-19 02:50 - 00000000 ____D () C:\ProgramData\WindowsSearch
2015-04-21 02:33 - 2009-10-22 18:39 - 00000000 ____D () C:\ProgramData\DVD Shrink
2015-04-21 02:33 - 2009-09-26 16:28 - 00000000 ____D () C:\ProgramData\Yahoo!
2015-04-21 02:33 - 2009-07-30 18:41 - 00000000 ____D () C:\ProgramData\vsosdk
2015-04-21 02:33 - 2009-06-08 19:59 - 00000000 ____D () C:\ProgramData\FloodLightGames
2015-04-21 02:33 - 2009-05-30 15:32 - 00000000 ____D () C:\ProgramData\SpinTop Games
2015-04-21 02:33 - 2009-05-27 08:14 - 00000340 _____ () C:\ProgramData\hpqp.txt.ecc
2015-04-21 02:33 - 2009-05-03 22:23 - 00000000 ____D () C:\ProgramData\LightScribe
2015-04-21 02:33 - 2009-03-09 09:48 - 00000000 ____D () C:\ProgramData\Atheros
2015-04-21 02:33 - 2008-10-23 01:34 - 00000000 ____D () C:\ProgramData\Temp
2015-04-21 02:33 - 2008-10-23 01:34 - 00000000 ____D () C:\ProgramData\CyberLink
2015-04-21 02:33 - 2008-10-23 00:47 - 00000000 ____D () C:\ProgramData\WildTangent
2015-04-21 02:33 - 2008-10-23 00:31 - 00000000 ____D () C:\ProgramData\Norton
2015-04-21 02:33 - 2008-10-23 00:29 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2015-04-21 02:31 - 2011-01-31 13:36 - 00000000 ____D () C:\ProgramData\Ant.com
2015-04-21 02:31 - 2010-01-28 02:44 - 00000000 ____D () C:\ProgramData\Alwil Software
2015-04-21 02:31 - 2009-11-14 18:55 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-04-21 02:31 - 2009-11-14 18:50 - 00000000 ____D () C:\ProgramData\Apple
2015-04-21 02:31 - 2008-10-23 01:34 - 00000000 ____D () C:\ProgramData\Adobe
2015-04-21 02:30 - 2011-04-21 20:41 - 00000000 ____D () C:\CtDriverInstTemp
2015-04-21 02:26 - 2014-12-06 00:12 - 00000000 ____D () C:\7cdb5e908fc343e6a7a41fe6ad
2015-04-21 02:26 - 2014-10-06 02:07 - 00000000 ____D () C:\596e74175438715360c0
2015-04-19 19:52 - 2011-10-02 15:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BYOND
2015-04-07 19:58 - 2008-10-23 00:29 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-04-02 05:06 - 2009-10-13 02:42 - 00100352 _____ () C:\Users\Jason\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
==================== Files in the root of some directories =======
 
2015-02-22 12:35 - 2015-04-24 19:51 - 0000020 _____ () C:\Users\Jason\AppData\Roaming\appdataFr3.bin
2011-06-19 15:49 - 2013-12-01 03:32 - 0632247 _____ () C:\Users\Jason\AppData\Roaming\data.dat
2015-04-21 01:32 - 2015-04-21 01:32 - 0008624 _____ () C:\Users\Jason\AppData\Roaming\HELP_DECRYPT.HTML
2015-04-21 01:32 - 2015-04-22 01:54 - 0045572 _____ () C:\Users\Jason\AppData\Roaming\HELP_DECRYPT.PNG.ecc
2015-04-21 01:32 - 2015-04-22 01:54 - 0004276 _____ () C:\Users\Jason\AppData\Roaming\HELP_DECRYPT.TXT.ecc
2015-04-21 01:32 - 2015-04-21 01:32 - 0000292 _____ () C:\Users\Jason\AppData\Roaming\HELP_DECRYPT.URL
2015-04-22 01:56 - 2015-04-24 22:34 - 0002674 _____ () C:\Users\Jason\AppData\Roaming\HELP_RESTORE_FILES.txt
2009-07-30 20:43 - 2009-12-30 02:07 - 0087608 _____ () C:\Users\Jason\AppData\Roaming\inst.exe
2015-04-21 02:16 - 2015-04-24 22:39 - 0000752 _____ () C:\Users\Jason\AppData\Roaming\key.dat
2015-04-21 02:16 - 2015-04-24 22:38 - 13781450 _____ () C:\Users\Jason\AppData\Roaming\log.html
2009-07-30 20:43 - 2009-12-30 02:07 - 0007887 _____ () C:\Users\Jason\AppData\Roaming\pcouffin.cat
2009-07-30 20:43 - 2009-12-30 02:07 - 0001144 _____ () C:\Users\Jason\AppData\Roaming\pcouffin.inf
2009-07-30 20:44 - 2009-12-30 02:07 - 0000034 _____ () C:\Users\Jason\AppData\Roaming\pcouffin.log
2009-07-30 20:43 - 2009-12-30 02:07 - 0047360 _____ (VSO Software) C:\Users\Jason\AppData\Roaming\pcouffin.sys
2015-01-17 13:49 - 2015-01-24 09:49 - 0000128 _____ () C:\Users\Jason\AppData\Roaming\WB.CFG
2010-01-05 04:18 - 2010-01-07 01:25 - 0000600 _____ () C:\Users\Jason\AppData\Roaming\winscp.rnd
2010-06-28 22:08 - 2011-02-03 23:02 - 0000190 _____ () C:\Users\Jason\AppData\Roaming\wklnhst.dat
2009-05-03 21:30 - 2009-05-03 21:30 - 0000000 _____ () C:\Users\Jason\AppData\Local\AtStart.txt
2009-11-19 02:46 - 2015-04-22 21:11 - 0001356 _____ () C:\Users\Jason\AppData\Local\d3d9caps.dat
2009-10-13 02:42 - 2015-04-02 05:06 - 0100352 _____ () C:\Users\Jason\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-19 03:49 - 2015-01-19 03:49 - 0000010 _____ () C:\Users\Jason\AppData\Local\DSI.DAT
2015-01-19 03:49 - 2015-01-19 03:49 - 0022528 _____ () C:\Users\Jason\AppData\Local\dsisetup638933912.exe
2009-05-03 21:30 - 2009-05-03 21:30 - 0000000 _____ () C:\Users\Jason\AppData\Local\DSwitch.txt
2010-11-03 22:21 - 2010-11-03 22:21 - 0000000 _____ () C:\Users\Jason\AppData\Local\FnF4.txt
2015-04-21 01:09 - 2015-04-21 01:09 - 0008624 _____ () C:\Users\Jason\AppData\Local\HELP_DECRYPT.HTML
2015-04-21 01:09 - 2015-04-21 03:38 - 0045572 _____ () C:\Users\Jason\AppData\Local\HELP_DECRYPT.PNG.ecc
2015-04-21 01:09 - 2015-04-21 03:38 - 0004276 _____ () C:\Users\Jason\AppData\Local\HELP_DECRYPT.TXT.ecc
2015-04-21 01:09 - 2015-04-21 01:09 - 0000292 _____ () C:\Users\Jason\AppData\Local\HELP_DECRYPT.URL
2015-04-21 03:34 - 2015-04-24 22:36 - 0002674 _____ () C:\Users\Jason\AppData\Local\HELP_RESTORE_FILES.txt
2010-01-05 04:02 - 2010-01-05 04:02 - 0000600 _____ () C:\Users\Jason\AppData\Local\PUTTY.RND
2009-05-03 21:30 - 2009-05-03 21:30 - 0000000 _____ () C:\Users\Jason\AppData\Local\QSwitch.txt
2011-11-11 05:30 - 2011-11-11 05:30 - 0000000 _____ () C:\Users\Jason\AppData\Local\{78E52F41-7523-49DD-8012-95A8EA24AB07}
2010-04-05 01:45 - 2011-01-31 13:36 - 0006067 _____ () C:\ProgramData\AntLog.txt
2009-12-01 23:20 - 2009-12-01 23:20 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2015-04-21 00:45 - 2015-04-22 20:42 - 0008624 _____ () C:\ProgramData\HELP_DECRYPT.HTML
2015-04-21 00:45 - 2015-04-24 19:54 - 0045716 _____ () C:\ProgramData\HELP_DECRYPT.PNG.ecc
2015-04-21 00:45 - 2015-04-24 19:54 - 0004308 _____ () C:\ProgramData\HELP_DECRYPT.TXT.ecc
2015-04-21 00:45 - 2015-04-22 20:42 - 0000292 _____ () C:\ProgramData\HELP_DECRYPT.URL
2015-04-21 02:33 - 2015-04-24 22:33 - 0003824 _____ () C:\ProgramData\HELP_RESTORE_FILES.txt
2009-03-09 10:20 - 2015-04-24 22:52 - 0000284 _____ () C:\ProgramData\hpqp.ini
2009-05-27 08:14 - 2015-04-21 02:33 - 0000340 _____ () C:\ProgramData\hpqp.txt.ecc
2009-03-09 10:24 - 2009-03-09 10:24 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2008-10-23 01:44 - 2008-10-23 01:44 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2009-03-09 10:23 - 2009-03-09 10:23 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2008-10-23 01:36 - 2008-10-23 01:38 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2009-03-09 10:21 - 2009-03-09 10:21 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2009-03-09 10:23 - 2009-03-09 10:23 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2008-10-23 01:35 - 2008-10-23 01:36 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2008-10-23 01:38 - 2008-10-23 01:44 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2009-03-09 10:24 - 2009-03-09 10:24 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
 
Files to move or delete:
====================
C:\Users\Jason\AppData\Roaming\data.dat
 
 
Some content of TEMP:
====================
C:\Users\Jason\AppData\Local\Temp\downloader.dll
C:\Users\Jason\AppData\Local\Temp\Quarantine.exe
C:\Users\Jason\AppData\Local\Temp\Setup_14020.exe
C:\Users\Jason\AppData\Local\Temp\Setup_2038.exe
C:\Users\Jason\AppData\Local\Temp\Setup_21242.exe
C:\Users\Jason\AppData\Local\Temp\Setup_22644.exe
C:\Users\Jason\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-04-24 22:56
 
==================== End Of Log ============================

Attached Files


Edited by xXToffeeXx, 26 April 2015 - 05:04 AM.
Posted logs for ease~


#4 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,041 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:03:33 AM

Posted 26 April 2015 - 05:17 AM

Hi Jason6300,
 
We need to run a fix with FRST:

  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter.
  • Copy and paste the script below in the notepad document:​
C:\Users\Jason\AppData\Local\yraje
HKU\S-1-5-21-1441847595-3396335443-3013822310-1000\...\Run: [yraje] => "C:\Users\Jason\AppData\Local\yraje\yraje.exe"
2015-04-24 22:55 - 2015-04-24 22:55 - 06103040 _____ () C:\Program Files\GUTF5F3.tmp
2015-04-24 22:55 - 2015-04-24 22:55 - 00000000 ____D () C:\Program Files\GUMF5F2.tmp
2015-04-22 21:01 - 2015-04-22 21:05 - 00000000 ____D () C:\Users\Jason\AppData\Local\gmsd_us_479
2015-04-22 21:01 - 2015-04-22 21:03 - 00000000 ____D () C:\Program Files\gmsd_us_479
2015-04-24 22:09 - 2011-04-22 01:19 - 00000000 ____D () C:\Users\Jason\{76478521-61e1-4f7a-afcd-e31437989e75}
  • Save the file to your desktop and name it as fixlist.txt

Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

  • Run FRST.exe/FRST64.exe and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run.
  • Please copy and paste the log in your next reply.

--------------

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#5 Jason6300

Jason6300
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:33 PM

Posted 27 April 2015 - 09:16 PM

Thank You again for your help.

 

When running adwcleaner i did scan only did not tell it to fix anything.

 

# AdwCleaner v4.202 - Logfile created 27/04/2015 at 21:09:08
# Updated 23/04/2015 by Xplode
# Database : 2015-04-27.1 [Server]
# Operating system : Windows Vista ™ Home Basic Service Pack 1 (x86)
# Username : Jason - JASON-LAPTOP
# Running from : C:\Users\TEMP\Desktop\jan\adwcleaner_4.202.exe
# Option : Scan
 
***** [ Services ] *****
 
Service Found : ColorMedia
Service Found : 5c8a92f4
 
***** [ Files / Folders ] *****
 
File Found : C:\Windows\system32\ColorMedia.dll
File Found : C:\Windows\system32\ColorMediaOff.ini
File Found : C:\Windows\system32\drivers\SPPD.sys
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP
Folder Found : C:\ProgramData\PicColor Utility
 
***** [ Scheduled tasks ] *****
 
Task Found : ConsumerInputUpdateTaskMachineCore
Task Found : ConsumerInputUpdateTaskMachineUA
Task Found : DriverRestore_DailyScan
Task Found : DriverRestore_ScheduledScan
Task Found : LaunchSignup
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Found : HKLM\SOFTWARE\22b8828d-9cea-a89c-67f0-e42bab3d50a3
Key Found : HKLM\SOFTWARE\Classes\Interface\{0416BDB0-AFB0-4464-952D-1EAB5047B8E6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3F97FDF1-DA2B-4579-AD3E-E46641F9DBAB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A220BAB5-C335-48BA-8A01-309FDA37446F}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Driver Restore
Key Found : HKLM\SOFTWARE\Tutorials
Key Found : HKU\.DEFAULT\Software\{4E7638A1-6962-4e44-A6B9-F40E84FD6D09}
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v8.0.6001.18904
 
 
-\\ Google Chrome v42.0.2311.90
 
[C:\Users\TEMP\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\TEMP\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
 
*************************
 
AdwCleaner[R3].txt - [2033 bytes] - [27/04/2015 21:09:08]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [2092 bytes] ##########

Attached Files


Edited by xXToffeeXx, 28 April 2015 - 11:20 AM.
Posted log~


#6 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,041 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:03:33 AM

Posted 29 April 2015 - 08:29 AM

Hi Jason6300,
 
Double click on AdwCleaner.exe to run the tool again.

  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished.
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

--------------

Download Emsisoft Emergency Kit and save it to your desktop. Double click on EmsisoftEmergencyKit.exe to extract its contents and create a shortcut on the desktop. Leave all settings as they are and click  Accept & Extract. A folder named EEK will be created in the root of the drive (usually c:\). .

  • After extraction an Emsisoft Emergency Kit window will open. Under "Run Directly:" click Emergency Kit Scanner.
  • When asked to run an online update, click Yes.
  • When the update is finished, click the Back to Security Status link in the left corner. On the main screen click the Scan Now button.
  • Select the Full Scan option and click the SCAN button.
  • When the scan is finished click the Quarantine selected objects button. Note, this option is only available if malicious objects were detected during the scan.
  • Click the View Report button and in the Reports window double-click on the most recent log. Note, logs are named as follows: a2scan_<date>-<time>.txt.
  • Copy/paste the report contents in your next reply.

--------------
 
This scan can take a long time, so it is best done overnight or when you do not need the computer
 
I'd like us to scan your machine with ESET OnlineScan

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

--------------
 
To recap, in your next reply I would like to see the following. Make sure to copy & paste them unless I ask otherwise:

  • AdwCleaner clean log
  • Emsisoft log
  • ESET log

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#7 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,041 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:03:33 AM

Posted 04 May 2015 - 06:07 AM

Hi Jason6300,

 

How are you getting on with these steps?

 

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#8 Jason6300

Jason6300
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:33 PM

Posted 05 May 2015 - 06:45 PM

i am sorry for delay I missed your reply until you asked how i was doing on it......

 

# AdwCleaner v4.109 - Report created 04/05/2015 at 18:14:25
# Updated 24/01/2015 by Xplode
# Database : 2015-05-02.1 [Live]
# Operating System : Windows Vista ™ Home Basic Service Pack 1 (32 bits)
# Username : Jason - JASON-LAPTOP
# Running from : C:\Users\Jason\Desktop\jan\adwcleaner_4.109 (1).exe
# Option : Clean
 
***** [ Services ] *****
 
Service Deleted : ColorMedia
 
***** [ Files / Folders ] *****
 
[!] Folder Deleted : C:\ProgramData\PicColor Utility
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP
Folder Deleted : C:\Users\Jason\AppData\Local\GameHugArcade
Folder Deleted : C:\Users\Jason\AppData\Local\Prompt Downloader
Folder Deleted : C:\Users\Jason\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
Folder Deleted : C:\Users\Jason\AppData\Roaming\download Manager
Folder Deleted : C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameHug Arcade
Folder Deleted : C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfecnpmgnlnbmipaogfhoacoioifjgko
File Deleted : C:\Windows\system32\ColorMedia.dll
File Deleted : C:\Windows\system32\ColorMediaOff.ini
 
***** [ Scheduled Tasks ] *****
 
Task Deleted : ConsumerInputUpdateTaskMachineCore
Task Deleted : ConsumerInputUpdateTaskMachineUA
Task Deleted : DriverRestore_DailyScan
Task Deleted : DriverRestore_ScheduledScan
Task Deleted : LaunchSignup
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\Google\Chrome\Extensions\kfecnpmgnlnbmipaogfhoacoioifjgko
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kfecnpmgnlnbmipaogfhoacoioifjgko
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [GameHug Arcade]
Key Deleted : HKCU\Software\Microsoft\IntelliType Pro\AppSpecific\vosteran.exe
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{425F4ABF-B8E4-402D-9E49-06E494EB8DBF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F97FDF1-DA2B-4579-AD3E-E46641F9DBAB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A220BAB5-C335-48BA-8A01-309FDA37446F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0416BDB0-AFB0-4464-952D-1EAB5047B8E6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9582D7B-F24A-441D-9D26-450D58F3CD17}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EE0D8859-2ED4-4B0D-9812-16865B9AFD65}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B5C4833B-847B-49CD-8EBE-CDD9B43C882F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{14EF423E-3EE8-44AE-9337-07AC3F27B744}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5081D2D4-1637-404C-B74F-50526718257D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5081D2D4-1637-404C-B74F-50526718257D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKCU\Software\Tutorials
Key Deleted : HKCU\Software\GameHug
Key Deleted : HKCU\Software\GameHugArcadeApp
Key Deleted : HKCU\Software\{4E7638A1-6962-4e44-A6B9-F40E84FD6D09}
Key Deleted : HKCU\Software\ClientConnect
Key Deleted : HKLM\SOFTWARE\Tutorials
Key Deleted : HKLM\SOFTWARE\SiteSee
Key Deleted : HKLM\SOFTWARE\WebProtector
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Driver Restore
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4CEE92A3-9F0C-51AB-ADC0-34EC24AD7B7E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Driver Restore
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ASPackage
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\CrossBrowser
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WebProtectorPlus
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4CEE92A3-9F0C-51AB-ADC0-34EC24AD7B7E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WebProtector
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.6001.18904
 
 
-\\ Mozilla Firefox v
 
 
-\\ Google Chrome v42.0.2311.90
 
 
-\\ Opera v26.0.1656.60
 
 
*************************
 
AdwCleaner[R3].txt - [2171 octets] - [27/04/2015 21:09:08]
AdwCleaner[R4].txt - [4542 octets] - [04/05/2015 18:04:08]
AdwCleaner[S3].txt - [4565 octets] - [04/05/2015 18:14:25]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [4625 octets] ##########


#9 Jason6300

Jason6300
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:33 PM

Posted 05 May 2015 - 06:52 PM

i was unable to paste info site said i was using to many emoticons.?? probably all the brackets
 
Emsisoft Emergency Kit - Version 9.0
Last update: 5/4/2015 6:37:11 PM
User account: Jason-Laptop\Jason
 
Scan settings:
 
Scan type: Full Scan
Objects: Rootkits, Memory, Traces, C:\, D:\
 
Detect PUPs: On
Scan archives: On
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off
 
Scan start: 5/4/2015 6:39:42 PM
Key: HKEY_USERS\.DEFAULT\SOFTWARE\APPDATALOW\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} detected: Application.Bundle (A)
Key: HKEY_USERS\S-1-5-18\SOFTWARE\APPDATALOW\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} detected: Application.Bundle (A)
C:\Users\Jason\AppData\Roaming\data.dat detected: Backdoor.Win32.Blackshades (A)
C:\Windows\system32\ColorMedia.dll detected: Application.AdColor (A)
Key: HKEY_USERS\S-1-5-21-1441847595-3396335443-3013822310-1000\SOFTWARE\PARTYGAMING detected: Application.Win32.CasOnline (A)
Value: HKEY_USERS\S-1-5-21-1441847595-3396335443-3013822310-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS detected: Setting.DisableRegistryTools (A)
Key: HKEY_USERS\.DEFAULT\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F} detected: Application.Win32.InstallAd (A)
Key: HKEY_USERS\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F} detected: Application.Win32.InstallAd (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} detected: Application.AdFix (A)
C:\AdwCleaner\Quarantine\C\Program Files\Box Rock\bin\bdc6addf3c72484aa614.dll.vir detected: Adware.BrowseFox.AT (B)
C:\AdwCleaner\Quarantine\C\Program Files\Box Rock\bin\bdc6addf3c72484aa61464.dll.vir detected: Adware.BrowseFox.AT (B)
C:\AdwCleaner\Quarantine\C\Program Files\Box Rock\bin\bdc6addf3c72484aa6149e470f5bfb74.dll.vir detected: Adware.BrowseFox.BU (B)
C:\AdwCleaner\Quarantine\C\Program Files\Box Rock\bin\bdc6addf3c72484aa6149e470f5bfb7464.dll.vir detected: Adware.Agent.PJT (B)
C:\AdwCleaner\Quarantine\C\Program Files\Box Rock\bin\BoxRock.BrowserAdapter.exe.vir detected: Adware.BrowseFox.AT (B)
C:\AdwCleaner\Quarantine\C\Program Files\Box Rock\bin\BoxRock.BrowserAdapter64.exe.vir detected: Adware.BrowseFox.AT (B)
C:\AdwCleaner\Quarantine\C\Program Files\Box Rock\bin\BoxRock.expext.exe.vir detected: Adware.BrowseFox.AT (B)
C:\AdwCleaner\Quarantine\C\Program Files\Box Rock\bin\BoxRock.expextdll.dll.vir detected: Adware.BrowseFox.AT (B)
C:\AdwCleaner\Quarantine\C\Program Files\Box Rock\bin\BoxRock.PurBrowse.exe.vir detected: Adware.BrowseFox.AT (B)
C:\AdwCleaner\Quarantine\C\Program Files\Box Rock\bin\plugins\BoxRock.Bromon.dll.vir detected: Adware.BrowseFox.AT (B)
C:\AdwCleaner\Quarantine\C\Program Files\Box Rock\bin\plugins\BoxRock.BroStats.dll.vir detected: Adware.BrowseFox.AT (B)
C:\AdwCleaner\Quarantine\C\Program Files\Box Rock\bin\plugins\BoxRock.BrowserAdapter.dll.vir detected: Adware.BrowseFox.AT (B)
C:\AdwCleaner\Quarantine\C\Program Files\Box Rock\bin\plugins\BoxRock.CompatibilityChecker.dll.vir detected: Adware.BrowseFox.AT (B)
C:\AdwCleaner\Quarantine\C\Program Files\Box Rock\bin\plugins\BoxRock.ExpExt.dll.vir detected: Adware.BrowseFox.AT (B)
C:\AdwCleaner\Quarantine\C\Program Files\Box Rock\bin\plugins\BoxRock.GCUpdate.dll.vir detected: Adware.BrowseFox.AT (B)
C:\AdwCleaner\Quarantine\C\Program Files\Box Rock\bin\plugins\BoxRock.IEUpdate.dll.vir detected: Adware.BrowseFox.AT (B)
C:\AdwCleaner\Quarantine\C\Program Files\Box Rock\bin\plugins\BoxRock.PurBrowseG.dll.vir detected: Adware.BrowseFox.AT (B)
C:\AdwCleaner\Quarantine\C\Program Files\Box Rock\bin\utilBoxRock.exe.vir detected: Adware.BrowseFox.AT (B)
C:\AdwCleaner\Quarantine\C\Program Files\Box Rock\BoxRockbho.dll.vir detected: Adware.BrowseFox.AT (B)
C:\AdwCleaner\Quarantine\C\Program Files\Box Rock\BoxRockUninstall.exe.vir detected: Dropped:Adware.BrowseFox.AT (B)
C:\AdwCleaner\Quarantine\C\Program Files\Box Rock\updateBoxRock.exe.vir detected: Adware.BrowseFox.AT (B)
C:\AdwCleaner\Quarantine\C\Program Files\CoolaSaaaLeCouponi\w7HNEzDGHH5uag.dll.vir detected: Gen:Variant.Adware.Zusy.121779 (B)
C:\AdwCleaner\Quarantine\C\Program Files\doownlloaditkueoep\doownlloaditkueoep.exe.vir detected: Gen:Variant.Adware.Zusy.139627 (B)
C:\AdwCleaner\Quarantine\C\Program Files\FineDeaalSofot\IdMy6dsDl298dC.dll.vir detected: Gen:Variant.Adware.MultiPlug.15 (B)
C:\AdwCleaner\Quarantine\C\Program Files\FineDeaalSofot\IdMy6dsDl298dC.exe.vir detected: Gen:Variant.Adware.Zusy.139627 (B)
C:\AdwCleaner\Quarantine\C\Program Files\LucckyCooupoun\sCL16BwcH0Pevx.dll.vir detected: Gen:Variant.Adware.Zusy.121779 (B)
C:\AdwCleaner\Quarantine\C\Program Files\LuckyTab\LuckyTab.exe.vir detected: Gen:Variant.Adware.Kazy.510339 (B)
C:\AdwCleaner\Quarantine\C\Program Files\ProoSHoPper\g0zIp8LOa7bJgp.dll.vir detected: Gen:Variant.Adware.Zusy.121779 (B)
C:\AdwCleaner\Quarantine\C\Program Files\SavveRPro\dfCiDEKHqS6Qse.dll.vir detected: Gen:Variant.Adware.MultiPlug.15 (B)
C:\AdwCleaner\Quarantine\C\Program Files\SavveRPro\dfCiDEKHqS6Qse.exe.vir detected: Gen:Variant.Adware.Zusy.139627 (B)
C:\AdwCleaner\Quarantine\C\Program Files\savviinshOpe\Pg2qTVpBYhuNtC.dll.vir detected: Gen:Variant.Adware.Zusy.121779 (B)
C:\AdwCleaner\Quarantine\C\Program Files\shopperz\krios.dll.vir detected: Application.Win32.InstallTool (A)
C:\AdwCleaner\Quarantine\C\Program Files\supporter\Supporter.dll.vir detected: Gen:Variant.Adware.Zusy.122341 (B)
C:\AdwCleaner\Quarantine\C\Program Files\youtubeadblocker\8ASudMjipYDb3p.dll.vir detected: Gen:Variant.Adware.Mikey.9326 (B)
C:\AdwCleaner\Quarantine\C\Program Files\youtubeadblocker\8ASudMjipYDb3p.exe.vir detected: Adware.Agent.PEM (B)
C:\FRST\Quarantine\C\Program Files\gmsd_us_479\gamesdesktop_widget.exe detected: Adware.Eorezo.CH (B)
C:\FRST\Quarantine\C\Program Files\gmsd_us_479\gmsd_us_479.exe detected: Adware.Eorezo.BZ (B)
C:\FRST\Quarantine\C\Program Files\gmsd_us_479\predm.exe detected: Adware.Eorezo.BZ (B)
C:\FRST\Quarantine\C\ProgramData\cd96e4ae2fbb46d9b627abb8e45312b8\cd96e4ae2fbb46d9b627abb8e45312b8.exe detected: Gen:Variant.Adware.Kazy.133019 (B)
C:\FRST\Quarantine\C\ProgramData\{49A0BAC7-3326-4433-9373-4AA8793ABB5C}\d3d10core.dll detected: Gen:Variant.Kazy.490139 (B)
C:\FRST\Quarantine\C\Users\Jason\AppData\Local\gmsd_us_479\upgmsd_us_479.exe detected: Adware.Eorezo.BZ (B)
C:\FRST\Quarantine\C\Users\Jason\AppData\Local\Ibjhsoft\loader_u.dll detected: Trojan.Agent.BIYP (B)
C:\FRST\Quarantine\C\Users\Jason\AppData\Local\Ordfics\loader_u.dll detected: Gen:Variant.Graftor.185279 (B)
C:\FRST\Quarantine\C\Users\Jason\AppData\Local\Ordfics\tmp5B87.exe detected: Trojan.GenericKD.2292581 (B)
C:\FRST\Quarantine\C\Users\Jason\AppData\Local\ospd_us_751\Download\majmp_gentleeeuu.exe detected: Adware.Eorezo.BZ (B)
C:\FRST\Quarantine\C\Users\Jason\AppData\Local\ospd_us_751\upospd_us_751.exe detected: Adware.Eorezo.CD (B)
C:\FRST\Quarantine\C\Users\Jason\AppData\Local\yraje\yraje.exe detected: Gen:Heur.MSIL.Androm.5 (B)
C:\FRST\Quarantine\C\Users\Jason\AppData\Roaming\sbbxbsc.exe.xBAD detected: Gen:Variant.Mikey.12037 (B)
C:\Program Files\Phone To Desktop\Phone To Desktop.exe detected: Gen:Variant.Adware.Zusy.139627 (B)
C:\Program Files\saveruabOX\dRnZ80Y38lMYCs.dll detected: Gen:Variant.Adware.Zusy.121779 (B)
C:\Program Files\SystemAssister\SystemAssister.dll detected: Gen:Variant.Adware.Zusy.122341 (B)
C:\ProgramData\Microsoft\Security\Client\SecurityHelper.dll detected: Backdoor.Generic.962376 (B)
C:\ProgramData\Microsoft\Security\Client\temp\tmp5B87.exe detected: Trojan.GenericKD.2292581 (B)
C:\ProgramData\Microsoft\Security\Client\temp\tmp8BD.exe detected: Trojan.GenericKD.2299502 (B)
C:\ProgramData\Microsoft\Security\Client\temp\tmp93C8.exe detected: Gen:Variant.MSIL.Krypt.16 (B)
C:\ProgramData\Microsoft\Security\Client\temp\tmpD1B7.exe detected: Gen:Heur.MSIL.Androm.5 (B)
C:\ProgramData\Microsoft\Security\Client\temp\tmpF30B.exe detected: Gen:Variant.Mikey.11573 (B)
C:\ProgramData\PicColor Utility\PicColor.exe detected: Gen:Variant.Adware.Graftor.175923 (B)
C:\Users\Jason\AppData\Local\dsisetup638933912.exe detected: Application.Win32.InstallDeal (A)
C:\Users\Jason\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3VPP924E\31_3_242_101[1].htm detected: Gen:Variant.Mikey.11947 (B)
C:\Users\Jason\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AF4GUSBR\31_3_242_99[1].htm detected: Trojan.GenericKD.2311349 (B)
C:\Users\Jason\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XLPF1PYR\31_3_242_99[1].htm detected: Trojan.GenericKD.2311349 (B)
C:\Users\Jason\AppData\Local\Temp\0054b045-6876-4993-837b-1a82f65c1a06\cloud_backup_setup.exe detected: Application.Optional (A)
C:\Users\Jason\AppData\Local\Temp\0A2FcefDF177e\temp\HpJifrzGM1.exe detected: Gen:Variant.Adware.Mplug.30 (B)
C:\Users\Jason\AppData\Local\Temp\14accac0-73f9-47ee-892e-882bcf3add69\optimizerpro.exe detected: Gen:Variant.Application.Graftor.169998 (B)
C:\Users\Jason\AppData\Local\Temp\2000.tmp detected: Gen:Variant.Mikey.12037 (B)
C:\Users\Jason\AppData\Local\Temp\6DF3.tmp detected: Trojan.GenericKD.2311349 (B)
C:\Users\Jason\AppData\Local\Temp\9bccffbb-8b0b-4461-b811-6e40b26a87d4\search_protect_non_google.exe -> (NSIS o) -> zlib_nsis0003 detected: Application.SearchProtect.Z (B)
C:\Users\Jason\AppData\Local\Temp\c92642ca-8f93-4f2f-a590-fb7334b0a0fe\search_protect_non_google.exe -> (NSIS o) -> zlib_nsis0003 detected: Application.SearchProtect.Z (B)
C:\Users\Jason\AppData\Local\Temp\ct3334333\ism.exe detected: Application.BrowserExt (A)
C:\Users\Jason\AppData\Local\Temp\d493a410-bbd8-4f12-8209-d6c856fa4377\search_protect_non_google.exe -> (NSIS o) -> zlib_nsis0003 detected: Application.SearchProtect.Z (B)
C:\Users\Jason\AppData\Local\Temp\e59e4931-f714-42e4-bdd0-946f926f5165\cloud_backup_setup.exe detected: Application.Optional (A)
C:\Users\Jason\AppData\Local\Temp\is-02VO3.tmp\ism.exe detected: Application.BrowserExt (A)
C:\Users\Jason\AppData\Local\Temp\is-02VO3.tmp\package_airwebbar_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-02VO3.tmp\package_AmNuvision_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-02VO3.tmp\package_boost_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-02VO3.tmp\package_browsergood_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-02VO3.tmp\package_bubbledock_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-02VO3.tmp\package_CubepileShopperz_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-02VO3.tmp\package_mountainbike_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-02VO3.tmp\package_optimizerpro_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-02VO3.tmp\package_pariente_secureprotect_bing_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-02VO3.tmp\package_piccolor_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-02VO3.tmp\package_plushd_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-02VO3.tmp\package_priceless_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-02VO3.tmp\package_priceless_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-02VO3.tmp\package_pzombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-02VO3.tmp\package_quickref_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-02VO3.tmp\package_quickref_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-02VO3.tmp\package_sb_driverupdater_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-02VO3.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-02VO3.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-02VO3.tmp\package_speeditup_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-02VO3.tmp\package_spyouyahoo_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-02VO3.tmp\package_stormpverti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-02VO3.tmp\package_StormWatch_Boost_Verti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-02VO3.tmp\package_superpc_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-02VO3.tmp\package_taplika_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-02VO3.tmp\package_wajam_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-02VO3.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-0Q0V1.tmp\ism.exe detected: Application.BrowserExt (A)
C:\Users\Jason\AppData\Local\Temp\is-0Q0V1.tmp\package_AmNuvision_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-0Q0V1.tmp\package_boost_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-0Q0V1.tmp\package_browsergood_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-0Q0V1.tmp\package_BubbleSound_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-0Q0V1.tmp\package_cubepile_speedcheck_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-0Q0V1.tmp\package_CubepileShopperz_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-0Q0V1.tmp\package_mountainbike_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-0Q0V1.tmp\package_navright_imali_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-0Q0V1.tmp\package_optimizerpro_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-0Q0V1.tmp\package_pariente_secureprotect_bing_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-0Q0V1.tmp\package_pariente_secureprotect_yahoo_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-0Q0V1.tmp\package_piccolor_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-0Q0V1.tmp\package_plushd_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-0Q0V1.tmp\package_priceless_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-0Q0V1.tmp\package_pzombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-0Q0V1.tmp\package_quickref_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-0Q0V1.tmp\package_sb_driverupdater_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-0Q0V1.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-0Q0V1.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-0Q0V1.tmp\package_speeditup_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-0Q0V1.tmp\package_stormpverti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-0Q0V1.tmp\package_StormWatch_Boost_Verti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-0Q0V1.tmp\package_superpc_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-0Q0V1.tmp\package_taplika_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-0Q0V1.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-10D8V.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-133CS.tmp\package_AmNuvision_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-133CS.tmp\package_amonetize_plushd_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-133CS.tmp\package_boost_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-133CS.tmp\package_browsergood_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-133CS.tmp\package_BubbleSound_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-133CS.tmp\package_cp_desktopdock_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-133CS.tmp\package_cubepile_speedcheck_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-133CS.tmp\package_CubepileShopperz_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-133CS.tmp\package_FlashBeat_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-133CS.tmp\package_iminent_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-133CS.tmp\package_optimizerpro_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-133CS.tmp\package_piccolor_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-133CS.tmp\package_plumoweb_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-133CS.tmp\package_plushd_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-133CS.tmp\package_psecprotwhite_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-133CS.tmp\package_pzombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-133CS.tmp\package_quickref_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-133CS.tmp\package_sb_driverupdater_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-133CS.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-133CS.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-133CS.tmp\package_snapdo_linkury_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-133CS.tmp\package_speeditup_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-133CS.tmp\package_spimali_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-133CS.tmp\package_stormpverti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-133CS.tmp\package_superpc_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-133CS.tmp\package_taplika_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-133CS.tmp\package_wordproser_pariente_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-133CS.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-1F066.tmp\ism.exe detected: Application.BrowserExt (A)
C:\Users\Jason\AppData\Local\Temp\is-1F066.tmp\package_mountainbike_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-1F066.tmp\package_pariente_secureprotect_bing_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-1F066.tmp\package_quickref_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-1F066.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-1F066.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-1F066.tmp\package_spyouyahoo_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-1F066.tmp\package_taplika_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-1F066.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-1HAER.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-1JIQP.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-1MC9M.tmp\package_secprotkeys_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-25BBD.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-27D23.tmp\package_AmNuvision_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-27D23.tmp\package_boost_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-27D23.tmp\package_browsergood_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-27D23.tmp\package_BubbleSound_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-27D23.tmp\package_cp_desktopdock_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-27D23.tmp\package_cubepile_speedcheck_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-27D23.tmp\package_CubepileShopperz_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-27D23.tmp\package_FlashBeat_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-27D23.tmp\package_hyperbrows_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-27D23.tmp\package_optimizerpro_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-27D23.tmp\package_piccolor_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-27D23.tmp\package_plumoweb_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-27D23.tmp\package_plushd_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-27D23.tmp\package_priceless_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-27D23.tmp\package_psecprotwhite_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-27D23.tmp\package_quickref_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-27D23.tmp\package_quickref_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-27D23.tmp\package_sb_driverupdater_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-27D23.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-27D23.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-27D23.tmp\package_speeditup_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-27D23.tmp\package_spimali_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-27D23.tmp\package_stormpverti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-27D23.tmp\package_StormWatch_Boost_Verti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-27D23.tmp\package_superpc_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-27D23.tmp\package_taplika_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-27D23.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-29238.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3HFB5.tmp\package_boost_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3HFB5.tmp\package_browsergood_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3HFB5.tmp\package_BubbleSound_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3HFB5.tmp\package_cp_desktopdock_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3HFB5.tmp\package_cubepile_speedcheck_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3HFB5.tmp\package_cubepile_wajam_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3HFB5.tmp\package_CubepileShopperz_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3HFB5.tmp\package_FlashBeat_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3HFB5.tmp\package_mountainbike_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3HFB5.tmp\package_optimizerpro_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3HFB5.tmp\package_piccolor_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3HFB5.tmp\package_plumoweb_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3HFB5.tmp\package_plushd_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3HFB5.tmp\package_priceless_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3HFB5.tmp\package_psecprotwhite_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3HFB5.tmp\package_quickref_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3HFB5.tmp\package_quickref_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3HFB5.tmp\package_sb_driverupdater_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3HFB5.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3HFB5.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3HFB5.tmp\package_speeditup_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3HFB5.tmp\package_stormpverti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3HFB5.tmp\package_StormWatch_Boost_Verti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3HFB5.tmp\package_superpc_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3HFB5.tmp\package_taplika_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3HFB5.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3JAJE.tmp\ism.exe detected: Application.BrowserExt (A)
C:\Users\Jason\AppData\Local\Temp\is-3JAJE.tmp\package_airwebbar_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3JAJE.tmp\package_AmNuvision_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3JAJE.tmp\package_boost_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3JAJE.tmp\package_browsergood_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3JAJE.tmp\package_BubbleSound_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3JAJE.tmp\package_CubepileShopperz_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3JAJE.tmp\package_mountainbike_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3JAJE.tmp\package_optimizerpro_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3JAJE.tmp\package_pariente_secureprotect_bing_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3JAJE.tmp\package_pariente_secureprotect_yahoo_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3JAJE.tmp\package_piccolor_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3JAJE.tmp\package_plushd_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3JAJE.tmp\package_pzombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3JAJE.tmp\package_quickref_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3JAJE.tmp\package_sb_driverupdater_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3JAJE.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3JAJE.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3JAJE.tmp\package_speeditup_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3JAJE.tmp\package_spyouyahoo_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3JAJE.tmp\package_stormpverti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3JAJE.tmp\package_StormWatch_Boost_Verti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3JAJE.tmp\package_superpc_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3JAJE.tmp\package_taplika_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3JAJE.tmp\package_wajam_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-3JAJE.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-4287N.tmp\package_pariente_secureprotect_bing_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-4287N.tmp\package_quickref_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-4287N.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-4287N.tmp\package_taplika_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-4287N.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-44M54.tmp\package_browsergood_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-44M54.tmp\package_optimizerpro_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-44M54.tmp\package_plumoweb_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-44M54.tmp\package_psecprotwhite_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-44M54.tmp\package_quickref_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-44M54.tmp\package_quickref_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-44M54.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-44M54.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-44M54.tmp\package_speeditup_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-44M54.tmp\package_superpc_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-44M54.tmp\package_taplika_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-44M54.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-4KB45.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-57CNP.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-5QJK0.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-5UFC3.tmp\ism.exe detected: Application.BrowserExt (A)
C:\Users\Jason\AppData\Local\Temp\is-5UFC3.tmp\package_airwebbar_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-5UFC3.tmp\package_AmNuvision_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-5UFC3.tmp\package_boost_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-5UFC3.tmp\package_browsergood_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-5UFC3.tmp\package_BubbleSound_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-5UFC3.tmp\package_cubepile_speedcheck_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-5UFC3.tmp\package_CubepileShopperz_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-5UFC3.tmp\package_mountainbike_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-5UFC3.tmp\package_optimizerpro_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-5UFC3.tmp\package_pariente_secureprotect_bing_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-5UFC3.tmp\package_pariente_secureprotect_yahoo_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-5UFC3.tmp\package_pckeeper_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-5UFC3.tmp\package_piccolor_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-5UFC3.tmp\package_plushd_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-5UFC3.tmp\package_priceless_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-5UFC3.tmp\package_pzombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-5UFC3.tmp\package_quickref_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-5UFC3.tmp\package_sb_driverupdater_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-5UFC3.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-5UFC3.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-5UFC3.tmp\package_speeditup_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-5UFC3.tmp\package_stormpverti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-5UFC3.tmp\package_StormWatch_Boost_Verti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-5UFC3.tmp\package_superpc_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-5UFC3.tmp\package_taplika_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-5UFC3.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-64H6C.tmp\11.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-64H6C.tmp\150.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-64H6C.tmp\382.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-64H6C.tmp\ism.exe detected: Application.BrowserExt (A)
C:\Users\Jason\AppData\Local\Temp\is-64H6C.tmp\package_airwebbar_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-64H6C.tmp\package_AmNuvision_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-64H6C.tmp\package_browsergood_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-64H6C.tmp\package_bubbledock_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-64H6C.tmp\package_BubbleSound_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-64H6C.tmp\package_CubepileShopperz_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-64H6C.tmp\package_mountainbike_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-64H6C.tmp\package_optimizerpro_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-64H6C.tmp\package_pariente_secureprotect_bing_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-64H6C.tmp\package_pariente_secureprotect_yahoo_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-64H6C.tmp\package_pcrossbrowser_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-64H6C.tmp\package_priceless_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-64H6C.tmp\package_priceless_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-64H6C.tmp\package_psafeguard_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-64H6C.tmp\package_quickref_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-64H6C.tmp\package_quickref_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-64H6C.tmp\package_sb_driverupdater_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-64H6C.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-64H6C.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-64H6C.tmp\package_speeditup_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-64H6C.tmp\package_StormWatch_Boost_Verti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-64H6C.tmp\package_superpc_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-64H6C.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6D2PC.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6M9VT.tmp\package_AmNuvision_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6M9VT.tmp\package_amonetize_plushd_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6M9VT.tmp\package_boost_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6M9VT.tmp\package_browsergood_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6M9VT.tmp\package_BubbleSound_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6M9VT.tmp\package_cp_desktopdock_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6M9VT.tmp\package_cubepile_speedcheck_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6M9VT.tmp\package_CubepileShopperz_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6M9VT.tmp\package_FlashBeat_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6M9VT.tmp\package_iminent_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6M9VT.tmp\package_optimizerpro_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6M9VT.tmp\package_piccolor_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6M9VT.tmp\package_plumoweb_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6M9VT.tmp\package_plushd_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6M9VT.tmp\package_priceless_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6M9VT.tmp\package_psecprotwhite_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6M9VT.tmp\package_quickref_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6M9VT.tmp\package_sb_driverupdater_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6M9VT.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6M9VT.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6M9VT.tmp\package_snapdo_linkury_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6M9VT.tmp\package_speeditup_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6M9VT.tmp\package_spimali_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6M9VT.tmp\package_stormpverti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6M9VT.tmp\package_superpc_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6M9VT.tmp\package_taplika_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6M9VT.tmp\package_wordproser_pariente_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6M9VT.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6N29P.tmp\package_AmNuvision_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6N29P.tmp\package_boost_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6N29P.tmp\package_browsergood_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6N29P.tmp\package_cp_desktopdock_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6N29P.tmp\package_cubepile_speedcheck_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6N29P.tmp\package_CubepileShopperz_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6N29P.tmp\package_optimizerpro_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6N29P.tmp\package_piccolor_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6N29P.tmp\package_plumoweb_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6N29P.tmp\package_plushd_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6N29P.tmp\package_priceless_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6N29P.tmp\package_psecprotwhite_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6N29P.tmp\package_pzombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6N29P.tmp\package_quickref_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6N29P.tmp\package_sb_driverupdater_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6N29P.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6N29P.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6N29P.tmp\package_speeditup_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6N29P.tmp\package_spimali_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6N29P.tmp\package_stormpverti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6N29P.tmp\package_StormWatch_Boost_Verti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6N29P.tmp\package_superpc_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6N29P.tmp\package_taplika_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6N29P.tmp\package_wordproser_pariente_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6N29P.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-6OBHA.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7388I.tmp\package_AmNuvision_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7388I.tmp\package_amonetize_plushd_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7388I.tmp\package_boost_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7388I.tmp\package_browsergood_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7388I.tmp\package_BubbleSound_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7388I.tmp\package_cp_desktopdock_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7388I.tmp\package_cubepile_speedcheck_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7388I.tmp\package_CubepileShopperz_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7388I.tmp\package_FlashBeat_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7388I.tmp\package_iminent_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7388I.tmp\package_optimizerpro_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7388I.tmp\package_piccolor_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7388I.tmp\package_plumoweb_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7388I.tmp\package_plushd_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7388I.tmp\package_psecprotwhite_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7388I.tmp\package_quickref_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7388I.tmp\package_sb_driverupdater_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7388I.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7388I.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7388I.tmp\package_snapdo_linkury_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7388I.tmp\package_speeditup_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7388I.tmp\package_spimali_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7388I.tmp\package_stormpverti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7388I.tmp\package_superpc_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7388I.tmp\package_taplika_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7388I.tmp\package_wordproser_pariente_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7388I.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-75NAE.tmp\package_pariente_secureprotect_bing_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-75NAE.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-75NAE.tmp\package_taplika_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-75NAE.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7F4GB.tmp\150.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7F4GB.tmp\ism.exe detected: Application.BrowserExt (A)
C:\Users\Jason\AppData\Local\Temp\is-7F4GB.tmp\package_airwebbar_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7F4GB.tmp\package_AmNuvision_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7F4GB.tmp\package_browsergood_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7F4GB.tmp\package_bubbledock_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7F4GB.tmp\package_BubbleSound_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7F4GB.tmp\package_CubepileShopperz_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7F4GB.tmp\package_mountainbike_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7F4GB.tmp\package_optimizerpro_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7F4GB.tmp\package_pariente_secureprotect_bing_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7F4GB.tmp\package_pariente_secureprotect_yahoo_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7F4GB.tmp\package_plushd_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7F4GB.tmp\package_priceless_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7F4GB.tmp\package_psafeguard_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7F4GB.tmp\package_quickref_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7F4GB.tmp\package_quickref_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7F4GB.tmp\package_sb_driverupdater_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7F4GB.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7F4GB.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7F4GB.tmp\package_speeditup_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7F4GB.tmp\package_StormWatch_Boost_Verti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7F4GB.tmp\package_superpc_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7F4GB.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7FMTC.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7K7M0.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7MQ95.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-7SF71.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-852KK.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-867N2.tmp\package_AmNuvision_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-867N2.tmp\package_boost_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-867N2.tmp\package_browsergood_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-867N2.tmp\package_BubbleSound_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-867N2.tmp\package_cp_desktopdock_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-867N2.tmp\package_cubepile_speedcheck_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-867N2.tmp\package_CubepileShopperz_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-867N2.tmp\package_FlashBeat_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-867N2.tmp\package_optimizerpro_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-867N2.tmp\package_piccolor_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-867N2.tmp\package_plumoweb_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-867N2.tmp\package_plushd_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-867N2.tmp\package_priceless_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-867N2.tmp\package_psecprotwhite_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-867N2.tmp\package_quickref_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-867N2.tmp\package_quickref_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-867N2.tmp\package_sb_driverupdater_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-867N2.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-867N2.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-867N2.tmp\package_speeditup_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-867N2.tmp\package_stormpverti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-867N2.tmp\package_StormWatch_Boost_Verti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-867N2.tmp\package_superpc_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-867N2.tmp\package_taplika_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-867N2.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-8GV2H.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-8L7TJ.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-8VJD1.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-90GLT.tmp\ism.exe detected: Application.BrowserExt (A)
C:\Users\Jason\AppData\Local\Temp\is-90GLT.tmp\package_airwebbar_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-90GLT.tmp\package_AmNuvision_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-90GLT.tmp\package_boost_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-90GLT.tmp\package_browsergood_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-90GLT.tmp\package_BubbleSound_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-90GLT.tmp\package_cubepile_speedcheck_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-90GLT.tmp\package_CubepileShopperz_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-90GLT.tmp\package_mountainbike_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-90GLT.tmp\package_optimizerpro_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-90GLT.tmp\package_pariente_secureprotect_bing_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-90GLT.tmp\package_pariente_secureprotect_yahoo_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-90GLT.tmp\package_pckeeper_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-90GLT.tmp\package_piccolor_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-90GLT.tmp\package_plushd_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-90GLT.tmp\package_pzombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-90GLT.tmp\package_quickref_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-90GLT.tmp\package_sb_driverupdater_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-90GLT.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-90GLT.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-90GLT.tmp\package_speeditup_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-90GLT.tmp\package_stormpverti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-90GLT.tmp\package_StormWatch_Boost_Verti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-90GLT.tmp\package_superpc_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-90GLT.tmp\package_taplika_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-90GLT.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-951N7.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-96KQD.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-9GG8C.tmp\ism.exe detected: Application.BrowserExt (A)
C:\Users\Jason\AppData\Local\Temp\is-9GG8C.tmp\package_pariente_secureprotect_bing_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-9GG8C.tmp\package_pariente_secureprotect_yahoo_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-9GG8C.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-9GG8C.tmp\package_taplika_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-9GG8C.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-9RO1V.tmp\150.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-9RO1V.tmp\382.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-9RO1V.tmp\ism.exe detected: Application.BrowserExt (A)
C:\Users\Jason\AppData\Local\Temp\is-9RO1V.tmp\package_airwebbar_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-9RO1V.tmp\package_AmNuvision_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-9RO1V.tmp\package_browsergood_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-9RO1V.tmp\package_bubbledock_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-9RO1V.tmp\package_CubepileShopperz_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-9RO1V.tmp\package_mountainbike_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-9RO1V.tmp\package_optimizerpro_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-9RO1V.tmp\package_pariente_secureprotect_bing_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-9RO1V.tmp\package_pariente_secureprotect_yahoo_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-9RO1V.tmp\package_plushd_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-9RO1V.tmp\package_priceless_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-9RO1V.tmp\package_priceless_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-9RO1V.tmp\package_psafeguard_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-9RO1V.tmp\package_quickref_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-9RO1V.tmp\package_quickref_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-9RO1V.tmp\package_sb_driverupdater_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-9RO1V.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-9RO1V.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-9RO1V.tmp\package_speeditup_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-9RO1V.tmp\package_StormWatch_Boost_Verti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-9RO1V.tmp\package_superpc_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-9RO1V.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-9UDUL.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-AAHII.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-APOOH.tmp\package_browsergood_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-APOOH.tmp\package_psecprotwhite_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-APOOH.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-APOOH.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-APOOH.tmp\package_snapdo_linkury_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-APOOH.tmp\package_speeditup_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-APOOH.tmp\package_spimali_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-APOOH.tmp\package_taplika_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-APOOH.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-AQQV9.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BA2QP.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BD3MB.tmp\package_AmNuvision_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BD3MB.tmp\package_boost_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BD3MB.tmp\package_browsergood_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BD3MB.tmp\package_BubbleSound_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BD3MB.tmp\package_cp_desktopdock_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BD3MB.tmp\package_cubepile_speedcheck_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BD3MB.tmp\package_CubepileShopperz_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BD3MB.tmp\package_mountainbike_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BD3MB.tmp\package_optimizerpro_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BD3MB.tmp\package_piccolor_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BD3MB.tmp\package_plushd_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BD3MB.tmp\package_psecprotwhite_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BD3MB.tmp\package_pzombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BD3MB.tmp\package_quickref_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BD3MB.tmp\package_sb_driverupdater_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BD3MB.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BD3MB.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BD3MB.tmp\package_speeditup_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BD3MB.tmp\package_stormpverti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BD3MB.tmp\package_StormWatch_Boost_Verti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BD3MB.tmp\package_superpc_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BD3MB.tmp\package_taplika_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BD3MB.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BEBL5.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BEN9N.tmp\150.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BEN9N.tmp\382.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BEN9N.tmp\ism.exe detected: Application.BrowserExt (A)
C:\Users\Jason\AppData\Local\Temp\is-BEN9N.tmp\package_airwebbar_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BEN9N.tmp\package_AmNuvision_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BEN9N.tmp\package_browsergood_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BEN9N.tmp\package_bubbledock_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BEN9N.tmp\package_BubbleSound_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BEN9N.tmp\package_CubepileShopperz_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BEN9N.tmp\package_mountainbike_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BEN9N.tmp\package_optimizerpro_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BEN9N.tmp\package_pariente_secureprotect_bing_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BEN9N.tmp\package_pariente_secureprotect_yahoo_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BEN9N.tmp\package_pcrossbrowser_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BEN9N.tmp\package_plushd_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BEN9N.tmp\package_priceless_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BEN9N.tmp\package_priceless_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BEN9N.tmp\package_psafeguard_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BEN9N.tmp\package_quickref_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BEN9N.tmp\package_quickref_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BEN9N.tmp\package_sb_driverupdater_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BEN9N.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BEN9N.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BEN9N.tmp\package_speeditup_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BEN9N.tmp\package_StormWatch_Boost_Verti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BEN9N.tmp\package_superpc_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BEN9N.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BQK6J.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-BUI22.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-CG4F6.tmp\ism.exe detected: Application.BrowserExt (A)
C:\Users\Jason\AppData\Local\Temp\is-CKM0F.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-CVB6I.tmp\ism.exe detected: Application.BrowserExt (A)
C:\Users\Jason\AppData\Local\Temp\is-CVB6I.tmp\package_browsergood_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-CVB6I.tmp\package_cubepile_speedcheck_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-CVB6I.tmp\package_mountainbike_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-CVB6I.tmp\package_pariente_secureprotect_bing_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-CVB6I.tmp\package_pariente_secureprotect_yahoo_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-CVB6I.tmp\package_pzombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-CVB6I.tmp\package_quickref_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-CVB6I.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-CVB6I.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-CVB6I.tmp\package_StormWatch_Boost_Verti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-CVB6I.tmp\package_taplika_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-CVB6I.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-D6TUF.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DATP7.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DEVN0.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DGTN8.tmp\ism.exe detected: Application.BrowserExt (A)
C:\Users\Jason\AppData\Local\Temp\is-DGTN8.tmp\package_airwebbar_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DGTN8.tmp\package_boost_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DGTN8.tmp\package_browsergood_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DGTN8.tmp\package_BubbleSound_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DGTN8.tmp\package_cubepile_speedcheck_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DGTN8.tmp\package_CubepileShopperz_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DGTN8.tmp\package_mountainbike_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DGTN8.tmp\package_optimizerpro_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DGTN8.tmp\package_pariente_secureprotect_bing_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DGTN8.tmp\package_pariente_secureprotect_yahoo_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DGTN8.tmp\package_pckeeper_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DGTN8.tmp\package_piccolor_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DGTN8.tmp\package_plushd_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DGTN8.tmp\package_pzombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DGTN8.tmp\package_quickref_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DGTN8.tmp\package_sb_driverupdater_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DGTN8.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DGTN8.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DGTN8.tmp\package_speeditup_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DGTN8.tmp\package_stormpverti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DGTN8.tmp\package_StormWatch_Boost_Verti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DGTN8.tmp\package_superpc_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DGTN8.tmp\package_taplika_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DGTN8.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DLS2Q.tmp\package_psecprotwhite_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DLS2Q.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DLS2Q.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DLS2Q.tmp\package_StormWatch_Boost_Verti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DLS2Q.tmp\package_taplika_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DLS2Q.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DMAR5.tmp\ism.exe detected: Application.BrowserExt (A)
C:\Users\Jason\AppData\Local\Temp\is-DMAR5.tmp\package_airwebbar_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DMAR5.tmp\package_AmNuvision_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DMAR5.tmp\package_boost_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DMAR5.tmp\package_browsergood_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DMAR5.tmp\package_bubbledock_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DMAR5.tmp\package_BubbleSound_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DMAR5.tmp\package_CubepileShopperz_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DMAR5.tmp\package_mountainbike_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DMAR5.tmp\package_optimizerpro_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DMAR5.tmp\package_pariente_secureprotect_bing_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DMAR5.tmp\package_pariente_secureprotect_yahoo_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DMAR5.tmp\package_piccolor_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DMAR5.tmp\package_plushd_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DMAR5.tmp\package_priceless_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DMAR5.tmp\package_priceless_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DMAR5.tmp\package_pzombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DMAR5.tmp\package_quickref_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DMAR5.tmp\package_quickref_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DMAR5.tmp\package_sb_driverupdater_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DMAR5.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DMAR5.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DMAR5.tmp\package_sn_speedcheck_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DMAR5.tmp\package_speeditup_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DMAR5.tmp\package_spyouyahoo_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DMAR5.tmp\package_stormpverti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DMAR5.tmp\package_StormWatch_Boost_Verti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DMAR5.tmp\package_superpc_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DMAR5.tmp\package_taplika_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DMAR5.tmp\package_wajam_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-DMAR5.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-EAGGF.tmp\ism.exe detected: Application.BrowserExt (A)
C:\Users\Jason\AppData\Local\Temp\is-EAGGF.tmp\package_airwebbar_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-EAGGF.tmp\package_AmNuvision_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-EAGGF.tmp\package_browsergood_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-EAGGF.tmp\package_bubbledock_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-EAGGF.tmp\package_BubbleSound_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-EAGGF.tmp\package_CubepileShopperz_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-EAGGF.tmp\package_mountainbike_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-EAGGF.tmp\package_optimizerpro_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-EAGGF.tmp\package_pariente_secureprotect_bing_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-EAGGF.tmp\package_pariente_secureprotect_yahoo_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-EAGGF.tmp\package_plushd_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-EAGGF.tmp\package_priceless_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-EAGGF.tmp\package_priceless_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-EAGGF.tmp\package_psafeguard_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-EAGGF.tmp\package_quickref_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-EAGGF.tmp\package_quickref_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-EAGGF.tmp\package_sb_driverupdater_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-EAGGF.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-EAGGF.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-EAGGF.tmp\package_speeditup_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-EAGGF.tmp\package_StormWatch_Boost_Verti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-EAGGF.tmp\package_superpc_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-EAGGF.tmp\package_taplika_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-EAGGF.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-EMGAR.tmp\ism.exe detected: Application.BrowserExt (A)
C:\Users\Jason\AppData\Local\Temp\is-ENDF1.tmp\package_AmNuvision_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-ENDF1.tmp\package_boost_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-ENDF1.tmp\package_browsergood_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-ENDF1.tmp\package_BubbleSound_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-ENDF1.tmp\package_cp_desktopdock_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-ENDF1.tmp\package_cubepile_speedcheck_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-ENDF1.tmp\package_CubepileShopperz_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-ENDF1.tmp\package_mountainbike_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-ENDF1.tmp\package_optimizerpro_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-ENDF1.tmp\package_piccolor_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-ENDF1.tmp\package_plushd_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-ENDF1.tmp\package_psecprotwhite_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-ENDF1.tmp\package_pzombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-ENDF1.tmp\package_quickref_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-ENDF1.tmp\package_quickref_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-ENDF1.tmp\package_sb_driverupdater_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-ENDF1.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-ENDF1.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-ENDF1.tmp\package_speeditup_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-ENDF1.tmp\package_stormpverti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-ENDF1.tmp\package_StormWatch_Boost_Verti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-ENDF1.tmp\package_superpc_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-ENDF1.tmp\package_taplika_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-ENDF1.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-FDEVC.tmp\package_AmNuvision_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-FDEVC.tmp\package_amonetize_plushd_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-FDEVC.tmp\package_boost_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-FDEVC.tmp\package_browsergood_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-FDEVC.tmp\package_BubbleSound_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-FDEVC.tmp\package_cp_desktopdock_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-FDEVC.tmp\package_cubepile_speedcheck_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-FDEVC.tmp\package_CubepileShopperz_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-FDEVC.tmp\package_FlashBeat_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-FDEVC.tmp\package_iminent_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-FDEVC.tmp\package_optimizerpro_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-FDEVC.tmp\package_piccolor_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-FDEVC.tmp\package_plumoweb_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-FDEVC.tmp\package_plushd_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-FDEVC.tmp\package_priceless_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-FDEVC.tmp\package_psecprotwhite_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-FDEVC.tmp\package_pzombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-FDEVC.tmp\package_quickref_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-FDEVC.tmp\package_sb_driverupdater_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-FDEVC.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-FDEVC.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-FDEVC.tmp\package_snapdo_linkury_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-FDEVC.tmp\package_speeditup_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-FDEVC.tmp\package_spimali_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-FDEVC.tmp\package_stormpverti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-FDEVC.tmp\package_superpc_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-FDEVC.tmp\package_taplika_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-FDEVC.tmp\package_wordproser_pariente_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-FDEVC.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-FIUG6.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-FK0GG.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-FLM30.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-FTT63.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-GFCS8.tmp\package_browsergood_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-GFCS8.tmp\package_iminent_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-GFCS8.tmp\package_optimizerpro_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-GFCS8.tmp\package_plumoweb_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-GFCS8.tmp\package_psecprotwhite_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-GFCS8.tmp\package_quickref_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-GFCS8.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-GFCS8.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-GFCS8.tmp\package_snapdo_linkury_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-GFCS8.tmp\package_speeditup_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-GFCS8.tmp\package_wordproser_pariente_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-GFCS8.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-H235F.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HEIH2.tmp\150.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HEIH2.tmp\382.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HEIH2.tmp\ism.exe detected: Application.BrowserExt (A)
C:\Users\Jason\AppData\Local\Temp\is-HEIH2.tmp\package_airwebbar_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HEIH2.tmp\package_AmNuvision_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HEIH2.tmp\package_browsergood_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HEIH2.tmp\package_bubbledock_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HEIH2.tmp\package_BubbleSound_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HEIH2.tmp\package_CubepileShopperz_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HEIH2.tmp\package_mountainbike_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HEIH2.tmp\package_optimizerpro_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HEIH2.tmp\package_pariente_secureprotect_bing_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HEIH2.tmp\package_pariente_secureprotect_yahoo_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HEIH2.tmp\package_pcrossbrowser_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HEIH2.tmp\package_plushd_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HEIH2.tmp\package_priceless_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HEIH2.tmp\package_priceless_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HEIH2.tmp\package_psafeguard_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HEIH2.tmp\package_quickref_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HEIH2.tmp\package_quickref_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HEIH2.tmp\package_sb_driverupdater_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HEIH2.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HEIH2.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HEIH2.tmp\package_speeditup_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HEIH2.tmp\package_StormWatch_Boost_Verti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HEIH2.tmp\package_superpc_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HEIH2.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HH9RF.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HL2F9.tmp\package_AmNuvision_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HL2F9.tmp\package_amonetize_plushd_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HL2F9.tmp\package_boost_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HL2F9.tmp\package_browsergood_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HL2F9.tmp\package_BubbleSound_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HL2F9.tmp\package_cp_desktopdock_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HL2F9.tmp\package_cubepile_speedcheck_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HL2F9.tmp\package_cubepile_wajam_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HL2F9.tmp\package_CubepileShopperz_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HL2F9.tmp\package_FlashBeat_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HL2F9.tmp\package_iminent_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HL2F9.tmp\package_optimizerpro_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HL2F9.tmp\package_piccolor_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HL2F9.tmp\package_plumoweb_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HL2F9.tmp\package_plushd_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HL2F9.tmp\package_priceless_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HL2F9.tmp\package_psecprotwhite_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HL2F9.tmp\package_pzombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HL2F9.tmp\package_quickref_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HL2F9.tmp\package_sb_driverupdater_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HL2F9.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HL2F9.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HL2F9.tmp\package_speeditup_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HL2F9.tmp\package_spimali_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HL2F9.tmp\package_stormpverti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HL2F9.tmp\package_StormWatch_Boost_Verti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HL2F9.tmp\package_superpc_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HL2F9.tmp\package_taplika_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HL2F9.tmp\package_wordproser_pariente_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-HL2F9.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-IQ2M9.tmp\150.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-IQ2M9.tmp\382.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-IQ2M9.tmp\ism.exe detected: Application.BrowserExt (A)
C:\Users\Jason\AppData\Local\Temp\is-IQ2M9.tmp\package_airwebbar_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-IQ2M9.tmp\package_AmNuvision_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-IQ2M9.tmp\package_browsergood_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-IQ2M9.tmp\package_bubbledock_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-IQ2M9.tmp\package_BubbleSound_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-IQ2M9.tmp\package_CubepileShopperz_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-IQ2M9.tmp\package_mountainbike_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-IQ2M9.tmp\package_optimizerpro_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-IQ2M9.tmp\package_pariente_secureprotect_bing_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-IQ2M9.tmp\package_pariente_secureprotect_yahoo_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-IQ2M9.tmp\package_plushd_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-IQ2M9.tmp\package_priceless_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-IQ2M9.tmp\package_psafeguard_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-IQ2M9.tmp\package_quickref_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-IQ2M9.tmp\package_quickref_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-IQ2M9.tmp\package_sb_driverupdater_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-IQ2M9.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-IQ2M9.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-IQ2M9.tmp\package_speeditup_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-IQ2M9.tmp\package_StormWatch_Boost_Verti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-IQ2M9.tmp\package_superpc_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-IQ2M9.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-ISTKT.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-J2PB8.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-JGVP4.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-JIC9B.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-KS4GR.tmp\package_AmNuvision_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-KS4GR.tmp\package_boost_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-KS4GR.tmp\package_browsergood_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-KS4GR.tmp\package_BubbleSound_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-KS4GR.tmp\package_cp_desktopdock_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-KS4GR.tmp\package_cubepile_speedcheck_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-KS4GR.tmp\package_cubepile_wajam_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-KS4GR.tmp\package_CubepileShopperz_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-KS4GR.tmp\package_FlashBeat_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-KS4GR.tmp\package_hyperbrows_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-KS4GR.tmp\package_optimizerpro_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-KS4GR.tmp\package_piccolor_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-KS4GR.tmp\package_plumoweb_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-KS4GR.tmp\package_plushd_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-KS4GR.tmp\package_priceless_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-KS4GR.tmp\package_psecprotwhite_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-KS4GR.tmp\package_pzombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-KS4GR.tmp\package_quickref_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-KS4GR.tmp\package_quickref_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-KS4GR.tmp\package_sb_driverupdater_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-KS4GR.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-KS4GR.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-KS4GR.tmp\package_speeditup_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-KS4GR.tmp\package_spimali_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-KS4GR.tmp\package_stormpverti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-KS4GR.tmp\package_StormWatch_Boost_Verti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-KS4GR.tmp\package_superpc_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-KS4GR.tmp\package_taplika_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-KS4GR.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-LG7LI.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MASHO.tmp\ism.exe detected: Application.BrowserExt (A)
C:\Users\Jason\AppData\Local\Temp\is-MASHO.tmp\package_airwebbar_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MASHO.tmp\package_AmNuvision_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MASHO.tmp\package_browsergood_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MASHO.tmp\package_bubbledock_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MASHO.tmp\package_BubbleSound_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MASHO.tmp\package_CubepileShopperz_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MASHO.tmp\package_mountainbike_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MASHO.tmp\package_optimizerpro_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MASHO.tmp\package_pariente_secureprotect_bing_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MASHO.tmp\package_pariente_secureprotect_yahoo_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MASHO.tmp\package_piccolor_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MASHO.tmp\package_plushd_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MASHO.tmp\package_priceless_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MASHO.tmp\package_priceless_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MASHO.tmp\package_quickref_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MASHO.tmp\package_quickref_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MASHO.tmp\package_sb_driverupdater_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MASHO.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MASHO.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MASHO.tmp\package_speeditup_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MASHO.tmp\package_stormpverti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MASHO.tmp\package_StormWatch_Boost_Verti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MASHO.tmp\package_superpc_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MASHO.tmp\package_taplika_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MASHO.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MFJ83.tmp\ism.exe detected: Application.BrowserExt (A)
C:\Users\Jason\AppData\Local\Temp\is-MFJ83.tmp\package_mountainbike_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MFJ83.tmp\package_pariente_secureprotect_bing_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MFJ83.tmp\package_plushd_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MFJ83.tmp\package_pzombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MFJ83.tmp\package_quickref_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MFJ83.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MFJ83.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MFJ83.tmp\package_speeditup_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MFJ83.tmp\package_stormpverti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MFJ83.tmp\package_StormWatch_Boost_Verti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MFJ83.tmp\package_taplika_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MFJ83.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MLB5V.tmp\ism.exe detected: Application.BrowserExt (A)
C:\Users\Jason\AppData\Local\Temp\is-MLB5V.tmp\package_airwebbar_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MLB5V.tmp\package_AmNuvision_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MLB5V.tmp\package_boost_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MLB5V.tmp\package_browsergood_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MLB5V.tmp\package_BubbleSound_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MLB5V.tmp\package_CubepileShopperz_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MLB5V.tmp\package_mountainbike_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MLB5V.tmp\package_optimizerpro_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MLB5V.tmp\package_pariente_secureprotect_bing_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MLB5V.tmp\package_pariente_secureprotect_yahoo_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MLB5V.tmp\package_piccolor_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MLB5V.tmp\package_plushd_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MLB5V.tmp\package_priceless_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MLB5V.tmp\package_pzombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MLB5V.tmp\package_quickref_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MLB5V.tmp\package_sb_driverupdater_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MLB5V.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MLB5V.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MLB5V.tmp\package_speeditup_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MLB5V.tmp\package_stormpverti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MLB5V.tmp\package_StormWatch_Boost_Verti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MLB5V.tmp\package_superpc_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MLB5V.tmp\package_taplika_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MLB5V.tmp\package_wajam_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MLB5V.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-MQ4QR.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-N4M10.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-NMH01.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-O2FNP.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-O3VOU.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-OM2M7.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-OR0TT.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-OR97I.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-OTKOR.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-P17J9.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-P1P9O.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-PJCKH.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-PUUVA.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-Q6E4B.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-QFP7J.tmp\package_AmNuvision_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-QFP7J.tmp\package_boost_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-QFP7J.tmp\package_browsergood_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-QFP7J.tmp\package_BubbleSound_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-QFP7J.tmp\package_cp_desktopdock_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-QFP7J.tmp\package_cubepile_speedcheck_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-QFP7J.tmp\package_CubepileShopperz_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-QFP7J.tmp\package_mountainbike_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-QFP7J.tmp\package_optimizerpro_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-QFP7J.tmp\package_piccolor_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-QFP7J.tmp\package_plushd_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-QFP7J.tmp\package_psecprotwhite_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-QFP7J.tmp\package_pzombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-QFP7J.tmp\package_quickref_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-QFP7J.tmp\package_sb_driverupdater_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-QFP7J.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-QFP7J.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-QFP7J.tmp\package_speeditup_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-QFP7J.tmp\package_stormpverti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-QFP7J.tmp\package_StormWatch_Boost_Verti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-QFP7J.tmp\package_superpc_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-QFP7J.tmp\package_taplika_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-QFP7J.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-QILQ8.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-R63MA.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-RBSBU.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-RIHGR.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-RTGIS.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-S4HQL.tmp\package_airwebbar_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-S4HQL.tmp\package_mountainbike_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-S4HQL.tmp\package_pariente_secureprotect_bing_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-S4HQL.tmp\package_plushd_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-S4HQL.tmp\package_quickref_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-S4HQL.tmp\package_quickref_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-S4HQL.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-S4HQL.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-S4HQL.tmp\package_StormWatch_Boost_Verti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-S4HQL.tmp\package_taplika_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-S4HQL.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-SVMMA.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-T3G0N.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-T87TI.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-TB26L.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-TD1UL.tmp\150.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-TOJIJ.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-TQ60T.tmp\ism.exe detected: Application.BrowserExt (A)
C:\Users\Jason\AppData\Local\Temp\is-TQ60T.tmp\package_AmNuvision_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-TQ60T.tmp\package_boost_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-TQ60T.tmp\package_browsergood_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-TQ60T.tmp\package_BubbleSound_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-TQ60T.tmp\package_cubepile_speedcheck_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-TQ60T.tmp\package_CubepileShopperz_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-TQ60T.tmp\package_mountainbike_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-TQ60T.tmp\package_navright_imali_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-TQ60T.tmp\package_optimizerpro_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-TQ60T.tmp\package_pariente_secureprotect_bing_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-TQ60T.tmp\package_pariente_secureprotect_yahoo_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-TQ60T.tmp\package_piccolor_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-TQ60T.tmp\package_plushd_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-TQ60T.tmp\package_priceless_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-TQ60T.tmp\package_pzombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-TQ60T.tmp\package_quickref_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-TQ60T.tmp\package_sb_driverupdater_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-TQ60T.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-TQ60T.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-TQ60T.tmp\package_sn_shopperz_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-TQ60T.tmp\package_speeditup_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-TQ60T.tmp\package_stormpverti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-TQ60T.tmp\package_StormWatch_Boost_Verti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-TQ60T.tmp\package_superpc_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-TQ60T.tmp\package_taplika_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-TQ60T.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-U08OM.tmp\11.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-U08OM.tmp\150.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-U08OM.tmp\382.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-U08OM.tmp\ism.exe detected: Application.BrowserExt (A)
C:\Users\Jason\AppData\Local\Temp\is-U08OM.tmp\package_airwebbar_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-U08OM.tmp\package_browsergood_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-U08OM.tmp\package_bubbledock_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-U08OM.tmp\package_BubbleSound_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-U08OM.tmp\package_CubepileShopperz_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-U08OM.tmp\package_mountainbike_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-U08OM.tmp\package_optimizerpro_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-U08OM.tmp\package_pariente_secureprotect_bing_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-U08OM.tmp\package_pariente_secureprotect_yahoo_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-U08OM.tmp\package_pcrossbrowser_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-U08OM.tmp\package_psafeguard_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-U08OM.tmp\package_quickref_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-U08OM.tmp\package_quickref_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-U08OM.tmp\package_sb_driverupdater_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-U08OM.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-U08OM.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-U08OM.tmp\package_speeditup_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-U08OM.tmp\package_StormWatch_Boost_Verti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-U08OM.tmp\package_superpc_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-U08OM.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-UKKM5.tmp\ism.exe detected: Application.BrowserExt (A)
C:\Users\Jason\AppData\Local\Temp\is-UKKM5.tmp\package_airwebbar_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-UKKM5.tmp\package_AmNuvision_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-UKKM5.tmp\package_boost_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-UKKM5.tmp\package_browsergood_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-UKKM5.tmp\package_bubbledock_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-UKKM5.tmp\package_BubbleSound_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-UKKM5.tmp\package_CubepileShopperz_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-UKKM5.tmp\package_mountainbike_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-UKKM5.tmp\package_optimizerpro_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-UKKM5.tmp\package_pariente_secureprotect_bing_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-UKKM5.tmp\package_pariente_secureprotect_yahoo_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-UKKM5.tmp\package_piccolor_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-UKKM5.tmp\package_plushd_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-UKKM5.tmp\package_priceless_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-UKKM5.tmp\package_pzombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-UKKM5.tmp\package_quickref_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-UKKM5.tmp\package_quickref_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-UKKM5.tmp\package_sb_driverupdater_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-UKKM5.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-UKKM5.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-UKKM5.tmp\package_sn_speedcheck_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-UKKM5.tmp\package_speeditup_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-UKKM5.tmp\package_spyouyahoo_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-UKKM5.tmp\package_stormpverti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-UKKM5.tmp\package_StormWatch_Boost_Verti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-UKKM5.tmp\package_superpc_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-UKKM5.tmp\package_taplika_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-UKKM5.tmp\package_wajam_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-UKKM5.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-US88S.tmp\package_browsergood_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-US88S.tmp\package_psecprotwhite_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-US88S.tmp\package_pzombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-US88S.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-US88S.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-US88S.tmp\package_speeditup_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-US88S.tmp\package_spimali_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-US88S.tmp\package_StormWatch_Boost_Verti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-US88S.tmp\package_taplika_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-US88S.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-V3KDE.tmp\package_AmNuvision_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-V3KDE.tmp\package_boost_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-V3KDE.tmp\package_browsergood_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-V3KDE.tmp\package_BubbleSound_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-V3KDE.tmp\package_cp_desktopdock_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-V3KDE.tmp\package_cubepile_speedcheck_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-V3KDE.tmp\package_cubepile_wajam_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-V3KDE.tmp\package_CubepileShopperz_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-V3KDE.tmp\package_FlashBeat_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-V3KDE.tmp\package_mountainbike_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-V3KDE.tmp\package_optimizerpro_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-V3KDE.tmp\package_piccolor_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-V3KDE.tmp\package_plushd_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-V3KDE.tmp\package_priceless_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-V3KDE.tmp\package_psecprotwhite_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-V3KDE.tmp\package_quickref_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-V3KDE.tmp\package_quickref_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-V3KDE.tmp\package_sb_driverupdater_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-V3KDE.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-V3KDE.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-V3KDE.tmp\package_speeditup_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-V3KDE.tmp\package_stormpverti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-V3KDE.tmp\package_StormWatch_Boost_Verti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-V3KDE.tmp\package_superpc_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-V3KDE.tmp\package_taplika_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-V3KDE.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-V3OSQ.tmp\package_pariente_secureprotect_bing_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-V3OSQ.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-V3OSQ.tmp\package_taplika_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-V3OSQ.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-V7PEU.tmp\150.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-V7PEU.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-V7PEU.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-VG4AD.tmp\gentlemjmp_ieeuu.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-VMVA5.tmp\150.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-VMVA5.tmp\382.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-VMVA5.tmp\ism.exe detected: Application.BrowserExt (A)
C:\Users\Jason\AppData\Local\Temp\is-VMVA5.tmp\package_airwebbar_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-VMVA5.tmp\package_AmNuvision_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-VMVA5.tmp\package_browsergood_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-VMVA5.tmp\package_bubbledock_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-VMVA5.tmp\package_BubbleSound_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-VMVA5.tmp\package_CubepileShopperz_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-VMVA5.tmp\package_mountainbike_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-VMVA5.tmp\package_optimizerpro_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-VMVA5.tmp\package_pariente_secureprotect_bing_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-VMVA5.tmp\package_pariente_secureprotect_yahoo_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-VMVA5.tmp\package_pcrossbrowser_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-VMVA5.tmp\package_psafeguard_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-VMVA5.tmp\package_quickref_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-VMVA5.tmp\package_quickref_p_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-VMVA5.tmp\package_sb_driverupdater_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-VMVA5.tmp\package_SByoutube_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-VMVA5.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-VMVA5.tmp\package_speeditup_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-VMVA5.tmp\package_StormWatch_Boost_Verti_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-VMVA5.tmp\package_superpc_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-VMVA5.tmp\package_zombie_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-VU3V9.tmp\ism.exe detected: Application.BrowserExt (A)
C:\Users\Jason\AppData\Local\Temp\is-VU3V9.tmp\package_secureprotect_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\is-VU3V9.tmp\package_taplika_installer_multilang.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Local\Temp\Low\9F0C.tmp detected: Trojan.Agent.BIZC (B)
C:\Users\Jason\AppData\Local\Temp\Setup_14020.exe detected: Adware.Eorezo.BZ (B)
C:\Users\Jason\AppData\Roaming\PowerISO\Upgrade\PowerISO6.exe -> (NSIS o) -> lzma_solid_nsis0061 -> (NSIS o) -> lzma_solid_nsis0000 detected: Application.Agent.HN (B)
 
Scanned 362920
Found 1171
 
Scan end: 5/4/2015 11:08:49 PM
Scan time: 4:29:07

Attached Files


Edited by xXToffeeXx, 06 May 2015 - 12:58 PM.


#10 Jason6300

Jason6300
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:33 PM

Posted 06 May 2015 - 08:48 AM

the eset scan is 12 hours in and hung at 99% should i restart it?



#11 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,041 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:03:33 AM

Posted 06 May 2015 - 01:06 PM

Hi Jason6300,

 

You may end the scan. Did it have any detections?

 

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#12 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,041 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:03:33 AM

Posted 12 May 2015 - 11:09 AM

Hi Jason6300,

 

How are you getting on?

 

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#13 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,041 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:03:33 AM

Posted 24 May 2015 - 05:24 AM

Due to the lack of feedback, this topic is now closed.<br /><br />In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. <br><br>Please include a link to your topic in the Private Message. Thank you.

~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users