Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Flash Player Update - Virus Galore


  • This topic is locked This topic is locked
25 replies to this topic

#1 Phaze13

Phaze13

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:06:13 AM

Posted 13 May 2015 - 08:17 PM

Thanks in advance for any & all the help!

 

The wife clicked on a "Flash Player Update" and BOOM. Meltdown!

 

Here is a pic of the things that were installed. I tried to use add/remove to remove the unwanted programs. Quickly realized that is not going to work. I can't even use the internet on the computer.

 

Attached Image: Capture.png

Link: https://www.dropbox.com/s/24zp1autajgsct8/Capture.PNG?dl=0

 

Here is the FRST Log:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-05-2015 01
Ran by With (administrator) on WITH-PC on 13-05-2015 20:43:02
Running from C:\Users\With\Desktop
Loaded Profiles: With (Available profiles: With)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
() C:\ProgramData\NetEngine\bin\D10\netengine.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Windows\SysWOW64\ASGT.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Users\With\AppData\Local\03000200-1431458587-0500-0006-000700080009\snsd65B7.tmp
() C:\Program Files (x86)\Windows Discount\FindingDiscount\findingdiscount.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Infonaut) C:\Program Files (x86)\Infonaut_1.10.0.14\Service\insvc.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
() C:\Users\With\AppData\Roaming\03000200-1431472796-0500-0006-000700080009\nsj1160.tmp
() C:\Users\With\AppData\Roaming\03000200-1431472796-0500-0006-000700080009\jnshA43A.tmp
() C:\Program Files (x86)\Windows NT\Accessories\RuntimeManager\runtimemanager.exe
(Search Module Ltd.) C:\Program Files\Common Files\Goobzo\GBUpdate\smu.exe
(ShopperPro) C:\Program Files\Common Files\ShopperPro\spbiu.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
() C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\InternetEnhancerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
() C:\Users\With\AppData\Local\03000200-1431458573-0500-0006-000700080009\cnss2E54.tmp
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SmcGui.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Webar) C:\Program Files (x86)\Ge-Force\1f11eeea-4058-4835-96d3-31e180729d33-1-6.exe
(Cinema PlusV12.05) C:\Program Files (x86)\CinemaPlus-3.2cV12.05\b4096e90-51f6-437f-be3e-7c1dca0a5779-10.exe
(Webar) C:\Program Files (x86)\Ge-Force\1f11eeea-4058-4835-96d3-31e180729d33-10.exe
(Webar) C:\Program Files (x86)\Ge-Force\1f11eeea-4058-4835-96d3-31e180729d33-6.exe
(FlashBeat) C:\ProgramData\FlashBeat\FlashBeat.exe
(Cinema PlusV12.05) C:\Program Files (x86)\CinemaPlus-3.2cV12.05\b4096e90-51f6-437f-be3e-7c1dca0a5779-6.exe
(globalUpdate) C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe
(Cinema PlusV12.05) C:\Program Files (x86)\CinemaPlus-3.2cV12.05\b4096e90-51f6-437f-be3e-7c1dca0a5779-1-6.exe
() C:\Users\With\AppData\Local\gmsd_us_558\upgmsd_us_558.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(FlashBeat) C:\ProgramData\FlashBeat\FlashBeat.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP ENVY 110 series\Bin\ScanToPCActivationApp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\With\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Crossbrowse) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
(Web Bar Media) C:\Program Files\WebBar\2.0.5574.22315\wb.exe
() C:\Program Files (x86)\ShopperPro\JSDriver\1.42.0.1828\jsdrv.exe
(Symantec Corporation) C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
() C:\Users\With\AppData\Local\Temp\isdkJ5uXT7vb\ISightHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dropbox, Inc.) C:\Users\With\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Oracle Corporation) C:\Program Files\Java\jre1.8.0_25\bin\javaw.exe
(AnimGraph) C:\Program Files (x86)\Magic Mouse Utilities\MagicMouseUtilities.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(SoftBrain Technologies Ltd.) C:\Users\With\AppData\Local\SmartWeb\SmartWebHelper.exe
(Crossbrowse) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(SoftBrain Technologies Ltd.) C:\Users\With\AppData\Local\SmartWeb\SmartWebApp.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\gmsd_us_558\gmsd_us_558.exe
() C:\Program Files (x86)\gmsd_us_574\gmsd_us_574.exe
() C:\ProgramData\NetEngine\bin\D10\netengine.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP ENVY 110 series\Bin\HPNetworkCommunicator.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
() C:\Users\With\AppData\Local\03000200-1431458573-0500-0006-000700080009\anss2B47.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Webar) C:\Program Files (x86)\Ge-Force\1f11eeea-4058-4835-96d3-31e180729d33-10.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
() C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\InternetEnhancer.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-28] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-27] (NVIDIA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [286704 2013-04-30] (Intel Corporation)
HKLM-x32\...\Run: [ccApp] => C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe [115560 2009-07-08] (Symantec Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-10] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-08-19] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [SmartWeb] => C:\Users\With\AppData\Local\SmartWeb\SmartWebHelper.exe [270368 2015-02-17] (SoftBrain Technologies Ltd.)
HKLM-x32\...\Run: [gmsd_us_558] => C:\Program Files (x86)\gmsd_us_558\gmsd_us_558.exe [3982280 2015-05-11] ()
HKLM-x32\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
HKLM-x32\...\Run: [gmsd_us_574] => C:\Program Files (x86)\gmsd_us_574\gmsd_us_574.exe [3982280 2015-05-13] ()
HKLM-x32\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.42.0.1828\jsdrv.exe [3224576 2015-05-03] ()
HKLM-x32\...\RunOnce: [upgmsd_us_558.exe] => C:\Users\With\AppData\Local\gmsd_us_558\upgmsd_us_558.exe [3297224 2015-05-11] ()
HKU\S-1-5-21-4145080920-3812403697-566172317-1000\...\Run: [HP ENVY 110 series (NET)] => C:\Program Files\HP\HP ENVY 110 series\Bin\ScanToPCActivationApp.exe [2676584 2011-09-19] (Hewlett-Packard Co.)
HKU\S-1-5-21-4145080920-3812403697-566172317-1000\...\Run: [GoogleChromeAutoLaunch_952B3A22E8EB6153397103CE452AA6C9] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [812872 2015-04-27] (Google Inc.)
HKU\S-1-5-21-4145080920-3812403697-566172317-1000\...\Run: [Google Update] => C:\Users\With\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-07-12] (Google Inc.)
HKU\S-1-5-21-4145080920-3812403697-566172317-1000\...\Run: [MusicManager] => C:\Users\With\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7475200 2015-03-31] (Google Inc.)
HKU\S-1-5-21-4145080920-3812403697-566172317-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25700400 2015-04-28] (Google)
HKU\S-1-5-21-4145080920-3812403697-566172317-1000\...\Run: [GoogleChromeAutoLaunch_AF9A6CD07E4B43119E70183BD40C78F4] => C:\Users\With\AppData\Local\Chromium\Application\chrome.exe [656896 2015-05-09] (The Chromium Authors)
HKU\S-1-5-21-4145080920-3812403697-566172317-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-4145080920-3812403697-566172317-1000\...\Run: [GoogleChromeAutoLaunch_626EC64BA0337E5A0C3058A22CA63516] => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe [637440 2015-03-16] (Crossbrowse)
HKU\S-1-5-21-4145080920-3812403697-566172317-1000\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
HKU\S-1-5-21-4145080920-3812403697-566172317-1000\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.42.0.1828\jsdrv.exe [3224576 2015-05-03] ()
AppInit_DLLs: C:\ProgramData\FlashBeat\FlashBeat64.dll => C:\ProgramData\FlashBeat\FlashBeat64.dll [1046016 2015-05-11] (FlashBeat)
AppInit_DLLs-x32: C:\ProgramData\FlashBeat\FlashBeat32.dll => C:\ProgramData\FlashBeat\FlashBeat32.dll [839680 2015-05-11] (FlashBeat)
AppInit_DLLs-x32:  c:\progra~3\{7d2f9~1\1170~1.1\sidi.dll => c:\ProgramData\{7D2F95EC-2DAD-446A-9C2B-34E84CA9E766}\1.17.0.1\sidi.dll [778752 2015-05-12] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Universal Media Server.lnk [2014-10-16]
ShortcutTarget: Universal Media Server.lnk -> C:\Program Files (x86)\Universal Media Server\UMS.exe (Universal Media Server)
Startup: C:\Users\With\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\crossbrowse.lnk [2015-05-12]
ShortcutTarget: crossbrowse.lnk -> C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe (Crossbrowse)
Startup: C:\Users\With\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-01-11]
ShortcutTarget: Dropbox.lnk -> C:\Users\With\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\With\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Magic Mouse Utilities.lnk [2014-01-05]
ShortcutTarget: Magic Mouse Utilities.lnk -> C:\Program Files (x86)\Magic Mouse Utilities\MagicMouseUtilities.exe (AnimGraph)
Startup: C:\Users\With\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2014-02-08]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
Startup: C:\Users\With\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk [2015-05-12]
ShortcutTarget: SmartWeb.lnk -> C:\Users\With\AppData\Local\SmartWeb\SmartWebHelper.exe (SoftBrain Technologies Ltd.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:47574
ProxyEnable: [S-1-5-21-4145080920-3812403697-566172317-1000] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-4145080920-3812403697-566172317-1000] => http=127.0.0.1:53141;https=127.0.0.1:53141
HKU\S-1-5-21-4145080920-3812403697-566172317-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dregol.com/?f=1&a=drg_coinis_15_20&cd=2XzuyEtN2Y1L1Qzu0B0CyD0F0FyE0DtB0F0B0CyBzyzzyB0DtN0D0Tzu0StCtBtByBtN1L2XzutAtFtCtDtFtBtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StB0D0FyBzytCyDtAtGyC0E0CzytGtB0CtCyEtGyCyB0A0AtGyBtB0CtDtA0AyCtCyB0D0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtBzyzytC0B0FtAtGzzyCyC0BtGyE0DyDzztGzz0FtD0BtGtDtC0C0ByBtB0ByEzy0D0F0A2QtN0A0LzuyE&cr=1739365694&ir=
HKU\S-1-5-21-4145080920-3812403697-566172317-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> {31090377-0740-419E-BEFC-A56E50500D5B} URL =
SearchScopes: HKLM -> {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = http://www-searching.com/search.aspx?s=F5Dztutdk0001,0c6bc6c3-886d-400d-96fc-d5b1297c107f,&q={searchTerms}
SearchScopes: HKLM -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = http://www-searching.com/search.aspx?s=F5Dztutdk0001,0c6bc6c3-886d-400d-96fc-d5b1297c107f,&q={searchTerms}
SearchScopes: HKLM -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL =
SearchScopes: HKU\S-1-5-21-4145080920-3812403697-566172317-1000 -> DefaultScope {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = http://www-searching.com/search.aspx?s=F5Dztutdk0001,0c6bc6c3-886d-400d-96fc-d5b1297c107f,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4145080920-3812403697-566172317-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?pc=COSP&ptag=D051215-A52B2F7CC21764A3F97F&form=CONBDF&conlogo=CT3331976&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4145080920-3812403697-566172317-1000 -> {31090377-0740-419E-BEFC-A56E50500D5B} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=599486&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4145080920-3812403697-566172317-1000 -> {4D1769A7-E76A-40BB-BE0C-89A13F161E7C} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4145080920-3812403697-566172317-1000 -> {552C91AC-7AE8-4B8C-B3B4-ED69DCF148B5} URL = http://www.dregol.com/results.php?f=4&q={searchTerms}&a=drg_coinis_15_20&cd=2XzuyEtN2Y1L1Qzu0B0CyD0F0FyE0DtB0F0B0CyBzyzzyB0DtN0D0Tzu0StCtBtByBtN1L2XzutAtFtCtDtFtBtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StB0D0FyBzytCyDtAtGyC0E0CzytGtB0CtCyEtGyCyB0A0AtGyBtB0CtDtA0AyCtCyB0D0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtBzyzytC0B0FtAtGzzyCyC0BtGyE0DyDzztGzz0FtD0BtGtDtC0C0ByBtB0ByEzy0D0F0A2QtN0A0LzuyE&cr=1739365694&ir=
SearchScopes: HKU\S-1-5-21-4145080920-3812403697-566172317-1000 -> {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = http://www-searching.com/search.aspx?s=F5Dztutdk0001,0c6bc6c3-886d-400d-96fc-d5b1297c107f,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4145080920-3812403697-566172317-1000 -> {7F9E5B58-E834-4E03-8414-F34CF3DD8846} URL = http://www-searching.com/search.aspx?s=F5Dztutdk0001,0c6bc6c3-886d-400d-96fc-d5b1297c107f,&site=set&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4145080920-3812403697-566172317-1000 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = http://www-searching.com/search.aspx?s=F5Dztutdk0001,0c6bc6c3-886d-400d-96fc-d5b1297c107f,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4145080920-3812403697-566172317-1000 -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL = http://speedial.com/results.php?f=4&q={searchTerms}&a=spd_ir_14_25_ff&cd=2XzuyEtN2Y1L1Qzu0B0CyD0F0FyE0DtB0F0B0CyBzyzzyB0DtN0D0Tzu0SzytDtAtN1L2XzutBtFtBtCtFzytFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0C0BtAyC0Czy0CtGtCzz0C0BtGyB0CzztCtGtCtAtCyDtGyDtC0DyD0F0EyCtC0E0E0Dzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtDzzyD0F0D0AtDtG0EyE0EtCtGyD0E0EyDtG0EyB0EtCtGyByB0CtAtC0BzyyCtCtAzz0B2Q&cr=705253262&ir=
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-12-11] (Oracle Corporation)
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro64.dll [2015-05-03] (Goobzo Ltd.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-11] (Oracle Corporation)
BHO: YoutuBEAdiBlocckea -> {e74a6ea1-aa96-484a-b06b-fc0d5cdf51a3} -> C:\Program Files (x86)\YoutuBEAdiBlocckea\wAkYOIrF8czsBA.x64.dll No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25] (Oracle Corporation)
BHO-x32: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro.dll [2015-05-03] (Goobzo Ltd.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25] (Oracle Corporation)
BHO-x32: Crazy Score -> {f439aa7e-a2a0-4635-99a2-164180e848ca} -> C:\Program Files (x86)\Crazy Score\Extensions\f439aa7e-a2a0-4635-99a2-164180e848ca.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366
FF NewTab:
FF DefaultSearchEngine.US: Search Module
FF SelectedSearchEngine:
FF Homepage:
FF Keyword.URL: hxxp://www-searching.com/search.aspx?s=F5Dztutdk0001,0c6bc6c3-886d-400d-96fc-d5b1297c107f,&q=
FF NetworkProxy: "type", 5
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-05-06] ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-11] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-05-06] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-05-06] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-08-13] (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2011-02-21] (RocketLife, LLP)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-05-13] (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-05-13] (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files (x86)\Yahoo!\Common\npyaxmpb.dll [2007-03-09] (Yahoo! Inc.)
FF Plugin HKU\S-1-5-21-4145080920-3812403697-566172317-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\With\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-4145080920-3812403697-566172317-1000: @talk.google.com/O1DPlugin -> C:\Users\With\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-4145080920-3812403697-566172317-1000: @tools.google.com/Google Update;version=3 -> C:\Users\With\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-4145080920-3812403697-566172317-1000: @tools.google.com/Google Update;version=9 -> C:\Users\With\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-4145080920-3812403697-566172317-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\With\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-20] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\user.js [2015-05-13]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\With\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\With\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Extension: CinemaPlus-3.2cV12.05 - C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\Extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com [2015-05-12]
FF Extension: Ge-Force - C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\Extensions\TTSD90021300@PYDKGV101145942.com [2015-05-13]
FF Extension: Shopper-Pro - C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [2015-05-13]
FF Extension: FT DeepDark - C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2015-04-15]
FF Extension: Pin It Button - C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2014-12-31]
FF Extension: Pinterest Pin Button - C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\Extensions\{677a8f98-fd64-40b0-a883-b8c95d0cbf17}.xpi [2014-12-19]
FF Extension: Crazy Score - C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\Extensions\{6b0c9c8b-76e8-4048-b069-8376aa74be4b}.xpi [2015-05-12]
FF Extension: Adblock Plus - C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-19]
FF HKLM\...\Firefox\Extensions: [{5081D2D4-1637-404c-B74F-50526718257D}] - C:\Program Files\shopperz\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{5081D2D4-1637-404c-B74F-50526718257D}] - C:\Program Files\shopperz\Firefox
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HomePage: Default -> hxxp://www.dregol.com/?f=1&a=drg_coinis_15_20&cd=2XzuyEtN2Y1L1Qzu0B0CyD0F0FyE0DtB0F0B0CyBzyzzyB0DtN0D0Tzu0StCtBtByBtN1L2XzutAtFtCtDtFtBtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StB0D0FyBzytCyDtAtGyC0E0CzytGtB0CtCyEtGyCyB0A0AtGyBtB0CtDtA0AyCtCyB0D0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtBzyzytC0B0FtAtGzzyCyC0BtGyE0DyDzztGzz0FtD0BtGtDtC0C0ByBtB0ByEzy0D0F0A2QtN0A0LzuyE&cr=1739365694&ir=
CHR StartupUrls: Default -> "hxxp://www.dregol.com/?f=7&a=drg_coinis_15_20&cd=2XzuyEtN2Y1L1Qzu0B0CyD0F0FyE0DtB0F0B0CyBzyzzyB0DtN0D0Tzu0StCtBtByBtN1L2XzutAtFtCtDtFtBtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StB0D0FyBzytCyDtAtGyC0E0CzytGtB0CtCyEtGyCyB0A0AtGyBtB0CtDtA0AyCtCyB0D0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtBzyzytC0B0FtAtGzzyCyC0BtGyE0DyDzztGzz0FtD0BtGtDtC0C0ByBtB0ByEzy0D0F0A2QtN0A0LzuyE&cr=1739365694&ir=", "hxxp://www.google.com/"
CHR DefaultSearchKeyword: Default -> dregol.com
CHR DefaultSearchURL: Default -> http://www.dregol.com/results.php?f=4&q={searchTerms}&a=drg_coinis_15_20&cd=2XzuyEtN2Y1L1Qzu0B0CyD0F0FyE0DtB0F0B0CyBzyzzyB0DtN0D0Tzu0StCtBtByBtN1L2XzutAtFtCtDtFtBtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StB0D0FyBzytCyDtAtGyC0E0CzytGtB0CtCyEtGyCyB0A0AtGyBtB0CtDtA0AyCtCyB0D0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtBzyzytC0B0FtAtGzzyCyC0BtGyE0DyDzztGzz0FtD0BtGtDtC0C0ByBtB0ByEzy0D0F0A2QtN0A0LzuyE&cr=1739365694&ir=
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR Profile: C:\Users\With\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Angry Birds) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-01-05]
CHR Extension: (Google Docs) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-04]
CHR Extension: (Google Drive) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-04]
CHR Extension: (SteamPowered [aNTP]) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\apopkdkjmbfhmmohkhcbcnfipaiilkjb [2014-01-05]
CHR Extension: (YouTube) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-04]
CHR Extension: (Google Cast) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-01-05]
CHR Extension: (Add to Wish List) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced [2014-12-11]
CHR Extension: (Google Search) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-04]
CHR Extension: (Hover Hound) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\dogmhlelnjpjgahofccgbfnmojkmlfep [2014-01-05]
CHR Extension: (Google Calendar) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-01-05]
CHR Extension: (Box - 10GB of FREE storage) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl [2014-01-05]
CHR Extension: (Google Play Music) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2015-02-25]
CHR Extension: (ZenMate) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-06-18]
CHR Extension: (AdBlock) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-05]
CHR Extension: (Material For Chrome) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\gokahbgdhhcjfnjlfeiojfmgnoikpcco [2015-04-27]
CHR Extension: (Google Play Music) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2014-01-05]
CHR Extension: (Chrome to Mobile) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\idknbmbdnapjicclomlijcgfpikmndhd [2014-01-05]
CHR Extension: (dregol New Tab) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim [2015-05-12]
CHR Extension: (Digital Clock Widget [ANTP]) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikimcdcgajipgcoehakmgloecbaacmoj [2014-01-05]
CHR Extension: (Search Module Plus v2) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlcgehabolcakkjhgmgpkagpolbjlhfa [2015-05-13]
CHR Extension: (Evernote Web) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2014-01-05]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-01-04]
CHR Extension: (Google Maps) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-01-05]
CHR Extension: (Google Wallet) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-04]
CHR Extension: (CinemaPlus-3.2cV12.05) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp [2015-05-12]
CHR Extension: (PlayStation 9x Enhancement) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpalbmcifhnlcanklandgdbbibjkoem [2014-01-05]
CHR Extension: (Gmail) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-04]
CHR Extension: (Canvas Rider) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk [2014-01-05]
CHR HKLM\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4145080920-3812403697-566172317-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4145080920-3812403697-566172317-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jlcgehabolcakkjhgmgpkagpolbjlhfa] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4145080920-3812403697-566172317-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] - https://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome - chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
R2 ccEvtMgr; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [108392 2009-07-08] (Symantec Corporation)
R2 ccSetMgr; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [108392 2009-07-08] (Symantec Corporation)
R2 dopokyzu; C:\Users\With\AppData\Local\03000200-1431458587-0500-0006-000700080009\snsd65B7.tmp [144896 2015-05-12] () [File not signed]
R2 FindingDiscount; C:\Program Files (x86)\Windows Discount\FindingDiscount\FindingDiscount.exe [330240 2015-05-01] () [File not signed]
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [614624 2014-09-02] (Futuremark)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-27] (NVIDIA Corporation)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-05-13] (globalUpdate) [File not signed] <==== ATTENTION
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-05-13] (globalUpdate) [File not signed] <==== ATTENTION
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
R2 insvc_1.10.0.14; C:\Program Files (x86)\Infonaut_1.10.0.14\Service\insvc.exe [278600 2015-04-10] (Infonaut)
S3 LiveUpdate; C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_3.EXE [3093880 2009-07-13] (Symantec Corporation)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-27] (NVIDIA Corporation)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 qevyweby; C:\Users\With\AppData\Roaming\03000200-1431472796-0500-0006-000700080009\nsj1160.tmp [165888 2015-05-13] () [File not signed]
R2 qozyzuwu; C:\Users\With\AppData\Roaming\03000200-1431472796-0500-0006-000700080009\jnshA43A.tmp [231936 2015-05-12] () [File not signed]
R2 RuntimeManager; C:\Program Files (x86)\Windows NT\Accessories\RuntimeManager\runtimemanager.exe [101888 2015-05-01] () [File not signed]
R2 SmcService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe [3197256 2009-09-17] (Symantec Corporation)
R2 SMUpd; C:\Program Files\Common Files\Goobzo\GBUpdate\smu.exe [2834216 2015-05-11] (Search Module Ltd.)
S4 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE [411976 2009-09-17] (Symantec Corporation)
R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2346408 2015-05-03] (ShopperPro)
R2 Symantec AntiVirus; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe [2477304 2009-09-17] (Symantec Corporation)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2014-01-11] (Microsoft Corporation) [File not signed]
R2 WajaWebEnhance Service; C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\InternetEnhancerService.exe [691200 2015-05-06] () [File not signed]
S2 wbsvc; C:\PROGRAM FILES\WEBBAR\WBSVC.EXE [37144 2015-04-06] (Web Bar Media)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 zifurydy; C:\Users\With\AppData\Local\03000200-1431458573-0500-0006-000700080009\cnss2E54.tmp [268288 2015-05-12] () [File not signed]
S2 BrsHelper; C:\PROGRA~2\YTDOWN~1\BROWSE~2.EXE [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 applebmt; C:\Windows\System32\DRIVERS\applebmt.sys [52736 2011-06-02] (Apple Inc.)
S3 AsrDrv101; C:\Windows\SysWOW64\Drivers\AsrDrv101.sys [22280 2014-01-05] (ASRock Incorporation)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [34640 2012-08-09] (ASRock Inc.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-11-25] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-11-25] (Symantec Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-04-30] (Intel Corporation)
R1 innfd_1_10_0_14; C:\Windows\System32\drivers\innfd_1_10_0_14.sys [58224 2015-04-10] (Infonaut)
R2 IntelHaxm; C:\Windows\System32\DRIVERS\IntelHaxm.sys [84992 2014-11-18] (Intel  Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-01-19] ()
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [118504 2012-12-18] (Qualcomm Atheros Co., Ltd.)
R3 NAVENG; C:\ProgramData\Symantec\Definitions\VirusDefs\20150105.019\eng64.sys [129752 2014-08-11] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Symantec\Definitions\VirusDefs\20150105.019\ex64.sys [2137304 2014-08-11] (Symantec Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 SMUpdd; C:\Program Files\Common Files\Goobzo\GBUpdate\smw.sys [41632 2015-05-11] ()
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41624 2015-05-03] ()
R2 SPDRIVER_1.42.0.1828; C:\Program Files (x86)\ShopperPro\JSDriver\1.42.0.1828\jsdrv.sys [52376 2015-05-03] ()
R1 SRTSP; C:\Windows\System32\Drivers\SRTSP64.SYS [443952 2009-08-25] (Symantec Corporation)
R1 SRTSP; C:\Windows\SysWOW64\Drivers\SRTSP64.SYS [443952 2009-08-25] (Symantec Corporation)
S3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL64.SYS [481840 2009-08-25] (Symantec Corporation)
S3 SRTSPL; C:\Windows\SysWOW64\Drivers\SRTSPL64.SYS [481840 2009-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX64.SYS [32304 2009-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\SysWOW64\Drivers\SRTSPX64.SYS [32304 2009-08-25] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [172592 2014-01-05] (Symantec Corporation)
R3 Teefer2; C:\Windows\System32\DRIVERS\teefer2.sys [62512 2009-05-27] (Symantec Corporation)
R1 WPS; C:\Windows\system32\drivers\wpsdrvnt.sys [52784 2009-09-17] (Symantec Corporation)
R3 WpsHelper; C:\Windows\system32\drivers\WpsHelper.sys [233120 2012-11-14] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-13 20:10 - 2015-05-13 20:43 - 00043504 _____ () C:\Users\With\Desktop\FRST.txt
2015-05-13 20:06 - 2015-05-13 20:06 - 00000000 ____D () C:\Users\With\Desktop\FRST-OlderVersion
2015-05-13 19:54 - 2015-05-13 19:54 - 00343440 _____ () C:\Windows\Minidump\051315-9812-01.dmp
2015-05-13 19:49 - 2015-05-13 19:55 - 00002762 _____ () C:\Windows\Tasks\1f11eeea-4058-4835-96d3-31e180729d33-5_user.job
2015-05-13 19:49 - 2015-05-13 19:55 - 00002762 _____ () C:\Windows\Tasks\1f11eeea-4058-4835-96d3-31e180729d33-5.job
2015-05-13 19:49 - 2015-05-13 19:54 - 00003446 _____ () C:\Windows\Tasks\1f11eeea-4058-4835-96d3-31e180729d33-1-6.job
2015-05-13 19:49 - 2015-05-13 19:49 - 00006474 _____ () C:\Windows\System32\Tasks\1f11eeea-4058-4835-96d3-31e180729d33-1-6
2015-05-13 19:49 - 2015-05-13 19:49 - 00005792 _____ () C:\Windows\System32\Tasks\1f11eeea-4058-4835-96d3-31e180729d33-5
2015-05-13 19:48 - 2015-05-13 19:55 - 00004466 _____ () C:\Windows\Tasks\1f11eeea-4058-4835-96d3-31e180729d33-4.job
2015-05-13 19:48 - 2015-05-13 19:54 - 00005834 _____ () C:\Windows\Tasks\1f11eeea-4058-4835-96d3-31e180729d33-7.job
2015-05-13 19:48 - 2015-05-13 19:54 - 00005834 _____ () C:\Windows\Tasks\1f11eeea-4058-4835-96d3-31e180729d33-6.job
2015-05-13 19:48 - 2015-05-13 19:54 - 00003790 _____ () C:\Windows\Tasks\1f11eeea-4058-4835-96d3-31e180729d33-1-7.job
2015-05-13 19:48 - 2015-05-13 19:54 - 00002084 _____ () C:\Windows\Tasks\1f11eeea-4058-4835-96d3-31e180729d33-10_user.job
2015-05-13 19:48 - 2015-05-13 19:49 - 00006820 _____ () C:\Windows\System32\Tasks\1f11eeea-4058-4835-96d3-31e180729d33-1-7
2015-05-13 19:48 - 2015-05-13 19:49 - 00000000 ____D () C:\Program Files (x86)\Ge-Force
2015-05-13 19:48 - 2015-05-13 19:48 - 00008864 _____ () C:\Windows\System32\Tasks\1f11eeea-4058-4835-96d3-31e180729d33-7
2015-05-13 19:48 - 2015-05-13 19:48 - 00008862 _____ () C:\Windows\System32\Tasks\1f11eeea-4058-4835-96d3-31e180729d33-6
2015-05-13 19:48 - 2015-05-13 19:48 - 00007496 _____ () C:\Windows\System32\Tasks\1f11eeea-4058-4835-96d3-31e180729d33-4
2015-05-13 19:48 - 2015-05-13 19:48 - 00004504 _____ () C:\Windows\System32\Tasks\ShopperPro
2015-05-13 19:48 - 2015-05-13 19:48 - 00004228 _____ () C:\Windows\System32\Tasks\SPBIW_UpdateTask_Time_313735383037363438392d3437415a556c2a3223346c41
2015-05-13 19:48 - 2015-05-13 19:48 - 00003564 _____ () C:\Windows\System32\Tasks\ShopperProJSUpd
2015-05-13 19:48 - 2015-05-13 19:48 - 00003490 _____ () C:\Windows\System32\Tasks\SPDriver
2015-05-13 19:48 - 2015-05-13 19:48 - 00000000 ____D () C:\Users\Public\Documents\ShopperPro
2015-05-13 19:48 - 2015-05-13 19:48 - 00000000 ____D () C:\ProgramData\ShopperPro
2015-05-13 19:48 - 2015-05-13 19:48 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2015-05-13 19:48 - 2015-05-13 19:48 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2015-05-13 19:48 - 2015-05-13 19:48 - 00000000 ____D () C:\Program Files (x86)\3223e5b9-cdd3-4754-916f-8a7b31fab8a8
2015-05-13 19:46 - 2015-05-13 19:46 - 00000000 ____D () C:\Users\With\AppData\Local\gmsd_us_574
2015-05-13 19:46 - 2015-05-13 19:46 - 00000000 ____D () C:\Program Files (x86)\gmsd_us_574
2015-05-13 19:45 - 2015-05-13 19:54 - 00000328 _____ () C:\Windows\Tasks\LGICBV1.job
2015-05-13 19:45 - 2015-05-13 19:45 - 00003552 _____ () C:\Windows\System32\Tasks\LIBXXSJ
2015-05-13 19:45 - 2015-05-13 19:45 - 00002850 _____ () C:\Windows\System32\Tasks\LGICBV1
2015-05-13 19:45 - 2015-05-13 19:45 - 00000000 ____D () C:\ProgramData\cb7ea4a0b01f4c88a9315fc70a3584f8
2015-05-13 19:45 - 2015-05-13 19:45 - 00000000 ____D () C:\ProgramData\28341ff220e0446c9fff27c4493d622e
2015-05-13 19:43 - 2015-05-13 19:44 - 00002336 _____ () C:\Windows\patsearch.bin
2015-05-13 19:43 - 2015-05-13 19:43 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webTinstMKTN84_01009.Wdf
2015-05-13 19:43 - 2015-05-13 19:43 - 00000000 ____D () C:\Program Files (x86)\Infonaut_1.10.0.14
2015-05-13 19:42 - 2015-05-13 19:42 - 00003836 _____ () C:\Windows\System32\Tasks\Smp
2015-05-13 19:42 - 2015-05-13 19:42 - 00000000 ____D () C:\Users\With\AppData\Local\BrowserHelper
2015-05-13 19:42 - 2015-05-13 19:42 - 00000000 ____D () C:\Program Files (x86)\Mountain Bike
2015-05-13 19:41 - 2015-05-13 19:47 - 00003710 _____ () C:\Windows\System32\Tasks\Inst_Rep
2015-05-13 19:41 - 2015-05-13 19:41 - 00004234 _____ () C:\Windows\System32\Tasks\SMW_UpdateTask_Time_313735383037363438392d3437415a556c2a3223346c41
2015-05-13 19:41 - 2015-05-13 19:41 - 00003588 _____ () C:\Windows\System32\Tasks\SMWUpd
2015-05-13 19:41 - 2015-05-13 19:41 - 00000000 ____D () C:\Users\With\AppData\Local\CrashRpt
2015-05-13 19:41 - 2015-05-13 19:41 - 00000000 ____D () C:\ProgramData\SearchModule
2015-05-13 19:41 - 2015-05-13 19:41 - 00000000 ____D () C:\Program Files\Common Files\Goobzo
2015-05-12 19:46 - 2015-05-13 19:55 - 00002444 _____ () C:\Windows\Tasks\b4096e90-51f6-437f-be3e-7c1dca0a5779-5_user.job
2015-05-12 19:46 - 2015-05-13 19:55 - 00002444 _____ () C:\Windows\Tasks\b4096e90-51f6-437f-be3e-7c1dca0a5779-5.job
2015-05-12 19:46 - 2015-05-13 19:55 - 00001000 _____ () C:\Windows\Tasks\ST5oNoWE90BVieXe.job
2015-05-12 19:46 - 2015-05-13 19:55 - 00000992 _____ () C:\Windows\Tasks\F46tQTi5u8je.job
2015-05-12 19:46 - 2015-05-13 19:54 - 00004492 _____ () C:\Windows\Tasks\b4096e90-51f6-437f-be3e-7c1dca0a5779-4.job
2015-05-12 19:46 - 2015-05-13 19:54 - 00003472 _____ () C:\Windows\Tasks\b4096e90-51f6-437f-be3e-7c1dca0a5779-1-7.job
2015-05-12 19:46 - 2015-05-13 19:54 - 00003136 _____ () C:\Windows\Tasks\b4096e90-51f6-437f-be3e-7c1dca0a5779-1-6.job
2015-05-12 19:46 - 2015-05-12 19:46 - 00007522 _____ () C:\Windows\System32\Tasks\b4096e90-51f6-437f-be3e-7c1dca0a5779-4
2015-05-12 19:46 - 2015-05-12 19:46 - 00006502 _____ () C:\Windows\System32\Tasks\b4096e90-51f6-437f-be3e-7c1dca0a5779-1-7
2015-05-12 19:46 - 2015-05-12 19:46 - 00006164 _____ () C:\Windows\System32\Tasks\b4096e90-51f6-437f-be3e-7c1dca0a5779-1-6
2015-05-12 19:46 - 2015-05-12 19:46 - 00005474 _____ () C:\Windows\System32\Tasks\b4096e90-51f6-437f-be3e-7c1dca0a5779-5
2015-05-12 19:46 - 2015-05-12 19:46 - 00004022 _____ () C:\Windows\System32\Tasks\ST5oNoWE90BVieXe
2015-05-12 19:46 - 2015-05-12 19:46 - 00004014 _____ () C:\Windows\System32\Tasks\F46tQTi5u8je
2015-05-12 19:45 - 2015-05-13 19:59 - 00004492 _____ () C:\Windows\Tasks\b4096e90-51f6-437f-be3e-7c1dca0a5779-3.job
2015-05-12 19:45 - 2015-05-13 19:54 - 00005516 _____ () C:\Windows\Tasks\b4096e90-51f6-437f-be3e-7c1dca0a5779-6.job
2015-05-12 19:45 - 2015-05-13 19:54 - 00005180 _____ () C:\Windows\Tasks\b4096e90-51f6-437f-be3e-7c1dca0a5779-7.job
2015-05-12 19:45 - 2015-05-13 19:54 - 00002110 _____ () C:\Windows\Tasks\b4096e90-51f6-437f-be3e-7c1dca0a5779-10_user.job
2015-05-12 19:45 - 2015-05-13 19:54 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-05-12 19:45 - 2015-05-13 19:54 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-05-12 19:45 - 2015-05-13 19:52 - 00000900 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-05-12 19:45 - 2015-05-13 19:48 - 00003898 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2015-05-12 19:45 - 2015-05-13 19:48 - 00003644 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2015-05-12 19:45 - 2015-05-12 19:46 - 00000000 ____D () C:\Program Files (x86)\CinemaPlus-3.2cV12.05
2015-05-12 19:45 - 2015-05-12 19:45 - 00008544 _____ () C:\Windows\System32\Tasks\b4096e90-51f6-437f-be3e-7c1dca0a5779-6
2015-05-12 19:45 - 2015-05-12 19:45 - 00008210 _____ () C:\Windows\System32\Tasks\b4096e90-51f6-437f-be3e-7c1dca0a5779-7
2015-05-12 19:45 - 2015-05-12 19:45 - 00007522 _____ () C:\Windows\System32\Tasks\b4096e90-51f6-437f-be3e-7c1dca0a5779-3
2015-05-12 19:45 - 2015-05-12 19:45 - 00000000 ____D () C:\Users\With\AppData\Local\globalUpdate
2015-05-12 19:45 - 2015-05-12 19:45 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2015-05-12 19:45 - 2015-05-12 19:45 - 00000000 ____D () C:\Program Files (x86)\86583d2e-7ff4-4b9c-83ad-6b374a1be126
2015-05-12 19:44 - 2015-05-12 19:44 - 00000000 ____D () C:\ProgramData\d2cc227e00001c9b
2015-05-12 19:42 - 2015-05-12 19:56 - 00003430 _____ () C:\Windows\System32\Tasks\NetEngine
2015-05-12 19:42 - 2015-05-12 19:42 - 00000000 ____D () C:\ProgramData\NetEngine
2015-05-12 19:39 - 2015-05-13 19:54 - 00001054 _____ () C:\Windows\Tasks\Crossbrowse.job
2015-05-12 19:39 - 2015-05-12 19:45 - 00004084 _____ () C:\Windows\System32\Tasks\Crossbrowse
2015-05-12 19:39 - 2015-05-12 19:45 - 00002394 _____ () C:\Users\Public\Desktop\Crossbrowse.lnk
2015-05-12 19:39 - 2015-05-12 19:45 - 00002257 _____ () C:\Users\Public\Desktop\Reddit.lnk
2015-05-12 19:39 - 2015-05-12 19:39 - 00000000 ____D () C:\Users\With\AppData\Local\Crossbrowse
2015-05-12 19:39 - 2015-05-12 19:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse
2015-05-12 19:38 - 2015-05-12 19:38 - 00000000 ____D () C:\Program Files (x86)\Crossbrowse
2015-05-12 19:37 - 2015-05-12 19:43 - 00000000 ____D () C:\Users\With\AppData\Local\WebBar
2015-05-12 19:37 - 2015-05-12 19:37 - 00003784 _____ () C:\Windows\System32\Tasks\WebBarUpdateTask
2015-05-12 19:37 - 2015-05-12 19:37 - 00003260 _____ () C:\Windows\System32\Tasks\WebBarLaunchTask
2015-05-12 19:37 - 2015-05-12 19:37 - 00000000 ____D () C:\ProgramData\InstallSightSDK
2015-05-12 19:37 - 2015-05-12 19:37 - 00000000 ____D () C:\Program Files\WebBar
2015-05-12 19:33 - 2015-05-12 19:46 - 00000000 ____D () C:\Program Files (x86)\Edu App
2015-05-12 19:32 - 2015-05-13 19:57 - 00000000 ____D () C:\Users\With\AppData\Local\gmsd_us_558
2015-05-12 19:32 - 2015-05-13 19:45 - 00000000 ____D () C:\ProgramData\FlashBeat
2015-05-12 19:32 - 2015-05-12 19:45 - 00000000 ____D () C:\Program Files (x86)\gmsd_us_558
2015-05-12 19:32 - 2015-05-12 19:32 - 00000000 ____D () C:\Users\With\AppData\Local\SmartWeb
2015-05-12 19:25 - 2015-05-12 19:25 - 00000000 ____D () C:\Users\With\AppData\Roaming\One System Care
2015-05-12 19:23 - 2015-05-13 19:59 - 00000000 ____D () C:\Users\With\AppData\Local\03000200-1431458587-0500-0006-000700080009
2015-05-12 19:22 - 2015-05-12 19:22 - 00000000 ____D () C:\Users\With\AppData\Local\03000200-1431458573-0500-0006-000700080009
2015-05-12 19:20 - 2015-05-13 20:14 - 00000274 _____ () C:\Windows\Tasks\One System CareStartUp.job
2015-05-12 19:20 - 2015-05-13 19:44 - 00000000 ____D () C:\Program Files (x86)\Spyware Clear
2015-05-12 19:20 - 2015-05-12 19:51 - 00000274 _____ () C:\Windows\Tasks\One System CarePeriod.job
2015-05-12 19:20 - 2015-05-12 19:20 - 00003304 _____ () C:\Windows\System32\Tasks\One System Care Run Delay
2015-05-12 19:20 - 2015-05-12 19:20 - 00003238 _____ () C:\Windows\System32\Tasks\One System Care Monitor
2015-05-12 19:20 - 2015-05-12 19:20 - 00002848 _____ () C:\Windows\System32\Tasks\One System CarePeriod
2015-05-12 19:20 - 2015-05-12 19:20 - 00002546 _____ () C:\Windows\System32\Tasks\One System CareStartUp
2015-05-12 19:20 - 2015-05-12 19:20 - 00001067 _____ () C:\Users\Public\Desktop\Launch One System Care.lnk
2015-05-12 19:20 - 2015-05-12 19:20 - 00000000 ____D () C:\Users\With\AppData\Roaming\OpenSoftwareUpdater
2015-05-12 19:20 - 2015-05-12 19:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneSystemCare
2015-05-12 19:20 - 2015-05-12 19:20 - 00000000 ____D () C:\Program Files (x86)\OneSystemCare
2015-05-12 19:19 - 2015-05-13 17:52 - 00000000 ____D () C:\Users\With\AppData\Roaming\03000200-1431472796-0500-0006-000700080009
2015-05-12 19:19 - 2015-05-12 19:19 - 00000000 ____D () C:\Users\With\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2015-05-12 19:19 - 2015-05-12 19:19 - 00000000 ____D () C:\ProgramData\Windows Discount
2015-05-12 19:19 - 2015-05-12 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaWebEnhance
2015-05-12 19:19 - 2015-05-12 19:19 - 00000000 ____D () C:\Program Files (x86)\Windows Discount
2015-05-12 19:19 - 2015-05-12 19:19 - 00000000 ____D () C:\Program Files (x86)\WajaWebEnhance
2015-05-12 19:19 - 2015-05-12 19:19 - 00000000 ____D () C:\Program Files (x86)\Wajam
2015-05-12 19:18 - 2015-05-13 19:58 - 00000000 ____D () C:\Program Files (x86)\OpenSoftwareUpdater
2015-05-12 19:18 - 2015-05-12 19:51 - 00002888 _____ () C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
2015-05-12 19:18 - 2015-05-12 19:51 - 00002888 _____ () C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-05-12 19:18 - 2015-05-12 19:18 - 00000000 ____D () C:\Users\With\AppData\Local\Chromium
2015-05-12 19:18 - 2015-05-12 19:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-05-12 19:18 - 2015-04-30 10:50 - 00429392 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2015-05-12 19:18 - 2015-04-30 10:50 - 00347976 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
2015-05-12 19:17 - 2015-05-13 20:17 - 00000288 _____ () C:\Windows\Tasks\Run_dregol.job
2015-05-12 19:17 - 2015-05-12 19:17 - 00004104 _____ () C:\Windows\System32\Tasks\Dregol sidi
2015-05-12 19:17 - 2015-05-12 19:17 - 00003224 _____ () C:\Windows\System32\Tasks\Run_dregol
2015-05-12 19:17 - 2015-05-12 19:17 - 00000000 ____D () C:\Users\With\AppData\Roaming\Run_dregol
2015-05-12 19:17 - 2015-05-12 19:17 - 00000000 ____D () C:\ProgramData\{7D2F95EC-2DAD-446A-9C2B-34E84CA9E766}
2015-05-12 19:17 - 2015-05-12 19:17 - 00000000 ____D () C:\Program Files (x86)\Run_Dregol
2015-05-11 20:05 - 2015-05-11 20:13 - 00000000 ____D () C:\Users\With\Downloads\Silicon.Valley.S02E04.HDTV.x264-ASAP[ettv]
2015-05-11 20:05 - 2015-05-11 20:10 - 00000000 ____D () C:\Users\With\Downloads\Silicon.Valley.S02E05.HDTV.x264-ASAP[ettv]
2015-05-11 20:04 - 2015-05-11 20:04 - 00015793 _____ () C:\Users\With\Downloads\[kickass.to]silicon.valley.s02e05.hdtv.x264.asap.ettv.torrent
2015-05-11 20:04 - 2015-05-11 20:04 - 00014976 _____ () C:\Users\With\Downloads\[kickass.to]silicon.valley.s02e04.hdtv.x264.asap.ettv.torrent
2015-05-11 20:03 - 2015-05-11 20:04 - 00000000 ____D () C:\Users\With\Downloads\Game.of.Thrones.S05E05.HDTV.x264-ASAP[ettv]
2015-05-11 20:03 - 2015-05-11 20:03 - 00024905 _____ () C:\Users\With\Downloads\[kickass.to]game.of.thrones.s05e05.hdtv.x264.asap.ettv.torrent
2015-05-10 19:56 - 2015-05-10 19:56 - 00000000 ____D () C:\Users\With\AppData\Roaming\3242
2015-05-08 16:50 - 2015-05-08 16:50 - 00000000 ____D () C:\Users\With\AppData\Local\openvr
2015-04-27 20:00 - 2015-04-27 20:09 - 00000000 ____D () C:\Users\With\Downloads\Silicon.Valley.S02E03.HDTV.x264-KILLERS[ettv]
2015-04-27 20:00 - 2015-04-27 20:07 - 00000000 ____D () C:\Users\With\Downloads\Silicon.Valley.S02E02.HDTV.x264-ASAP[ettv]
2015-04-26 09:03 - 2015-04-08 16:32 - 00560968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-04-26 09:02 - 2015-04-08 20:58 - 31570064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 30397072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 25375048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 24053576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 15716232 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 14006752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 12852784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 11380728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 10423952 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-04-26 09:02 - 2015-04-08 20:58 - 02896528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 02573456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 01895568 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435012.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435012.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 01086424 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 01047368 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 01037640 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 00970568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 00962192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 00927440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 00499344 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 00402576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 00346256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-04-23 20:18 - 2015-04-23 20:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-20 10:05 - 2015-04-20 10:05 - 01579520 _____ () C:\Users\With\AppData\Roaming\F46tQTi5u8je.exe
2015-04-20 10:05 - 2015-04-20 10:05 - 01246720 _____ () C:\Users\With\AppData\Roaming\ST5oNoWE90BVieXe.exe
2015-04-19 12:01 - 2015-04-19 12:03 - 00000000 ____D () C:\Users\With\Downloads\Silicon.Valley.S02E01.HDTV.x264-ASAP[ettv]
2015-04-19 08:20 - 2015-04-19 08:20 - 00005872 _____ () C:\Users\With\AppData\Roaming\F46tQTi5u8je
2015-04-14 12:28 - 2015-04-14 12:28 - 00004387 _____ () C:\Users\With\AppData\Roaming\ST5oNoWE90BVieXe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-13 20:43 - 2014-12-19 15:35 - 00000000 ____D () C:\FRST
2015-05-13 20:41 - 2014-07-12 08:16 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4145080920-3812403697-566172317-1000UA.job
2015-05-13 20:34 - 2015-01-04 14:14 - 00000000 ___RD () C:\Users\With\Google Drive
2015-05-13 20:16 - 2014-01-04 15:22 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-13 20:06 - 2014-12-19 16:02 - 02104832 _____ (Farbar) C:\Users\With\Desktop\FRST64.exe
2015-05-13 20:05 - 2014-12-19 16:01 - 00000000 ____D () C:\Users\With\Downloads\Fubar Recovery
2015-05-13 20:01 - 2009-07-14 00:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-13 20:01 - 2009-07-14 00:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-13 20:00 - 2009-07-14 01:13 - 00785234 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-13 19:59 - 2014-01-05 00:03 - 00001583 _____ () C:\Users\With\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-13 19:59 - 2014-01-04 15:26 - 00001329 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-13 19:58 - 2014-01-05 03:00 - 01847449 _____ () C:\Windows\WindowsUpdate.log
2015-05-13 19:55 - 2014-10-16 21:48 - 00000000 ____D () C:\ProgramData\UMS
2015-05-13 19:55 - 2014-01-11 11:47 - 00000000 ___RD () C:\Users\With\Dropbox
2015-05-13 19:55 - 2014-01-11 11:47 - 00000000 ____D () C:\Users\With\AppData\Roaming\Dropbox
2015-05-13 19:55 - 2014-01-05 20:41 - 00000063 _____ () C:\Users\With\AppData\Roaming\Magic Mouse Utilities.ini
2015-05-13 19:55 - 2014-01-04 15:22 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-13 19:54 - 2014-08-07 07:26 - 870324916 _____ () C:\Windows\MEMORY.DMP
2015-05-13 19:54 - 2014-08-07 07:26 - 00000000 ____D () C:\Windows\Minidump
2015-05-13 19:54 - 2014-01-12 15:02 - 00000000 ____D () C:\Temp
2015-05-13 19:54 - 2014-01-04 15:39 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-13 19:54 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-13 19:54 - 2009-07-14 00:51 - 00103348 _____ () C:\Windows\setupact.log
2015-05-13 19:52 - 2010-11-20 23:47 - 00032558 _____ () C:\Windows\PFRO.log
2015-05-13 19:50 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-05-13 19:48 - 2014-12-11 22:16 - 00000000 ____D () C:\Program Files (x86)\Add to Wish List
2015-05-13 19:46 - 2015-01-31 12:14 - 00000336 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job
2015-05-12 23:41 - 2014-07-12 08:16 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4145080920-3812403697-566172317-1000Core.job
2015-05-12 19:51 - 2009-07-14 00:45 - 00417296 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-12 19:45 - 2014-01-05 17:48 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-05-12 19:25 - 2014-01-04 15:10 - 00111696 _____ () C:\Users\With\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-12 18:35 - 2014-01-11 11:47 - 00000000 ____D () C:\Users\With\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-05-12 18:33 - 2014-01-11 10:45 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-05-11 20:02 - 2014-02-20 22:01 - 00000000 ____D () C:\Users\With\Documents\DVDFab9
2015-05-08 06:18 - 2015-01-04 13:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-05-06 18:08 - 2014-01-09 09:13 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-06 18:08 - 2014-01-09 09:13 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-06 18:07 - 2014-01-04 15:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-03 14:56 - 2014-03-02 10:56 - 00000000 ____D () C:\Users\With\AppData\Local\Paint.NET
2015-04-30 08:09 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-04-26 09:03 - 2014-01-04 15:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-04-26 09:02 - 2014-01-04 15:36 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-04-21 11:42 - 2014-01-04 15:26 - 00000000 ____D () C:\Users\With\AppData\Roaming\Mozilla

==================== Files in the root of some directories =======

2015-04-19 08:20 - 2015-04-19 08:20 - 0005872 _____ () C:\Users\With\AppData\Roaming\F46tQTi5u8je
2015-04-20 10:05 - 2015-04-20 10:05 - 1579520 _____ () C:\Users\With\AppData\Roaming\F46tQTi5u8je.exe
2014-01-05 20:41 - 2015-05-13 19:55 - 0000063 _____ () C:\Users\With\AppData\Roaming\Magic Mouse Utilities.ini
2015-04-14 12:28 - 2015-04-14 12:28 - 0004387 _____ () C:\Users\With\AppData\Roaming\ST5oNoWE90BVieXe
2015-04-20 10:05 - 2015-04-20 10:05 - 1246720 _____ () C:\Users\With\AppData\Roaming\ST5oNoWE90BVieXe.exe
2014-10-16 21:28 - 2014-10-16 21:28 - 0003584 _____ () C:\Users\With\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-04 15:10 - 2014-01-04 15:10 - 0000003 _____ () C:\Users\With\AppData\Local\user_data.ini
2014-01-05 21:36 - 2014-01-05 21:36 - 0000057 _____ () C:\ProgramData\Ament.ini

Some content of TEMP:
====================
C:\Users\With\AppData\Local\Temp\6922.exe
C:\Users\With\AppData\Local\Temp\8135.exe
C:\Users\With\AppData\Local\Temp\8153.exe
C:\Users\With\AppData\Local\Temp\90E0288A-4DCF-07E0-6397-BC7246C4123C.exe
C:\Users\With\AppData\Local\Temp\C4810D25-29C9-B176-8369-77630CBF9544.dll
C:\Users\With\AppData\Local\Temp\C4810D25-29C9-B176-8369-77630CBF9544.exe
C:\Users\With\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphtoica.dll
C:\Users\With\AppData\Local\Temp\jna7734475573608545954.dll
C:\Users\With\AppData\Local\Temp\mVOA469.exe
C:\Users\With\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\With\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\With\AppData\Local\Temp\nvStInst.exe
C:\Users\With\AppData\Local\Temp\optprosetup.exe
C:\Users\With\AppData\Local\Temp\tu17p84.exe
C:\Users\With\AppData\Local\Temp\Uninstall.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-06 19:54

==================== End Of Log ============================

 

 

Here is the Additional Log:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-05-2015 01
Ran by With at 2015-05-13 20:43:16
Running from C:\Users\With\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4145080920-3812403697-566172317-500 - Administrator - Disabled)
Guest (S-1-5-21-4145080920-3812403697-566172317-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4145080920-3812403697-566172317-1004 - Limited - Enabled)
With (S-1-5-21-4145080920-3812403697-566172317-1000 - Administrator - Enabled) => C:\Users\With

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Symantec Endpoint Protection (Enabled - Out of date) {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Symantec Endpoint Protection (Enabled - Out of date) {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Symantec Endpoint Protection (Enabled) {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DMark Demo (HKLM-x32\...\Steam App 231350) (Version:  - Futuremark)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASRock XFast RAM v2.0.28 (HKLM\...\ASRock XFast RAM_is1) (Version:  - ASRock Inc.)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.3.9.2 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.3.9.2 - ASUSTek COMPUTER INC.) Hidden
A-Tuning v1.0.19 (HKLM-x32\...\A-Tuning_is1) (Version: 1.0.19 - )
AviSynth (HKLM-x32\...\AviSynth) (Version: 2.6.0 MT - )
AVS Video Converter 9.1 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 9.1.1.568 - Online Media Technologies Ltd.)
Big Brainz Home (HKLM-x32\...\Big Brainz Home 2.0.1) (Version: 2.0.1 - Big Brainz)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CinemaPlus-3.2cV12.05 (HKLM-x32\...\CinemaPlus-3.2cV12.05) (Version: 1.36.01.22 - Cinema PlusV12.05) <==== ATTENTION
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Crossbrowse (HKLM-x32\...\Crossbrowse) (Version: 39.5.2171.95 - The Crossbrowse Authors) <==== ATTENTION!
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.88 - DivX, LLC)
Dregol (HKU\S-1-5-21-4145080920-3812403697-566172317-1000\...\Chromium) (Version: 44.0.2397.0 - Chromium)
Dropbox (HKU\S-1-5-21-4145080920-3812403697-566172317-1000\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
DVDFab 9.1.2.8 (19/02/2014) (HKLM-x32\...\DVDFab 9_is1) (Version:  - Fengtao Software Inc.)
FindingDiscount (HKLM-x32\...\FindingDiscount) (Version:  - )
FlashBeat (HKLM-x32\...\FlashBeat) (Version:  - ) <==== ATTENTION!
FLV Player (HKU\S-1-5-21-4145080920-3812403697-566172317-1000\...\FLV Player) (Version: 1.1 - Somoto Ltd.) <==== ATTENTION
Futuremark SystemInfo (HKLM-x32\...\{E114E635-F06E-43B4-A800-74A22536B1B0}) (Version: 4.30.472.0 - Futuremark)
GamesDesktop 025.558 (HKLM-x32\...\gmsd_us_558_is1) (Version:  - GAMESDESKTOP) <==== ATTENTION
GamesDesktop 025.574 (HKLM-x32\...\gmsd_us_574_is1) (Version:  - GAMESDESKTOP) <==== ATTENTION
Ge-Force (HKLM-x32\...\Ge-Force) (Version: 1.36.01.22 - Webar) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Drive (HKLM-x32\...\{35574F09-89F9-4B16-B69B-64F3E25901B8}) (Version: 1.21.9226.6034 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
HP ENVY 110 series Basic Device Software (HKLM\...\{9EDA8125-D287-4AD1-BE32-6B105A275645}) (Version: 25.0.622.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.16432 - HP)
iCloud (HKLM\...\{6096C0CC-7E19-4355-87F0-627EC5AA146D}) (Version: 4.0.3.56 - Apple Inc.)
Infonaut 1.10.0.14 (HKLM-x32\...\Infonaut_1.10.0.14) (Version: 1.10.0.14 - Infonaut)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.102 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{ECCB31F5-435D-4F37-A98D-5854D3C62718}) (Version: 1.1.1 - Intel Corporation)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
Java™ SE Development Kit 6 Update 24 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160240}) (Version: 1.6.0.240 - Oracle)
LiveUpdate 3.3 (Symantec Corporation) (HKLM-x32\...\LiveUpdate) (Version: 3.3.0.92 - Symantec Corporation)
Magic Mouse Utilities version 1.1 (HKLM-x32\...\{F659CE9D-CA4B-43AA-8C32-D523CD955494}_is1) (Version: 1.1 - AnimGraph)
Menu Operating System (HKLM-x32\...\ConvertAd) (Version: 1.0.0.0 - Menu Operating System) <==== ATTENTION
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.2 (HKLM-x32\...\{06C90FCC-4C95-4142-A0AF-D3A4C12882DE}_is1) (Version: 1.2 - Sam Rodberg)
mkv2vob (HKLM-x32\...\{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}) (Version: 2.4.9 - 3r1c)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{759E6A2F-1F01-45EF-A0C4-22F1B56CB975}) (Version: 6.3.0 - Motorola Mobility LLC)
Mozilla Firefox 37.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Music Manager (HKU\S-1-5-21-4145080920-3812403697-566172317-1000\...\MusicManager) (Version:  - Google, Inc.)
NVIDIA 3D Vision Controller Driver 349.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 349.95 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Graphics Driver 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
One System Care (HKLM-x32\...\OneSystemCare) (Version: 2.00.00.1 - OneSystemCare)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PS3 Media Server-SHB (HKLM-x32\...\PS3 Media Server-SHB) (Version: 1.52.2-SHB43 - PS3 Media Server)
qBittorrent 3.1.9.2 (HKLM-x32\...\qbittorrent) (Version: 3.1.9.2 - The qBittorrent project)
Qualcomm Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.2 beta r2326 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
Remote Desktop Access (VuuPC) (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - CMI Limited) <==== ATTENTION
Run_Dregol (HKLM-x32\...\Run_Dregol) (Version:  - Run_Dregol)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.450.0 - SAMSUNG Electronics Co., Ltd.)
Search module (HKLM-x32\...\Search module) (Version:  - Goobzo)
Sharepod 4.0.1.1 (HKLM-x32\...\{085BCFB8-F6FB-4600-AFAB-1F6DBC7F5F99}_is1) (Version:  - Macroplant LLC)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Shopper-Pro (HKLM-x32\...\ShopperPro) (Version:  - ) <==== ATTENTION
SmartWeb (HKLM-x32\...\SmartWeb) (Version: 8.0.9 - SoftBrain Technologies Ltd.) <==== ATTENTION
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Subtract Desktop Printer (HKLM-x32\...\SoftwareUpdater) (Version: 1.0.0.0 - Subtract Desktop Printer)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Symantec Endpoint Protection (HKLM\...\{530992D4-DDBA-4F68-8B0D-FF50AC57531B}) (Version: 11.0.5002.333 - Symantec Corporation)
Tag&Rename 3.8 (HKLM-x32\...\Tag&Rename_is1) (Version: 3.8 - Softpointer Inc)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
The Old Tree (HKLM-x32\...\Steam App 346250) (Version:  - Red Dwarf Games)
The Stanley Parable Demo (HKLM-x32\...\Steam App 247750) (Version:  - Galactic Cafe)
Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}) (Version: 1.01 - Ubisoft)
Unity Web Player (HKU\S-1-5-21-4145080920-3812403697-566172317-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Universal Media Server (HKLM-x32\...\Universal Media Server) (Version: 5.0.1 - Universal Media Server)
Uplay (HKLM-x32\...\Uplay) (Version: 4.2 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Wajam (HKLM-x32\...\WajaWebEnhance) (Version: 2.31.2.12 (i2.6) - WajaWebEnhance) <==== ATTENTION
Web Bar 2.0.5574.22315 (HKLM\...\{0BCE8B0A-1E76-44E5-9909-3CF804D92E4D}_is1) (Version: 2.0.5574.22315 - Web Bar Media) <==== ATTENTION!
Windows Driver Package - Apple Inc. Apple Wireless Mouse (06/01/2011 4.0.0.1) (HKLM\...\D088EE4BD2819FBA2B349EF9D55176F223419BE6) (Version: 06/01/2011 4.0.0.1 - Apple Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4145080920-3812403697-566172317-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\With\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4145080920-3812403697-566172317-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\With\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4145080920-3812403697-566172317-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\With\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-4145080920-3812403697-566172317-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\With\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4145080920-3812403697-566172317-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4145080920-3812403697-566172317-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4145080920-3812403697-566172317-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4145080920-3812403697-566172317-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4145080920-3812403697-566172317-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4145080920-3812403697-566172317-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4145080920-3812403697-566172317-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4145080920-3812403697-566172317-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4145080920-3812403697-566172317-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points  =========================

12-05-2015 19:18:30 LavasoftWeCompanion
13-05-2015 19:38:20 LavasoftWeCompanion

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {03CC5233-CEDC-4076-B952-062EDA866339} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-04] (Google Inc.)
Task: {0ACCBB15-5456-449C-9E84-0AB5A3949EBE} - System32\Tasks\Inst_Rep => C:\Users\With\AppData\Local\Installer\Install_17228\DCytdkietut_tutdk_setup.exe [2015-05-13] ()
Task: {0D533FAF-2644-4989-BAA8-5B8A5552E5C9} - System32\Tasks\One System CarePeriod => C:\Program Files (x86)\OneSystemCare\OneSystemCare.exe [2015-05-04] ()
Task: {0EA53CA8-303D-4851-9059-12AB41D43BC6} - System32\Tasks\b4096e90-51f6-437f-be3e-7c1dca0a5779-1-6 => C:\Program Files (x86)\CinemaPlus-3.2cV12.05\b4096e90-51f6-437f-be3e-7c1dca0a5779-1-6.exe [2015-05-12] (Cinema PlusV12.05) <==== ATTENTION
Task: {111A7ACC-947F-4CD6-9A66-04D0FD0D521F} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-05-13] (globalUpdate) <==== ATTENTION
Task: {12203194-9AD1-4194-B548-34A948396CEF} - System32\Tasks\LIBXXSJ => C:\ProgramData\cb7ea4a0b01f4c88a9315fc70a3584f8\cb7ea4a0b01f4c88a9315fc70a3584f8.exe [2015-05-11] ()
Task: {18EFFBB4-1EEB-47D6-AD6E-6713B5E16AD1} - System32\Tasks\1f11eeea-4058-4835-96d3-31e180729d33-5 => C:\Program Files (x86)\Ge-Force\1f11eeea-4058-4835-96d3-31e180729d33-5.exe [2015-05-13] (Webar) <==== ATTENTION
Task: {1C32CA41-69F3-4629-B075-B85C687A35DE} - System32\Tasks\{95AE6B30-7113-4FAA-96B0-9F8F11C001F9} => pcalua.exe -a C:\Users\With\Downloads\iPodResetUtilitySetup.exe -d C:\Users\With\Downloads
Task: {2E396D3E-023E-4DF0-A9B2-D43AF9EB240C} - System32\Tasks\LGICBV1 => C:\ProgramData\FlashBeat\FlashBeat.exe [2015-05-11] (FlashBeat)
Task: {32DCBB0F-4E34-42AF-B6A1-C7472F79EEDC} - System32\Tasks\WebBarUpdateTask => C:\PROGRAM FILES\WEBBAR\WBSVC.EXE [2015-04-06] (Web Bar Media)
Task: {346C8A18-60CE-4C5E-9332-C2408353552D} - System32\Tasks\ST5oNoWE90BVieXe => C:\Users\With\AppData\Roaming\ST5oNoWE90BVieXe.exe [2015-04-20] () <==== ATTENTION
Task: {351F51C2-E01D-429B-AD13-320C6A234CAE} - System32\Tasks\SPDriver => C:\Program Files (x86)\ShopperPro\JSDriver\1.42.0.1828\jsdrv.exe [2015-05-03] () <==== ATTENTION
Task: {41DC0184-4A31-41E4-926A-CF38C1190769} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4145080920-3812403697-566172317-1000Core => C:\Users\With\AppData\Local\Google\Update\GoogleUpdate.exe [2014-07-12] (Google Inc.)
Task: {43BB70D5-070D-42AE-BDC2-AFF186947FE0} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2015-01-31] ()
Task: {4830487C-737A-4631-88FD-886E626FAE05} - System32\Tasks\Crossbrowse => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe [2015-05-12] () <==== ATTENTION
Task: {4D7272D8-7B93-4958-92DB-637B65D2D675} - System32\Tasks\SMW_UpdateTask_Time_313735383037363438392d3437415a556c2a3223346c41 => Wscript.exe //B "C:\ProgramData\SearchModule\smhe.js" smu.exe /invoke /f:check_services /l:0 <==== ATTENTION
Task: {5243A658-433C-4CF6-9329-8BD515C83869} - System32\Tasks\1f11eeea-4058-4835-96d3-31e180729d33-7 => C:\Program Files (x86)\Ge-Force\1f11eeea-4058-4835-96d3-31e180729d33-7.exe [2015-05-13] (Webar) <==== ATTENTION
Task: {5370896F-EF6B-43EB-BE2F-D335A0CBA023} - System32\Tasks\1f11eeea-4058-4835-96d3-31e180729d33-6 => C:\Program Files (x86)\Ge-Force\1f11eeea-4058-4835-96d3-31e180729d33-6.exe [2015-05-13] (Webar) <==== ATTENTION
Task: {56A19C19-4428-4AAF-A635-936FD501B520} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-04] (Google Inc.)
Task: {59BB5A95-1CA2-4414-90BF-87DDAEFB5339} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4145080920-3812403697-566172317-1000UA => C:\Users\With\AppData\Local\Google\Update\GoogleUpdate.exe [2014-07-12] (Google Inc.)
Task: {5C07B361-BA82-47C3-B1E2-7CCC050A41A9} - System32\Tasks\b4096e90-51f6-437f-be3e-7c1dca0a5779-4 => C:\Program Files (x86)\CinemaPlus-3.2cV12.05\b4096e90-51f6-437f-be3e-7c1dca0a5779-4.exe [2015-05-12] (Cinema PlusV12.05) <==== ATTENTION
Task: {6134844F-3B2D-4E54-BC75-2A9A6EEBEDA1} - System32\Tasks\One System Care Run Delay => C:\Program Files (x86)\OneSystemCare\OneSystemCare.exe [2015-05-04] ()
Task: {64EBA476-1651-4799-A9F8-43BC0146E764} - System32\Tasks\One System Care Monitor => C:\Program Files (x86)\OneSystemCare\CleanupConsole.exe [2015-05-04] ()
Task: {66E36F27-01BD-4B12-BFAC-CF3163ED24C8} - System32\Tasks\One System CareStartUp => C:\Program Files (x86)\OneSystemCare\OneSystemCare.exe [2015-05-04] ()
Task: {70297AA3-539A-4D61-B711-5CCBB2376353} - System32\Tasks\1f11eeea-4058-4835-96d3-31e180729d33-10_user => C:\Program Files (x86)\Ge-Force\1f11eeea-4058-4835-96d3-31e180729d33-10.exe [2015-05-13] (Webar) <==== ATTENTION
Task: {785EF48B-A178-48FC-B5E2-85350999631C} - System32\Tasks\SMWUpd => C:\Program Files\Common Files\Goobzo\GBUpdate\updater.exe [2015-05-11] (Goobzo) <==== ATTENTION
Task: {846E1A83-7AA1-4500-9ED4-071FD4C1A791} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-05-13] (globalUpdate) <==== ATTENTION
Task: {8A52A8F3-3800-409D-A112-DBB9C08FCB36} - System32\Tasks\b4096e90-51f6-437f-be3e-7c1dca0a5779-1-7 => C:\Program Files (x86)\CinemaPlus-3.2cV12.05\b4096e90-51f6-437f-be3e-7c1dca0a5779-1-7.exe [2015-05-12] (Cinema PlusV12.05) <==== ATTENTION
Task: {8DDE51F7-F22A-435F-B8D6-C5E0E5B96009} - System32\Tasks\b4096e90-51f6-437f-be3e-7c1dca0a5779-10_user => C:\Program Files (x86)\CinemaPlus-3.2cV12.05\b4096e90-51f6-437f-be3e-7c1dca0a5779-10.exe [2015-05-12] (Cinema PlusV12.05) <==== ATTENTION
Task: {8F4B58E5-ED59-4994-95F4-AF870A13762D} - System32\Tasks\b4096e90-51f6-437f-be3e-7c1dca0a5779-5_user => C:\Program Files (x86)\CinemaPlus-3.2cV12.05\b4096e90-51f6-437f-be3e-7c1dca0a5779-5.exe [2015-05-12] (Cinema PlusV12.05) <==== ATTENTION
Task: {93889A24-6B5B-4F83-B605-9278359D607F} - System32\Tasks\SPBIW_UpdateTask_Time_313735383037363438392d3437415a556c2a3223346c41 => Wscript.exe //B "C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe /invoke /f:check_services /l:0 <==== ATTENTION
Task: {99A305AE-2248-4E0D-9472-695FFF4BE3CD} - System32\Tasks\1f11eeea-4058-4835-96d3-31e180729d33-4 => C:\Program Files (x86)\Ge-Force\1f11eeea-4058-4835-96d3-31e180729d33-4.exe [2015-05-13] (Webar) <==== ATTENTION
Task: {9E3026BE-7D59-4803-A4D1-E260BA7B3845} - System32\Tasks\b4096e90-51f6-437f-be3e-7c1dca0a5779-7 => C:\Program Files (x86)\CinemaPlus-3.2cV12.05\b4096e90-51f6-437f-be3e-7c1dca0a5779-7.exe [2015-05-12] (Cinema PlusV12.05) <==== ATTENTION
Task: {A1EB5F98-AD28-4AE5-853B-E807BCA80A50} - System32\Tasks\1f11eeea-4058-4835-96d3-31e180729d33-1-7 => C:\Program Files (x86)\Ge-Force\1f11eeea-4058-4835-96d3-31e180729d33-1-7.exe [2015-05-13] (Webar) <==== ATTENTION
Task: {B17CC6EB-3108-4F4B-92B3-72A8D7D1D62E} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {B5135F3A-78A5-4E1A-B984-17704F326790} - System32\Tasks\WebBarLaunchTask => C:\PROGRAM FILES\WEBBAR\WBSVC.EXE [2015-04-06] (Web Bar Media)
Task: {C46BCF29-8FFC-4270-85B9-8E3431F7676C} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {C6768AF8-E666-4247-B45D-DD2EF37A0888} - System32\Tasks\b4096e90-51f6-437f-be3e-7c1dca0a5779-5 => C:\Program Files (x86)\CinemaPlus-3.2cV12.05\b4096e90-51f6-437f-be3e-7c1dca0a5779-5.exe [2015-05-12] (Cinema PlusV12.05) <==== ATTENTION
Task: {C9D4F0F9-14CC-4621-B90C-9DF2501BBB51} - System32\Tasks\Run_dregol => C:\Users\With\AppData\Roaming\Run_dregol\UpdateProc\UpdateTask.exe [2015-05-12] () <==== ATTENTION
Task: {D1A895C7-B8D7-4C39-B2F8-55436806B39E} - System32\Tasks\NetEngine => C:\ProgramData\NetEngine\bin\D10\netengine.exe [2015-05-12] () <==== ATTENTION
Task: {D1BDC18A-EC6E-47E0-9220-1D5C4BD48AF0} - System32\Tasks\Dregol sidi => C:\ProgramData\{7D2F95EC-2DAD-446A-9C2B-34E84CA9E766}\1.17.0.1\f
Task: {D4A60292-9F62-4AFC-8BC1-D8C99868DF94} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {E0C21EDF-5A67-482A-81DB-3E1A1DD304FF} - System32\Tasks\F46tQTi5u8je => C:\Users\With\AppData\Roaming\F46tQTi5u8je.exe [2015-04-20] () <==== ATTENTION
Task: {E3B4057C-CD3F-495B-912A-C2C2BED5469F} - System32\Tasks\Smp => C:\Program Files\Common Files\Goobzo\GBUpdate\smp.exe [2015-04-01] () <==== ATTENTION
Task: {E446CBDD-B86C-46F0-8C3A-7A6B06544BD4} - System32\Tasks\ShopperPro => C:\Program Files (x86)\ShopperPro\ShopperPro.exe [2015-05-03] (Goobzo LTD) <==== ATTENTION
Task: {E9E787D5-37EC-4DBD-B347-17121C02487F} - System32\Tasks\b4096e90-51f6-437f-be3e-7c1dca0a5779-6 => C:\Program Files (x86)\CinemaPlus-3.2cV12.05\b4096e90-51f6-437f-be3e-7c1dca0a5779-6.exe [2015-05-12] (Cinema PlusV12.05) <==== ATTENTION
Task: {EEEAF848-693E-459D-A6E4-73990ED2A1A1} - System32\Tasks\1f11eeea-4058-4835-96d3-31e180729d33-5_user => C:\Program Files (x86)\Ge-Force\1f11eeea-4058-4835-96d3-31e180729d33-5.exe [2015-05-13] (Webar) <==== ATTENTION
Task: {F3FD4F71-27EA-49A0-BAAA-2A7D7EDE0FF5} - System32\Tasks\b4096e90-51f6-437f-be3e-7c1dca0a5779-3 => C:\Program Files (x86)\CinemaPlus-3.2cV12.05\b4096e90-51f6-437f-be3e-7c1dca0a5779-3.exe [2015-05-12] (Cinema PlusV12.05) <==== ATTENTION
Task: {F7212A8F-5669-42AE-9655-6EABF488F60E} - System32\Tasks\1f11eeea-4058-4835-96d3-31e180729d33-1-6 => C:\Program Files (x86)\Ge-Force\1f11eeea-4058-4835-96d3-31e180729d33-1-6.exe [2015-05-13] (Webar) <==== ATTENTION
Task: {FC53DCCD-650D-4835-BDB4-DE15EAC19D8A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {FED838F6-A545-4141-9A25-56C590BB0365} - System32\Tasks\ShopperProJSUpd => C:\Program Files (x86)\ShopperPro\updater.exe [2015-05-03] (Goobzo) <==== ATTENTION
Task: C:\Windows\Tasks\1f11eeea-4058-4835-96d3-31e180729d33-1-6.job => C:\Program Files (x86)\Ge-Force\1f11eeea-4058-4835-96d3-31e180729d33-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\1f11eeea-4058-4835-96d3-31e180729d33-1-7.job => C:\Program Files (x86)\Ge-Force\1f11eeea-4058-4835-96d3-31e180729d33-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\1f11eeea-4058-4835-96d3-31e180729d33-10_user.job => C:\Program Files (x86)\Ge-Force\1f11eeea-4058-4835-96d3-31e180729d33-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\1f11eeea-4058-4835-96d3-31e180729d33-4.job => C:\Program Files (x86)\Ge-Force\1f11eeea-4058-4835-96d3-31e180729d33-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\1f11eeea-4058-4835-96d3-31e180729d33-5.job => C:\Program Files (x86)\Ge-Force\1f11eeea-4058-4835-96d3-31e180729d33-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\1f11eeea-4058-4835-96d3-31e180729d33-5_user.job => C:\Program Files (x86)\Ge-Force\1f11eeea-4058-4835-96d3-31e180729d33-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\1f11eeea-4058-4835-96d3-31e180729d33-6.job => C:\Program Files (x86)\Ge-Force\1f11eeea-4058-4835-96d3-31e180729d33-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\1f11eeea-4058-4835-96d3-31e180729d33-7.job => C:\Program Files (x86)\Ge-Force\1f11eeea-4058-4835-96d3-31e180729d33-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\b4096e90-51f6-437f-be3e-7c1dca0a5779-1-6.job => C:\Program Files (x86)\CinemaPlus-3.2cV12.05\b4096e90-51f6-437f-be3e-7c1dca0a5779-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\b4096e90-51f6-437f-be3e-7c1dca0a5779-1-7.job => C:\Program Files (x86)\CinemaPlus-3.2cV12.05\b4096e90-51f6-437f-be3e-7c1dca0a5779-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\b4096e90-51f6-437f-be3e-7c1dca0a5779-10_user.job => C:\Program Files (x86)\CinemaPlus-3.2cV12.05\b4096e90-51f6-437f-be3e-7c1dca0a5779-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\b4096e90-51f6-437f-be3e-7c1dca0a5779-3.job => C:\Program Files (x86)\CinemaPlus-3.2cV12.05\b4096e90-51f6-437f-be3e-7c1dca0a5779-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\b4096e90-51f6-437f-be3e-7c1dca0a5779-4.job => C:\Program Files (x86)\CinemaPlus-3.2cV12.05\b4096e90-51f6-437f-be3e-7c1dca0a5779-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\b4096e90-51f6-437f-be3e-7c1dca0a5779-5.job => C:\Program Files (x86)\CinemaPlus-3.2cV12.05\b4096e90-51f6-437f-be3e-7c1dca0a5779-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\b4096e90-51f6-437f-be3e-7c1dca0a5779-5_user.job => C:\Program Files (x86)\CinemaPlus-3.2cV12.05\b4096e90-51f6-437f-be3e-7c1dca0a5779-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\b4096e90-51f6-437f-be3e-7c1dca0a5779-6.job => C:\Program Files (x86)\CinemaPlus-3.2cV12.05\b4096e90-51f6-437f-be3e-7c1dca0a5779-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\b4096e90-51f6-437f-be3e-7c1dca0a5779-7.job => C:\Program Files (x86)\CinemaPlus-3.2cV12.05\b4096e90-51f6-437f-be3e-7c1dca0a5779-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\Crossbrowse.job => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe <==== ATTENTION
Task: C:\Windows\Tasks\F46tQTi5u8je.job => C:\Users\With\AppData\Roaming\F46tQTi5u8je.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4145080920-3812403697-566172317-1000Core.job => C:\Users\With\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4145080920-3812403697-566172317-1000UA.job => C:\Users\With\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe
Task: C:\Windows\Tasks\LGICBV1.job => C:\ProgramData\FlashBeat\FlashBeat.exe
Task: C:\Windows\Tasks\One System CarePeriod.job => C:\Program Files (x86)\OneSystemCare\OneSystemCare.exe
Task: C:\Windows\Tasks\One System CareStartUp.job => C:\Program Files (x86)\OneSystemCare\OneSystemCare.exe
Task: C:\Windows\Tasks\Run_dregol.job => C:\Users\With\AppData\Roaming\RUN_DR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\ST5oNoWE90BVieXe.job => C:\Users\With\AppData\Roaming\ST5oNoWE90BVieXe.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) ==============

2014-01-04 15:39 - 2015-04-08 17:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-05-12 19:42 - 2015-05-12 19:42 - 00075776 _____ () C:\ProgramData\NetEngine\bin\D10\netengine.exe
2012-01-17 12:24 - 2012-01-17 12:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2015-05-12 19:23 - 2015-05-12 19:23 - 00144896 _____ () C:\Users\With\AppData\Local\03000200-1431458587-0500-0006-000700080009\snsd65B7.tmp
2015-05-01 15:08 - 2015-05-01 15:08 - 00330240 _____ () C:\Program Files (x86)\Windows Discount\FindingDiscount\FindingDiscount.exe
2015-05-13 17:52 - 2015-05-13 17:52 - 00165888 _____ () C:\Users\With\AppData\Roaming\03000200-1431472796-0500-0006-000700080009\nsj1160.tmp
2015-05-12 19:20 - 2015-05-12 19:20 - 00231936 _____ () C:\Users\With\AppData\Roaming\03000200-1431472796-0500-0006-000700080009\jnshA43A.tmp
2015-05-01 15:08 - 2015-05-01 15:08 - 00101888 _____ () C:\Program Files (x86)\Windows NT\Accessories\RuntimeManager\runtimemanager.exe
2015-05-06 04:34 - 2015-05-06 04:34 - 00691200 _____ () C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\InternetEnhancerService.exe
2015-05-12 19:22 - 2015-05-12 19:22 - 00268288 _____ () C:\Users\With\AppData\Local\03000200-1431458573-0500-0006-000700080009\cnss2E54.tmp
2015-05-12 19:32 - 2015-05-11 18:03 - 03297224 _____ () C:\Users\With\AppData\Local\gmsd_us_558\upgmsd_us_558.exe
2015-05-12 19:37 - 2015-03-04 11:31 - 00808960 _____ () C:\Program Files\WebBar\2.0.5574.22315\ISightSDK_x64.dll
2015-05-13 19:48 - 2015-05-03 08:01 - 03224576 _____ () C:\Program Files (x86)\ShopperPro\JSDriver\1.42.0.1828\jsdrv.exe
2015-05-13 19:54 - 2015-05-13 19:54 - 00003072 _____ () C:\Users\With\AppData\Local\Temp\isdkJ5uXT7vb\ISightHost.exe
2015-05-13 19:54 - 2015-03-04 11:31 - 00808960 _____ () C:\Users\With\AppData\Local\Temp\isdkJ5uXT7vb\ISightSDK.DLL
2014-09-17 09:13 - 2014-09-17 09:13 - 00036536 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2014-09-17 09:13 - 2014-09-17 09:13 - 00752312 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2014-09-17 09:12 - 2014-09-17 09:12 - 00011776 _____ () C:\Program Files\Rainmeter\Plugins\PowerPlugin.DLL
2014-09-17 09:12 - 2014-09-17 09:12 - 00016896 _____ () C:\Program Files\Rainmeter\Plugins\AdvancedCPU.DLL
2014-09-17 09:12 - 2014-09-17 09:12 - 00022528 _____ () C:\Program Files\Rainmeter\Plugins\WifiStatus.DLL
2014-09-17 09:12 - 2014-09-17 09:12 - 00019968 _____ () C:\Program Files\Rainmeter\Plugins\SysInfo.DLL
2014-09-17 09:12 - 2014-09-17 09:12 - 00056832 _____ () C:\Program Files\Rainmeter\Plugins\WebParser.DLL
2014-01-10 01:26 - 2014-01-10 01:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2015-05-12 19:32 - 2015-05-11 18:03 - 03982280 _____ () C:\Program Files (x86)\gmsd_us_558\gmsd_us_558.exe
2015-05-13 19:46 - 2015-05-13 16:19 - 03982280 _____ () C:\Program Files (x86)\gmsd_us_574\gmsd_us_574.exe
2015-05-12 14:34 - 2015-05-12 14:34 - 02963456 _____ () C:\Users\With\AppData\Local\03000200-1431458573-0500-0006-000700080009\anss2B47.exe
2015-05-06 04:34 - 2015-05-06 04:34 - 00274944 _____ () C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\InternetEnhancer.exe
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-31 11:05 - 2013-10-31 11:05 - 00172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2015-04-25 15:09 - 2015-03-27 23:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-05-03 07:57 - 2015-05-03 07:57 - 01332224 _____ () C:\Program Files\Common Files\ShopperPro\spbici32.dll
2015-05-13 19:48 - 2015-05-13 19:48 - 00188928 _____ () C:\Program Files (x86)\Ge-Force\4649450f-512c-4f09-b497-34c53d0cef56.dll
2015-05-12 19:45 - 2015-05-12 19:45 - 00192592 _____ () C:\Program Files (x86)\CinemaPlus-3.2cV12.05\ccce1ee8-78cc-4de0-b0ac-82886cf58d61.dll
2014-09-03 15:15 - 2014-09-03 15:15 - 10683392 _____ () C:\Users\With\AppData\Local\Programs\Google\MusicManager\QtWebKit4.dll
2014-09-03 15:15 - 2014-09-03 15:15 - 07741952 _____ () C:\Users\With\AppData\Local\Programs\Google\MusicManager\QtGui4.dll
2014-09-03 15:15 - 2014-09-03 15:15 - 02248192 _____ () C:\Users\With\AppData\Local\Programs\Google\MusicManager\QtCore4.dll
2014-09-03 15:15 - 2014-09-03 15:15 - 01681408 _____ () C:\Users\With\AppData\Local\Programs\Google\MusicManager\QtNetwork4.dll
2015-03-31 18:33 - 2015-03-31 18:33 - 00117248 _____ () C:\Users\With\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
2015-03-31 18:33 - 2015-03-31 18:33 - 00231936 _____ () C:\Users\With\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
2015-03-31 18:33 - 2015-03-31 18:33 - 00253440 _____ () C:\Users\With\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
2015-03-31 18:33 - 2015-03-31 18:33 - 00344064 _____ () C:\Users\With\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll
2014-09-03 15:15 - 2014-09-03 15:15 - 00026624 _____ () C:\Users\With\AppData\Local\Programs\Google\MusicManager\imageformats\qgif4.dll
2015-05-13 19:55 - 2015-05-13 19:55 - 00043008 _____ () c:\users\with\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphtoica.dll
2015-03-04 17:45 - 2015-03-04 17:45 - 00750080 _____ () C:\Users\With\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 17:45 - 2015-03-04 17:45 - 00047616 _____ () C:\Users\With\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 17:45 - 2015-03-04 17:45 - 00865280 _____ () C:\Users\With\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 17:45 - 2015-03-04 17:45 - 00200704 _____ () C:\Users\With\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-05-12 19:38 - 2015-03-16 14:13 - 01070592 _____ () C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.5.2171.95\libglesv2.dll
2015-05-12 19:38 - 2015-03-16 14:13 - 00204800 _____ () C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.5.2171.95\libegl.dll
2015-04-30 21:18 - 2015-04-27 22:07 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libglesv2.dll
2015-04-30 21:18 - 2015-04-27 22:07 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libegl.dll
2014-01-10 01:28 - 2014-01-10 01:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2015-05-13 19:54 - 2015-05-13 19:54 - 00098816 _____ () C:\Users\With\AppData\Local\Temp\_MEI43402\win32api.pyd
2015-05-13 19:54 - 2015-05-13 19:54 - 00110080 _____ () C:\Users\With\AppData\Local\Temp\_MEI43402\pywintypes27.dll
2015-05-13 19:54 - 2015-05-13 19:54 - 00364544 _____ () C:\Users\With\AppData\Local\Temp\_MEI43402\pythoncom27.dll
2015-05-13 19:54 - 2015-05-13 19:54 - 00045568 _____ () C:\Users\With\AppData\Local\Temp\_MEI43402\_socket.pyd
2015-05-13 19:54 - 2015-05-13 19:54 - 01161216 _____ () C:\Users\With\AppData\Local\Temp\_MEI43402\_ssl.pyd
2015-05-13 19:54 - 2015-05-13 19:54 - 00320512 _____ () C:\Users\With\AppData\Local\Temp\_MEI43402\win32com.shell.shell.pyd
2015-05-13 19:54 - 2015-05-13 19:54 - 00713216 _____ () C:\Users\With\AppData\Local\Temp\_MEI43402\_hashlib.pyd
2015-05-13 19:54 - 2015-05-13 19:54 - 01175040 _____ () C:\Users\With\AppData\Local\Temp\_MEI43402\wx._core_.pyd
2015-05-13 19:54 - 2015-05-13 19:54 - 00805888 _____ () C:\Users\With\AppData\Local\Temp\_MEI43402\wx._gdi_.pyd
2015-05-13 19:54 - 2015-05-13 19:54 - 00811008 _____ () C:\Users\With\AppData\Local\Temp\_MEI43402\wx._windows_.pyd
2015-05-13 19:54 - 2015-05-13 19:54 - 01062400 _____ () C:\Users\With\AppData\Local\Temp\_MEI43402\wx._controls_.pyd
2015-05-13 19:54 - 2015-05-13 19:54 - 00735232 _____ () C:\Users\With\AppData\Local\Temp\_MEI43402\wx._misc_.pyd
2015-05-13 19:54 - 2015-05-13 19:54 - 00682496 _____ () C:\Users\With\AppData\Local\Temp\_MEI43402\pysqlite2._sqlite.pyd
2015-05-13 19:54 - 2015-05-13 19:54 - 00128512 _____ () C:\Users\With\AppData\Local\Temp\_MEI43402\_elementtree.pyd
2015-05-13 19:54 - 2015-05-13 19:54 - 00127488 _____ () C:\Users\With\AppData\Local\Temp\_MEI43402\pyexpat.pyd
2015-05-13 19:54 - 2015-05-13 19:54 - 00087552 _____ () C:\Users\With\AppData\Local\Temp\_MEI43402\_ctypes.pyd
2015-05-13 19:54 - 2015-05-13 19:54 - 00119808 _____ () C:\Users\With\AppData\Local\Temp\_MEI43402\win32file.pyd
2015-05-13 19:54 - 2015-05-13 19:54 - 00108544 _____ () C:\Users\With\AppData\Local\Temp\_MEI43402\win32security.pyd
2015-05-13 19:54 - 2015-05-13 19:54 - 00007168 _____ () C:\Users\With\AppData\Local\Temp\_MEI43402\hashobjs_ext.pyd
2015-05-13 19:54 - 2015-05-13 19:54 - 00017408 _____ () C:\Users\With\AppData\Local\Temp\_MEI43402\usb_ext.pyd
2015-05-13 19:54 - 2015-05-13 19:54 - 00167936 _____ () C:\Users\With\AppData\Local\Temp\_MEI43402\win32gui.pyd
2015-05-13 19:54 - 2015-05-13 19:54 - 00018432 _____ () C:\Users\With\AppData\Local\Temp\_MEI43402\win32event.pyd
2015-05-13 19:54 - 2015-05-13 19:54 - 00013824 _____ () C:\Users\With\AppData\Local\Temp\_MEI43402\common.time34.pyd
2015-05-13 19:54 - 2015-05-13 19:54 - 00036864 _____ () C:\Users\With\AppData\Local\Temp\_MEI43402\_psutil_windows.pyd
2015-05-13 19:54 - 2015-05-13 19:54 - 00038912 _____ () C:\Users\With\AppData\Local\Temp\_MEI43402\win32inet.pyd
2015-05-13 19:54 - 2015-05-13 19:54 - 00011264 _____ () C:\Users\With\AppData\Local\Temp\_MEI43402\win32crypt.pyd
2015-05-13 19:54 - 2015-05-13 19:54 - 00070656 _____ () C:\Users\With\AppData\Local\Temp\_MEI43402\wx._html2.pyd
2015-05-13 19:54 - 2015-05-13 19:54 - 00027136 _____ () C:\Users\With\AppData\Local\Temp\_MEI43402\_multiprocessing.pyd
2015-05-13 19:54 - 2015-05-13 19:54 - 00020480 _____ () C:\Users\With\AppData\Local\Temp\_MEI43402\_yappi.pyd
2015-05-13 19:54 - 2015-05-13 19:54 - 00035840 _____ () C:\Users\With\AppData\Local\Temp\_MEI43402\win32process.pyd
2015-05-13 19:54 - 2015-05-13 19:54 - 00686080 _____ () C:\Users\With\AppData\Local\Temp\_MEI43402\unicodedata.pyd
2015-05-13 19:54 - 2015-05-13 19:54 - 00122368 _____ () C:\Users\With\AppData\Local\Temp\_MEI43402\wx._wizard.pyd
2015-05-13 19:54 - 2015-05-13 19:54 - 00024064 _____ () C:\Users\With\AppData\Local\Temp\_MEI43402\win32pipe.pyd
2015-05-13 19:54 - 2015-05-13 19:54 - 00010240 _____ () C:\Users\With\AppData\Local\Temp\_MEI43402\select.pyd
2015-05-13 19:54 - 2015-05-13 19:54 - 00025600 _____ () C:\Users\With\AppData\Local\Temp\_MEI43402\win32pdh.pyd
2015-05-13 19:54 - 2015-05-13 19:54 - 00525640 _____ () C:\Users\With\AppData\Local\Temp\_MEI43402\windows._lib_cacheinvalidation.pyd
2015-05-13 19:54 - 2015-05-13 19:54 - 00017408 _____ () C:\Users\With\AppData\Local\Temp\_MEI43402\win32profile.pyd
2015-05-13 19:54 - 2015-05-13 19:54 - 00022528 _____ () C:\Users\With\AppData\Local\Temp\_MEI43402\win32ts.pyd
2015-05-13 19:54 - 2015-05-13 19:54 - 00078336 _____ () C:\Users\With\AppData\Local\Temp\_MEI43402\wx._animate.pyd
2015-05-06 04:34 - 2015-05-06 04:34 - 00011776 _____ () C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\ApiHandlr.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antvirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccEvtMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccSetMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmcService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Symantec Antivirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Symantec Antvirus => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4145080920-3812403697-566172317-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\With\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [{9F0E2B77-3E95-40BA-B2FD-4D60B42AFA54}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
FirewallRules: [{1799EC42-901F-43B8-A332-7479C0FB0491}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
FirewallRules: [{511CBEB8-206C-4CF3-A6EE-32D485727EC0}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE
FirewallRules: [{8C4583DB-C24D-416B-97DA-3E0D05C9FFB0}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE
FirewallRules: [{A0BB0A3D-E6B7-49E3-9035-0AC655AB7A50}] => (Allow) C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
FirewallRules: [{B6C5E2E0-6E5A-4F04-A454-9E00AADD4371}] => (Allow) C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
FirewallRules: [{464E037F-E538-48CF-9230-8D4519C334A7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3FC865ED-C93E-4DA9-BD0A-1D23BDA03AB3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E349AB72-3C7C-43A1-AF0D-8A0F36276B19}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7B01ECA7-820D-4EEA-9CD1-048B6600C4C6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{90EA1F13-43F8-4BB5-8AF0-257EF3F93643}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{EE8D37B2-DFFA-40FD-BB10-F53AB335BCF9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{F6DE9BFF-5256-44A1-B02D-F194EBC227F0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{997D3A3F-9697-42E9-BF8E-01271AAAD738}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A4ED9835-5C4A-47B0-B283-AC75EFDCEC01}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{26014AC1-22A6-4D68-81A6-8FBA90AEA2EB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B4C5B714-E882-4080-BD1B-958C0E070D3F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{81AA5AF0-6367-473A-B790-BB4CE41110A2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{00CF6937-FBE3-4BAF-B202-F920BF80D336}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{857F62FD-CD68-448E-8E6F-5C25D6BCC31C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A9367C1F-15AA-4758-B59F-65A41EED5486}] => (Allow) C:\Program Files\HP\HP ENVY 110 series\Bin\DeviceSetup.exe
FirewallRules: [{1F5C5FD5-BE39-44C4-908E-0F48E5C9BA6C}] => (Allow) C:\Program Files\HP\HP ENVY 110 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{1677AB67-8E2D-4841-BEEF-ED612228E8A9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{93A312E5-B554-4D84-BA4A-9D8CE24122CD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8872B64F-12F3-4BBB-BE11-09583517C788}] => (Allow) C:\Users\With\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{AB7288E0-AF54-489B-99A7-A5CCB3F2EFC5}] => (Allow) C:\Users\With\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{124D0D23-505E-4674-B593-B7021C1B1A9C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\3DMark\3DMarkLauncher.exe
FirewallRules: [{E44EECB0-AD3A-49DE-B730-4393C85B3192}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\3DMark\3DMarkLauncher.exe
FirewallRules: [{FD5B630B-9E64-4865-812F-3989C3EA47B7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{9DB63C9E-F65C-4478-8CD1-417B838028FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{71B387F4-1215-4134-AA77-B1A435DAFCD9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [{93291CF7-F604-4439-BCEB-BBB347188FDB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [{3DB4E025-C54C-418A-8F0F-ED7573A5E1C3}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\Blacklist_Launcher.exe
FirewallRules: [{BB95AD9F-0EC2-420C-8DC8-C15CDBF024AA}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\Blacklist_Launcher.exe
FirewallRules: [{1E2CC697-AAB1-4279-8FF7-CFE457275D2F}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\Blacklist_game.exe
FirewallRules: [{C98256A2-0103-42A6-812D-466B078ACE9E}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\Blacklist_game.exe
FirewallRules: [{82F85424-B8D8-419E-BA43-33E7FBCDD891}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\Blacklist_DX11_game.exe
FirewallRules: [{19F4C8DE-7EB7-4CE5-B413-CCEA63289385}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\Blacklist_DX11_game.exe
FirewallRules: [{E2C6C041-21FC-430C-91B4-EA39D7A4F3F7}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\gu.exe
FirewallRules: [{379E130F-BB7C-45D4-AFAD-E5089EFC42B3}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\gu.exe
FirewallRules: [{25F76C8C-E998-43B4-99C8-B684F4253605}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2AA39916-CE25-47DB-A842-70A37C8AF47D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{739BC5AF-1FC5-4C17-8A55-F2005B256C47}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{4021B75F-FFDB-4BBB-B623-5EE7B13D012C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{6692D166-CE02-469A-B85A-AF18E1508804}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FD03A6E1-5FDB-46BF-80DD-A3447D371F0B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{628B59E9-7089-473A-A217-B4676E4BDB69}C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [UDP Query User{2FA4729D-B17E-4AD2-AD02-2F1FD421F9A3}C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [TCP Query User{47440ABA-BE30-4AFC-9FBF-4EA87D4ACAFB}C:\program files (x86)\xbmc\xbmc.exe] => (Allow) C:\program files (x86)\xbmc\xbmc.exe
FirewallRules: [UDP Query User{1DB3019B-78DB-4411-AC37-ABCAE87A4EB9}C:\program files (x86)\xbmc\xbmc.exe] => (Allow) C:\program files (x86)\xbmc\xbmc.exe
FirewallRules: [{4BE31ECF-E8B2-4275-8A44-798DEC559F66}] => (Allow) C:\Users\With\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7788240A-434D-4D4C-9914-49BADEC7AEBE}] => (Allow) C:\Users\With\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B9738E8B-3923-4BE1-969E-ACD352CF2E70}] => (Allow) C:\Program Files (x86)\PS3 Media Server\pms.exe
FirewallRules: [{C27B09F6-877C-4C15-8242-BEBF597A43CC}] => (Allow) C:\Program Files (x86)\PS3 Media Server\pms.exe
FirewallRules: [{EE7F571F-0D57-4565-9B75-3859DCC284A6}] => (Allow) C:\Program Files (x86)\PS3 Media Server\pms.exe
FirewallRules: [{9A55B186-5BF9-4204-AEBF-7C9A8188AEBB}] => (Allow) C:\Program Files (x86)\PS3 Media Server\pms.exe
FirewallRules: [TCP Query User{2437F5F9-3DE2-4C62-9706-72FE62B6D5B5}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{81739696-DE8B-466C-B757-F00B3E8B35DD}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{28CA98F5-2510-48ED-9B28-82E5532B42B0}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{2B697B2A-3F7F-46C3-9F13-03D155D9B806}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [TCP Query User{DA511ABF-4E59-4E55-81E7-F7BC82B2ECBE}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{F0B753CA-7C55-4F29-8828-0C4FF652D6BD}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{B42268CB-5500-4034-B31F-FEBC3AC73D02}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{DFCDD9E6-36A4-4560-9703-43A519D16DCB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7FE9E214-5D04-47F5-8595-B233B493CAFC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1EEE2DB7-D198-4350-9C5B-E1C0885580DD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{03D49B8F-ED41-4D04-A3D4-D40FC8F22D93}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{154F24C6-15BF-44CE-B2B5-D599BF48A7B8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\3DMark\3DMarkLauncher.exe
FirewallRules: [{7FD366F8-CD63-4A9D-BDE7-78E87EE2976D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\3DMark\3DMarkLauncher.exe
FirewallRules: [{3EDB65BE-802D-4C2D-B5E9-AEFF59DFEF15}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Stanley Parable Demo\stanley.exe
FirewallRules: [{9CC54471-4C44-4139-9E11-187737D3F6CA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Stanley Parable Demo\stanley.exe
FirewallRules: [TCP Query User{C92AE416-6AFC-49B4-90AE-232EF2BBA60D}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{D0B4509C-4A71-4FA9-82CB-201792D39722}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{B31B9A02-E975-4E06-ADD3-16F30F5B928F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{39E8F3B2-4446-4CA8-8A38-2F9C9EC3225C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A9B1999B-E1FC-4E40-9C7C-C444AF380F85}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{9EAE7697-D406-495F-9273-7C8B4DED7D90}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{A01FE1BF-21C3-4E29-8BCD-C7310B0A514B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Old Tree\TheOldTree.exe
FirewallRules: [{892D23D8-6EA6-4258-9F45-B21E4A2440AF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Old Tree\TheOldTree.exe
FirewallRules: [{72CA8567-F0C9-43BE-99EC-BE279B8928D4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{A75E9CCC-D61C-4AEC-9549-120B501454A2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{73B92E2E-DC5E-4BCA-B912-AFA34A18F9AA}C:\users\with\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\with\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{336E2460-A5D9-40AB-BF74-AA88D1DE20CE}C:\users\with\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\with\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{B3534494-8F54-4441-830B-B5153E757174}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{8E47BA23-58E8-4331-8B86-25E919B483BF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [TCP Query User{D1CD7235-5919-412F-9116-06BB5D013737}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{4638AAA7-8C07-4FC3-AE9D-A320151C7DA5}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{59DCB188-EBB5-4164-9615-D2E73BE93E91}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{20EC4E7F-F646-4D1A-BD7C-7AEEBBE9A4FE}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{06CB8734-6082-4A17-B083-6C0E6DFE2734}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{923EE6F0-990E-4328-8412-529A4D27CD61}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{2459631E-D746-43D7-B4E2-19DBAE2EABDE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{F298770E-CDF6-4DC8-BA3D-18DFFFF71DEC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [{8D588A66-BFBC-4569-A8A7-B3BB66E53529}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [{0E6ABEDE-61AA-4845-A772-84904F73A0D2}] => (Allow) C:\Users\With\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{A91F580B-8A19-418C-B36F-611C6FC6C275}] => (Allow) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/13/2015 08:14:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program CleanupConsole.exe version 3.2.0.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1014

Start Time: 01d08dd835017d4e

Termination Time: 1

Application Path: C:\Program Files (x86)\OneSystemCare\CleanupConsole.exe

Report Id:

Error: (05/13/2015 07:58:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17420 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 2ddc

Start Time: 01d08dd84ac30035

Termination Time: 8

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (05/13/2015 07:54:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/13/2015 07:52:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/13/2015 07:48:40 PM) (Source: MsiInstaller) (EventID: 11316) (User: With-PC)
Description: Product: globalupdate Helper -- Error 1316. The specified account already exists.

Error: (05/13/2015 07:48:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 37.0.2.5583, time stamp: 0x552ef76c
Faulting module name: mozalloc.dll, version: 37.0.2.5583, time stamp: 0x552ee9ae
Exception code: 0x80000003
Fault offset: 0x00001aa1
Faulting process id: 0xddc
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (05/13/2015 07:47:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SmartWebApp.exe, version: 8.0.9.2, time stamp: 0x54e31eaf
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x2058
Faulting application start time: 0xSmartWebApp.exe0
Faulting application path: SmartWebApp.exe1
Faulting module path: SmartWebApp.exe2
Report Id: SmartWebApp.exe3

Error: (05/13/2015 07:46:22 PM) (Source: Symantec AntiVirus) (EventID: 51) (User: )
Description: Security Risk Found!SearchProtect in File: C:\Users\With\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\adv_35.exe by: Auto-Protect scan.  Action: Access denied.  Action Description:

Error: (05/13/2015 07:45:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/13/2015 07:44:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvStreamNetworkService.exe, version: 4.1.1943.6202, time stamp: 0x551399be
Faulting module name: NvStreamNetworkService.exe, version: 4.1.1943.6202, time stamp: 0x551399be
Exception code: 0xc0000005
Fault offset: 0x00000000004e920f
Faulting process id: 0xcd0
Faulting application start time: 0xNvStreamNetworkService.exe0
Faulting application path: NvStreamNetworkService.exe1
Faulting module path: NvStreamNetworkService.exe2
Report Id: NvStreamNetworkService.exe3


System errors:
=============
Error: (05/13/2015 07:54:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The BrsHelper service failed to start due to the following error:
%%2

Error: (05/13/2015 07:54:18 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000000a (0x0000000000000000, 0x0000000000000002, 0x0000000000000000, 0xfffff800030ca22b)C:\Windows\MEMORY.DMP051315-9812-01

Error: (05/13/2015 07:52:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The BrsHelper service failed to start due to the following error:
%%2

Error: (05/13/2015 07:48:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The snbCxkIZpPj service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (05/13/2015 07:39:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The FindingDiscount service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 100 milliseconds: Restart the service.

Error: (05/13/2015 07:39:04 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {9A754403-27B1-4ED7-96D7-588F07888EBF}

Error: (05/12/2015 10:54:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The FindingDiscount service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 100 milliseconds: Restart the service.

Error: (05/12/2015 07:51:11 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 7:47:38 PM on ‎5/‎12/‎2015 was unexpected.

Error: (05/06/2015 06:07:37 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 6:06:17 PM on ‎5/‎6/‎2015 was unexpected.

Error: (04/17/2015 02:45:10 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 7:34:10 PM on ‎4/‎16/‎2015 was unexpected.


Microsoft Office Sessions:
=========================
Error: (01/21/2015 04:45:17 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 73112 seconds with 240 seconds of active time.  This session ended with a crash.


==================== Memory info ===========================

Processor: Intel® Core™ i5-4570 CPU @ 3.20GHz
Percentage of memory in use: 43%
Total physical RAM: 8111.48 MB
Available physical RAM: 4572.47 MB
Total Pagefile: 16221.14 MB
Available Pagefile: 12543.54 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:42.09 GB) NTFS
Drive d: (Drive) (Fixed) (Total:1397.26 GB) (Free:96.83 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 311BDA87)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1397.3 GB) (Disk ID: 95C87E00)
Partition 1: (Not Active) - (Size=1397.3 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

 

 



BC AdBot (Login to Remove)

 


#2 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:13 PM

Posted 14 May 2015 - 06:52 AM

Hi & :welcome: to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems. :warrior:

Before we move on, please read the following points carefully: :exclame:

  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now!
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
  • If I don't reply within 24 hours please PM me!
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.

Step 1

  • Please download and install revouninstaller.pngRevo Uninstaller Free
    note: there is no need to click anything on that page, the download will start automatically
  • Double click Revo Uninstaller to run it
  • From the list of programs double click on the listed program(s) to remove it:
    CinemaPlus-3.2cV12.05 
    Crossbrowse 
    FlashBeat 
    FLV Player 
    GamesDesktop 025.558 
    GamesDesktop 025.574 
    Ge-Force 
    Menu Operating System 
    Remote Desktop Access 
    Shopper-Pro 
    SmartWeb 
    Wajam 
    Web Bar 2.0.5574.22315 
  • When prompted if you want to uninstall click Yes
  • Be sure the Moderate option is selected then click Next
  • The program will run, If prompted again click Yes
  • When the built-in uninstaller is finished click on Next
  • Once the program has searched for leftovers click Next
  • Check the items in bold only on the list then click Delete
    note: you may have to expand some folders by clicking the "+" mark
  • When prompted click on Yes and then on Next
  • Put a check on any folders that are found and select Delete
  • When prompted select Yes then Next
  • Once done click Finish

Step 2

Please download adwcleaner.png AdwCleaner (by Xplode) and save it to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select "Run As Administrator"
  • Click on the Scan button.
  • After the scan has finished, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • After rebooting, a log file (that is saved in C:\AdwCleaner[S#].txt) will open automatically.
    Copy and paste the contents of that logfile in your next reply.

Step 3

v21logo.PNG

Please download and install Malwarebytes Anti-Malware.

  • Please open Malwarebytes Anti-Malware and update the database.
  • Click "Settings" [1] and go to "Detection and Protection" [2]
  • Make sure "Scan for Rootkits" is checked.
  • Click on Dashboard [3], then click on Scan Now [4] to start the scan.
    :exclame: If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt:
    m21p.png
  • Click on "Remove Selected" [5].
  • Then click "Save Results" [6] and select
    m21p4.png
  • Return to our forum. Paste your log into your next reply and then click Finish [7].

mbamv21.gif

Step 4

frst.pngfrstscan.png

Start FRST with administator privileges.

  • Make sure the following option is checked: addition.png
  • Press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
    Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#3 Phaze13

Phaze13
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:06:13 AM

Posted 14 May 2015 - 07:37 PM

Hi Jürgen,

 

Thanks for your help. Your directions are great. I ttok some notes in note pad but after step two the computer restarted and the document was not saved.

Step 1  Revo Installer

 

A couple of programs had the error "Running the Uninstaller failed"

Web Bar was not found in the list to remove

Did not restart after step 1 before continuing to step 2.

 

Step 2 AdwCleaner

Ran as administrator restarted after complete

 

Log File:

# AdwCleaner v4.203 - Logfile created 14/05/2015 at 20:07:31
# Updated 30/04/2015 by Xplode
# Database : 2015-04-30.2 [Local]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : With - WITH-PC
# Running from : C:\Users\With\Desktop\adwcleaner_4.203.exe
# Option : Cleaning
 
***** [ Services ] *****
 
[#] Service Deleted : BrsHelper
[#] Service Deleted : FindingDiscount
[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
[#] Service Deleted : RuntimeManager
[#] Service Deleted : SMUpd
Service Deleted : SMUpdd
[#] Service Deleted : SPBIUpd
Service Deleted : SPBIUpdd
[#] Service Deleted : wbsvc
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\SearchModule
Folder Deleted : C:\ProgramData\ShopperPro
Folder Deleted : C:\ProgramData\Windows Discount
Folder Deleted : C:\ProgramData\FlashBeat
Folder Deleted : C:\ProgramData\NetEngine
Folder Deleted : C:\ProgramData\InstallSightSDK
Folder Deleted : C:\ProgramData\6412073348186767231
Folder Deleted : C:\ProgramData\d2cc227e00001c9b
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\predm
Folder Deleted : C:\Program Files (x86)\ShopperPro
Folder Deleted : C:\Program Files (x86)\Spyware Clear
Folder Deleted : C:\Program Files (x86)\Ge-Force
[!] Folder Deleted : C:\Program Files (x86)\Windows Discount
[!] Folder Deleted : C:\Program Files (x86)\Windows NT\Accessories\RuntimeManager
Folder Deleted : C:\Program Files (x86)\Crossbrowse
Folder Deleted : C:\Program Files (x86)\Mountain Bike
Folder Deleted : C:\Program Files (x86)\YoutuBEAdiBlocckea
Folder Deleted : C:\Program Files (x86)\Infonaut_1.10.0.14
Folder Deleted : C:\Users\With\AppData\Local\Temp\Mountain Bike
Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\BrowserHelper
Folder Deleted : C:\Program Files\WebBar
Folder Deleted : C:\Program Files\Common Files\Goobzo
Folder Deleted : C:\Program Files\Common Files\ShopperPro
Folder Deleted : C:\Users\With\AppData\Local\globalUpdate
Folder Deleted : C:\Users\With\AppData\Local\SmartWeb
Folder Deleted : C:\Users\With\AppData\Local\WebBar
Folder Deleted : C:\Users\With\AppData\Local\BrowserHelper
Folder Deleted : C:\Users\With\AppData\Local\Crossbrowse
Folder Deleted : C:\Users\With\AppData\Roaming\EZDownloader
Folder Deleted : C:\Users\With\AppData\Roaming\ASPackage
Folder Deleted : C:\Users\With\AppData\Roaming\03000200-1431472796-0500-0006-000700080009
Folder Deleted : C:\Users\With\AppData\Roaming\03000200-1431647131-0500-0006-000700080009
Folder Deleted : C:\Users\With\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASPackage
Folder Deleted : C:\Users\With\Documents\PC Speed Maximizer
Folder Deleted : C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}
Folder Deleted : C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol
Folder Deleted : C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp
Folder Deleted : C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\dogmhlelnjpjgahofccgbfnmojkmlfep
Folder Deleted : C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl
File Deleted : C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bakijjialdiiboeaknfpmflphhmljfkd_0.localstorage
File Deleted : C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0.localstorage
File Deleted : C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0.localstorage-journal
File Deleted : C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0
File Deleted : C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\papbadoldddalgcjcicnikcfenodpghp
File Deleted : C:\Users\With\AppData\Local\Chromium\User Data\Default\Local Storage\chrome-extension_bakijjialdiiboeaknfpmflphhmljfkd_0.localstorage
File Deleted : C:\END
File Deleted : C:\Windows\patsearch.bin
File Deleted : C:\Users\With\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\With\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\crossbrowse.lnk
File Deleted : C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\user.js
File Deleted : C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage
File Deleted : C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal
File Deleted : C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.selectgo00.selectgo.net_0.localstorage
File Deleted : C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.dregol.com_0.localstorage
File Deleted : C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.reimageplus.com_0.localstorage
File Deleted : C:\Users\With\AppData\Local\Chromium\User Data\Default\Local Storage\hxxps_static.selectgo00.selectgo.net_0.localstorage
File Deleted : C:\Users\With\AppData\Local\Chromium\User Data\Default\Local Storage\hxxp_www.dregol.com_0.localstorage
File Deleted : C:\Users\With\AppData\Local\Chromium\User Data\Default\Local Storage\hxxp_www.reimageplus.com_0.localstorage
 
***** [ Scheduled tasks ] *****
 
Task Deleted : Crossbrowse
Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : Inst_Rep
Task Deleted : ShopperPro
Task Deleted : ShopperProJSUpd
Task Deleted : Smp
Task Deleted : SPDriver
Task Deleted : WebBarLaunchTask
Task Deleted : WebBarUpdateTask
Task Deleted : NetEngine
Task Deleted : 1f11eeea-4058-4835-96d3-31e180729d33-1-6
Task Deleted : 1f11eeea-4058-4835-96d3-31e180729d33-1-7
Task Deleted : 1f11eeea-4058-4835-96d3-31e180729d33-10_user
Task Deleted : 1f11eeea-4058-4835-96d3-31e180729d33-4
Task Deleted : 1f11eeea-4058-4835-96d3-31e180729d33-5
Task Deleted : 1f11eeea-4058-4835-96d3-31e180729d33-5_user
Task Deleted : 1f11eeea-4058-4835-96d3-31e180729d33-6
Task Deleted : 1f11eeea-4058-4835-96d3-31e180729d33-7
Task Deleted : b4096e90-51f6-437f-be3e-7c1dca0a5779-1-6
Task Deleted : b4096e90-51f6-437f-be3e-7c1dca0a5779-1-7
Task Deleted : b4096e90-51f6-437f-be3e-7c1dca0a5779-10_user
Task Deleted : b4096e90-51f6-437f-be3e-7c1dca0a5779-3
Task Deleted : b4096e90-51f6-437f-be3e-7c1dca0a5779-4
Task Deleted : b4096e90-51f6-437f-be3e-7c1dca0a5779-5
Task Deleted : b4096e90-51f6-437f-be3e-7c1dca0a5779-5_user
Task Deleted : b4096e90-51f6-437f-be3e-7c1dca0a5779-6
Task Deleted : b4096e90-51f6-437f-be3e-7c1dca0a5779-7
 
***** [ Shortcuts ] *****
 
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\With\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\With\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Play Music.lnk
Shortcut Disinfected : C:\Users\With\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\With\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Users\With\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\With\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Dregol (2).lnk
Shortcut Disinfected : C:\Users\With\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Dregol.lnk
Shortcut Disinfected : C:\Users\With\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Shortcut Disinfected : C:\Users\With\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
 
***** [ Registry ] *****
 
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{5081D2D4-1637-404c-B74F-50526718257D}]
Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{5081D2D4-1637-404c-B74F-50526718257D}]
Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO
Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Value Deleted : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
Key Deleted : HKLM\SOFTWARE\Microsoft\Mediaplayer\Shiminclusionlist\crossbrowse.exe
Key Deleted : HKLM\SOFTWARE\Clients\StartMenuInternet\Crossbrowse
Key Deleted : HKLM\SOFTWARE\0c93ef32-be6e-4cc1-9701-bea261422667
Key Deleted : HKLM\SOFTWARE\4649450f-512c-4f09-b497-34c53d0cef56
Key Deleted : HKLM\SOFTWARE\c0a998fb-e592-80e6-3160-26c9b8a4236d
Key Deleted : HKLM\SOFTWARE\ccce1ee8-78cc-4de0-b0ac-82886cf58d61
Key Deleted : HKLM\SOFTWARE\cdc5fca1-f659-4a8b-9d08-3a32c6550770
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E4C3E50F-5761-4BF8-95A0-939A819DF1C3}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458E-AE16-1C1D8255C28A}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458E-AE16-1C1D8255C28A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{552C91AC-7AE8-4B8C-B3B4-ED69DCF148B5}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7F9E5B58-E834-4E03-8414-F34CF3DD8846}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{85A60A59-D3D8-468F-B598-FB4393789EF4}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{85A60A59-D3D8-468F-B598-FB4393789EF4}
Key Deleted : HKCU\Software\Brothersoft
Key Deleted : HKCU\Software\Conduit_Search_Protect
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\WajIEnhance
Key Deleted : HKCU\Software\Super Optimizer
Key Deleted : HKCU\Software\CrossBrowser
Key Deleted : HKCU\Software\Ge-Force
Key Deleted : HKCU\Software\YorkNewCin
Key Deleted : HKCU\Software\HighDefAction
Key Deleted : HKCU\Software\ArenaHD
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\DynConIE
Key Deleted : HKCU\Software\AppDataLow\Software\SpeeditUp
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\ShopperPro
Key Deleted : HKLM\SOFTWARE\Tutorials
Key Deleted : HKLM\SOFTWARE\shopperz
Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Key Deleted : HKLM\SOFTWARE\SearchModule
Key Deleted : HKLM\SOFTWARE\YorkNewCin
Key Deleted : HKLM\SOFTWARE\HighDefAction
Key Deleted : HKLM\SOFTWARE\ArenaHD
Key Deleted : HKLM\SOFTWARE\Infonaut_1.10.0.14
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Setup Support for Consumer Input
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ASPackage
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search module
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Infonaut_1.10.0.14
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\ShopperPro
Key Deleted : [x64] HKLM\SOFTWARE\YTDownloader
Key Deleted : [x64] HKLM\SOFTWARE\shopperz
Key Deleted : [x64] HKLM\SOFTWARE\FlashBeat
Key Deleted : [x64] HKLM\SOFTWARE\SearchModule
Key Deleted : [x64] HKLM\SOFTWARE\WebBar
Key Deleted : [x64] HKLM\SOFTWARE\YorkNewCin
Key Deleted : [x64] HKLM\SOFTWARE\HighDefAction
Key Deleted : [x64] HKLM\SOFTWARE\ArenaHD
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0BCE8B0A-1E76-44E5-9909-3CF804D92E4D}_is1
Data Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:47574
Data Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
Data Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:53141;hxxps=127.0.0.1:53141
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17420
 
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
 
-\\ Mozilla Firefox v37.0.2 (x86 en-US)
 
[yolvwqn5.default-1419019564366\prefs.js] - Line Deleted : user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_meta.value", "%7B%22handlebars.js%22%3A%7B%22id%22%3A1002241%2C%22ver%22%3A1%2C%22status%22%3A1%2C%22name%22%3A%22[...]
[yolvwqn5.default-1419019564366\prefs.js] - Line Deleted : user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.Resources_resource_1002250.value", "%22function%20startAskCom%28e%2Ct%2Cr%29%7Bfunction%20a%28e%29%7Bvar%20t%3Dnew%20RegExp%[...]
[yolvwqn5.default-1419019564366\prefs.js] - Line Deleted : user_pref("extensions.aTTSD90021300PYDKGV101145942com70881.70881.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22dealply_p%22%3[...]
[yolvwqn5.default-1419019564366\prefs.js] - Line Deleted : user_pref("extensions.ad4db60df25f14dae9dd18185c395f9e794c9ab86be3ebcom72893.72893.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2[...]
[yolvwqn5.default-1419019564366\prefs.js] - Line Deleted : user_pref("extensions.crossrider.bic", "14d4fb6efd317f0c3c5edcc853350acc");
[yolvwqn5.default-1419019564366\prefs.js] - Line Deleted : user_pref("keyword.URL", "hxxp://www-searching.com/search.aspx?s=F5Dztutdk0001,0c6bc6c3-886d-400d-96fc-d5b1297c107f,&q=");
 
-\\ Google Chrome v42.0.2311.152
 
[C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
[C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : flpcjncodpafbgdpnkljologafpionhb
[C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : lbfehkoinhhcknnbdgnnmjhiladcgbol
[C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : papbadoldddalgcjcicnikcfenodpghp
[C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : dogmhlelnjpjgahofccgbfnmojkmlfep
[C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : ejnkaeblpdcamcioiiabclakabcbjmbl
[C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Homepage] : hxxp://www.dregol.com/?f=1&a=drg_coinis_15_20&cd=2XzuyEtN2Y1L1Qzu0B0CyD0F0FyE0DtB0F0B0CyBzyzzyB0DtN0D0Tzu0StCtBtByBtN1L2XzutAtFtCtDtFtBtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StB0D0FyBzytCyDtAtGyC0E0CzytGtB0CtCyEtGyCyB0A0AtGyBtB0CtDtA0AyCtCyB0D0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtBzyzytC0B0FtAtGzzyCyC0BtGyE0DyDzztGzz0FtD0BtGtDtC0C0ByBtB0ByEzy0D0F0A2QtN0A0LzuyE&cr=1739365694&ir=
[C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Startup_URLs] : hxxp://www.dregol.com/?f=7&a=drg_coinis_15_20&cd=2XzuyEtN2Y1L1Qzu0B0CyD0F0FyE0DtB0F0B0CyBzyzzyB0DtN0D0Tzu0StCtBtByBtN1L2XzutAtFtCtDtFtBtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StB0D0FyBzytCyDtAtGyC0E0CzytGtB0CtCyEtGyCyB0A0AtGyBtB0CtDtA0AyCtCyB0D0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtBzyzytC0B0FtAtGzzyCyC0BtGyE0DyDzztGzz0FtD0BtGtDtC0C0ByBtB0ByEzy0D0F0A2QtN0A0LzuyE&cr=1739365694&ir=
[C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Default_Search_Provider_Data] : hxxp://www.dregol.com/results.php?f=4&q={searchTerms}&a=drg_coinis_15_20&cd=2XzuyEtN2Y1L1Qzu0B0CyD0F0FyE0DtB0F0B0CyBzyzzyB0DtN0D0Tzu0StCtBtByBtN1L2XzutAtFtCtDtFtBtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StB0D0FyBzytCyDtAtGyC0E0CzytGtB0CtCyEtGyCyB0A0AtGyBtB0CtDtA0AyCtCyB0D0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtBzyzytC0B0FtAtGzzyCyC0BtGyE0DyDzztGzz0FtD0BtGtDtC0C0ByBtB0ByEzy0D0F0A2QtN0A0LzuyE&cr=1739365694&ir=
 
-\\ Chromium v44.0.2397.0
 
[C:\Users\With\AppData\Local\Chromium\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.dregol.com/results.php?f=4&q={searchTerms}&a=drg_coinis_15_20&cd=2XzuyEtN2Y1L1Qzu0B0CyD0F0FyE0DtB0F0B0CyBzyzzyB0DtN0D0Tzu0StCtBtByBtN1L2XzutAtFtCtDtFtBtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StB0D0FyBzytCyDtAtGyC0E0CzytGtB0CtCyEtGyCyB0A0AtGyBtB0CtDtA0AyCtCyB0D0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtBzyzytC0B0FtAtGzzyCyC0BtGyE0DyDzztGzz0FtD0BtGtDtC0C0ByBtB0ByEzy0D0F0A2QtN0A0LzuyE&cr=1739365694&ir=&uref=chmm
[C:\Users\With\AppData\Local\Chromium\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www-searching.com/search.aspx?site=chuiauto&pid=s&shr=d&s=F5Dztutdk0001,0c6bc6c3-886d-400d-96fc-d5b1297c107f,&q={searchTerms}
[C:\Users\With\AppData\Local\Chromium\User Data\Default\Secure Preferences] - Deleted [Homepage] : hxxp://www.dregol.com/?f=1&a=drg_coinis_15_20&cd=2XzuyEtN2Y1L1Qzu0B0CyD0F0FyE0DtB0F0B0CyBzyzzyB0DtN0D0Tzu0StCtBtByBtN1L2XzutAtFtCtDtFtBtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StB0D0FyBzytCyDtAtGyC0E0CzytGtB0CtCyEtGyCyB0A0AtGyBtB0CtDtA0AyCtCyB0D0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtBzyzytC0B0FtAtGzzyCyC0BtGyE0DyDzztGzz0FtD0BtGtDtC0C0ByBtB0ByEzy0D0F0A2QtN0A0LzuyE&cr=1739365694&ir=&uref=chmm
[C:\Users\With\AppData\Local\Chromium\User Data\Default\Secure Preferences] - Deleted [Startup_URLs] : 874EFCD6D7A1C1CF3D89AB12DEFAD0FFE41C97E21A41B233C647BA9053E8CD79"},"software_reporter":{"prompt_reason":"5A1EEE6610B0E60FAD44D731D9768B67743F2307846BA8C85E4A6884DBA2CC78","prompt_seed":"D12521B12F27ED8D55846D6FE25154BD22242084A3546A89F2435F0D6575A92E","prompt_version":"565C7DC33789AA140A0FFC230B569B2F592F494FD1FE1EF8BAEA97F43DB5B49E"},"sync":{"remaining_rollback_tries":"330199A48C5F90321D74BF4A3B8CAD4B7FF7FA5817F414DCBE4E6C2F52FBDA56"}},"super_mac":"946D53C9F7095042BEF66EBF29AEA893247E06C3575252C9C06EBA71A74F4EFB"},"search_provider_overrides":[{"encoding":"UTF-8","favicon_url":"hxxp://www.dregol.com/favicon.ico
 
*************************
 
AdwCleaner[R0].txt - [27239 bytes] - [14/05/2015 20:06:13]
AdwCleaner[S0].txt - [25621 bytes] - [14/05/2015 20:07:31]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [25681  bytes] ##########
 
Post to long continued


#4 Phaze13

Phaze13
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:06:13 AM

Posted 14 May 2015 - 07:40 PM

Continued
 
Step 3 Malwarebytes
 
Log:
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 5/14/2015
Scan Time: 8:11:48 PM
Logfile: 
Administrator: Yes
 
Version: 2.01.6.1022
Malware Database: v2015.05.14.05
Rootkit Database: v2015.04.21.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: With
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 377611
Time Elapsed: 8 min, 52 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 3
PUP.Optional.MultiPlug.A, C:\Users\With\AppData\Local\03000200-1431458587-0500-0006-000700080009\snsd65B7.tmp, 2064, Delete-on-Reboot, [4b420f8406846fc784c57ee97a8bc63a]
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\InternetEnhancerService.exe, 2536, Delete-on-Reboot, [028b95fe434777bf2ed096d663a2a55b]
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\InternetEnhancer.exe, 6112, Delete-on-Reboot, [9bf20192d6b4f14544718c47a45fc937]
 
Modules: 3
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\ApiHandlr.dll, Delete-on-Reboot, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\FiddlerCore.dll, Delete-on-Reboot, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\Newtonsoft.Json.dll, Delete-on-Reboot, [9bf20192d6b4f14544718c47a45fc937], 
 
Registry Keys: 43
PUP.Optional.CrazyScore.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{f439aa7e-a2a0-4635-99a2-164180e848ca}, Quarantined, [8c01177c7812f046395858f5bc47e818], 
PUP.Optional.CrazyScore.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{31d48cad-f6d9-411a-a0c9-c1f051511a86}, Quarantined, [8c01177c7812f046395858f5bc47e818], 
PUP.Optional.CrazyScore.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{B81A3063-CE6C-4F9A-AEBD-5DDD0EA805A0}, Quarantined, [8c01177c7812f046395858f5bc47e818], 
PUP.Optional.CrazyScore.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B81A3063-CE6C-4F9A-AEBD-5DDD0EA805A0}, Quarantined, [8c01177c7812f046395858f5bc47e818], 
PUP.Optional.CrazyScore.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{B81A3063-CE6C-4F9A-AEBD-5DDD0EA805A0}, Quarantined, [8c01177c7812f046395858f5bc47e818], 
PUP.Optional.CrazyScore.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{31d48cad-f6d9-411a-a0c9-c1f051511a86}, Quarantined, [8c01177c7812f046395858f5bc47e818], 
PUP.Optional.CrazyScore.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{31d48cad-f6d9-411a-a0c9-c1f051511a86}, Quarantined, [8c01177c7812f046395858f5bc47e818], 
PUP.Optional.CrazyScore.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{F439AA7E-A2A0-4635-99A2-164180E848CA}, Quarantined, [8c01177c7812f046395858f5bc47e818], 
PUP.Optional.CrazyScore.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{F439AA7E-A2A0-4635-99A2-164180E848CA}, Quarantined, [8c01177c7812f046395858f5bc47e818], 
PUP.Optional.CrazyScore.A, HKU\S-1-5-21-4145080920-3812403697-566172317-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{F439AA7E-A2A0-4635-99A2-164180E848CA}, Quarantined, [8c01177c7812f046395858f5bc47e818], 
PUP.Optional.CrazyScore.A, HKU\S-1-5-21-4145080920-3812403697-566172317-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{F439AA7E-A2A0-4635-99A2-164180E848CA}, Quarantined, [8c01177c7812f046395858f5bc47e818], 
PUP.Optional.Dregol.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Run_Dregol, Quarantined, [711c177cf397b1852872e2751aecbe42], 
PUP.Optional.ModGoog, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GLOBALUPDATE.EXE, Quarantined, [5d30118298f20234b79c004925dd29d7], 
PUP.Optional.ModGoog, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GLOBALUPDATE.EXE, Quarantined, [5d30118298f20234b79c004925dd29d7], 
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\dopokyzu, Quarantined, [4b420f8406846fc784c57ee97a8bc63a], 
PUP.Optional.CinemaPlus.A, HKLM\SOFTWARE\CinemaPlus-3.2cV12.05-nv, Quarantined, [711ccdc61377fa3c2c1bd615fd061fe1], 
PUP.Optional.GeForce.A, HKLM\SOFTWARE\Ge-Force-nv, Quarantined, [7f0ea4ef266491a58f40a6bde124ee12], 
PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\CLASSES\APPID\GLOBALUPDATE.EXE, Quarantined, [90fd7a19593173c3ce3fe983ba4be818], 
PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\GLOBALUPDATE.EXE, Quarantined, [6b22494a0387d16538d5bfad5baab44c], 
PUP.Optional.Dregol.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\ihokndmjeombjojnfkmapfnjeghjohim, Quarantined, [d4b93e55e6a4fd399c1f9f3a867d7888], 
PUP.Optional.CinemaPlus.A, HKLM\SOFTWARE\WOW6432NODE\CinemaPlus-3.2cV12.05-nv, Quarantined, [e7a60a89a2e83006014652992ed58e72], 
PUP.Optional.CinemaPlus.A, HKLM\SOFTWARE\WOW6432NODE\CinemaPlus-3.2cV12.05-nv-ie, Quarantined, [523b831052385bdb083fea01b54e8878], 
PUP.Optional.GeForce.A, HKLM\SOFTWARE\WOW6432NODE\Ge-Force-nv, Quarantined, [94f90f84abdf9c9a9d328bd807feef11], 
PUP.Optional.GeForce.A, HKLM\SOFTWARE\WOW6432NODE\Ge-Force-nv-ie, Quarantined, [ddb0a8eb9befc86eb21df56ec144c739], 
PUP.Optional.WajaWebEnhance.A, HKLM\SOFTWARE\WOW6432NODE\WajaWebEnhance, Quarantined, [aae3f49f76141026df451f4e24e17090], 
PUP.Optional.CrossRider.C, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, Quarantined, [820b0f846d1d4de9538b1db78d76d927], 
PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\GLOBALUPDATE.EXE, Quarantined, [236a464d721882b479942646bf464db3], 
PUP.Optional.Dregol.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\ihokndmjeombjojnfkmapfnjeghjohim, Quarantined, [04893f542d5d261095267c5d9073b44c], 
PUP.Optional.Infonaut.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\innfd_1_10_0_14, Quarantined, [4e3f6330107af046cc1dd203e81b55ab], 
PUP.Optional.Wajam.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WajaWebEnhance Service, Quarantined, [028b95fe434777bf2ed096d663a2a55b], 
PUP.Optional.Vitruvian.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\INSVC_1.10.0.14, Quarantined, [4f3e0e85a7e339fdf14a96d6ad58e020], 
PUP.Optional.CinemaPlus.A, HKU\S-1-5-18\SOFTWARE\CinemaPlus-3.2cV12.05-nv, Quarantined, [6924e4afa7e31422f157b239838036ca], 
PUP.Optional.CinemaPlus.A, HKU\S-1-5-18\SOFTWARE\CinemaPlus-3.2cV12.05-nv-ie, Quarantined, [1e6f4a49cdbd1620d96f27c480834fb1], 
PUP.Optional.GeForce.A, HKU\S-1-5-18\SOFTWARE\Ge-Force-nv, Quarantined, [bad37d162a60fe38e9e7d390a65fc33d], 
PUP.Optional.GeForce.A, HKU\S-1-5-18\SOFTWARE\Ge-Force-nv-ie, Quarantined, [3459444fa2e87db9557bcb9858adab55], 
PUP.Optional.Crossrider.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, Quarantined, [0b82e0b35f2b3afc2e5ed09a17ee2cd4], 
PUP.Optional.CinemaPlus.A, HKU\S-1-5-21-4145080920-3812403697-566172317-1000\SOFTWARE\CinemaPlus-3.2cV12.05, Quarantined, [7e0f840ffb8ff2443117698231d2b14f], 
PUP.Optional.CinemaPlus.A, HKU\S-1-5-21-4145080920-3812403697-566172317-1000\SOFTWARE\CinemaPlus-3.2cV12.05-nv, Quarantined, [e4a95a39117966d04107e4072ed5718f], 
PUP.Optional.CinemaPlus.A, HKU\S-1-5-21-4145080920-3812403697-566172317-1000\SOFTWARE\CinemaPlus-3.2cV12.05-nv-ie, Quarantined, [b0dddab95634df571e2ad417f60d31cf], 
PUP.Optional.GeForce.A, HKU\S-1-5-21-4145080920-3812403697-566172317-1000\SOFTWARE\Ge-Force-nv, Quarantined, [2c616b28f9910432795786dd0df81de3], 
PUP.Optional.GeForce.A, HKU\S-1-5-21-4145080920-3812403697-566172317-1000\SOFTWARE\Ge-Force-nv-ie, Quarantined, [9af3d7bcc6c4132321afaab91ce945bb], 
PUP.Optional.Dregol.A, HKU\S-1-5-21-4145080920-3812403697-566172317-1000\SOFTWARE\run_dregol, Quarantined, [2a63147fcfbbca6ca41c10c98a795da3], 
PUP.Optional.Dregol.A, HKU\S-1-5-21-4145080920-3812403697-566172317-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\ihokndmjeombjojnfkmapfnjeghjohim, Quarantined, [fd907023e1a95bdbdce05c7d0bf8a957], 
 
Registry Values: 24
PUP.Optional.CrossBrowse.C, HKLM\SOFTWARE\CLASSES\.HTML\OPENWITHPROGIDS|CRSBRWSHTML, Quarantined, [f19c3360ec9ee452929bd696d43133cd], 
PUP.Optional.CrossBrowse.C, HKLM\SOFTWARE\CLASSES\.HTM\OPENWITHPROGIDS|CRSBRWSHTML, Quarantined, [4f3e3d562763f442c26a1a52dc29c33d], 
PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\CLASSES\APPID\GLOBALUPDATE.EXE|AppID, {3278F5CF-48F3-4253-A6BB-004CE84AF492}, Quarantined, [90fd7a19593173c3ce3fe983ba4be818]
PUP.Optional.CrossBrowse.C, HKLM\SOFTWARE\CLASSES\WOW6432NODE\.HTML\OPENWITHPROGIDS|CRSBRWSHTML, Quarantined, [16774a49ec9e84b2a885d795838222de], 
PUP.Optional.CrossBrowse.C, HKLM\SOFTWARE\CLASSES\WOW6432NODE\.HTM\OPENWITHPROGIDS|CRSBRWSHTML, Quarantined, [c9c4fe95602a90a65bd17eee47be936d], 
PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\GLOBALUPDATE.EXE|AppID, {3278F5CF-48F3-4253-A6BB-004CE84AF492}, Quarantined, [6b22494a0387d16538d5bfad5baab44c]
PUP.Optional.CrossBrowse.C, HKLM\SOFTWARE\REGISTEREDAPPLICATIONS|Crossbrowse, Software\Clients\StartMenuInternet\Crossbrowse\Capabilities, Quarantined, [27668f043b4fc86e4a4193d79b6a1ee2]
PUP.Optional.CrossBrowse.C, HKLM\SOFTWARE\WOW6432NODE\CLASSES\.HTML\OPENWITHPROGIDS|CRSBRWSHTML, Quarantined, [d7b66330e4a6a49273ba09635ca9748c], 
PUP.Optional.CrossBrowse.C, HKLM\SOFTWARE\WOW6432NODE\CLASSES\.HTM\OPENWITHPROGIDS|CRSBRWSHTML, Quarantined, [533a5142d6b4ef47db5176f6e91c49b7], 
PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\GLOBALUPDATE.EXE|AppID, {3278F5CF-48F3-4253-A6BB-004CE84AF492}, Quarantined, [236a464d721882b479942646bf464db3]
PUP.Optional.Dregol.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\Run_Dregol\\, Quarantined, [c4c9f59e2d5da98dc20f795bbf4449b7]
PUP.Optional.GamesDesktop.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|gmsd_us_558, Quarantined, [ff8ec0d3e2a8a19577c449a0f70c926e], 
PUP.Optional.GamesDesktop.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|gmsd_us_574, Quarantined, [7c115043d9b156e0b9820edbe02344bc], 
PUP.Optional.GamesDesktop.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|gmsd_us_583, Quarantined, [7c1195fe1575f73fbb806386897ae41c], 
PUP.Optional.CrossBrowse.C, HKLM\SOFTWARE\WOW6432NODE\REGISTEREDAPPLICATIONS|Crossbrowse, Software\Clients\StartMenuInternet\Crossbrowse\Capabilities, Quarantined, [e2ab058eb4d613234348a6c4fb0aaa56]
PUP.Optional.Vitruvian.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\insvc_1.10.0.14|ImagePath, "C:\Program Files (x86)\Infonaut_1.10.0.14\Service\insvc.exe", Quarantined, [4f3e0e85a7e339fdf14a96d6ad58e020]
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\dopokyzu|ImagePath, C:\Users\With\AppData\Local\03000200-1431458587-0500-0006-000700080009\snsd65B7.tmp, Quarantined, [e0ad543f593131054192d194a065e61a]
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\fugewybu|ImagePath, C:\Users\With\AppData\Roaming\03000200-1431472796-0500-0006-000700080009\nsyB3F5.tmp, Quarantined, [6a23474ce3a795a15a78b1b458adc040]
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\qozyzuwu|ImagePath, C:\Users\With\AppData\Roaming\03000200-1431472796-0500-0006-000700080009\jnshA43A.tmp, Quarantined, [95f8751ebcce51e532a17aebb154ff01]
PUP.Optional.SpeeDial.A, HKU\S-1-5-21-4145080920-3812403697-566172317-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{c9ab6446-7efc-47fe-966c-dc54324eff9f}|URL, http://speedial.com/results.php?f=4&q={searchTerms}&a=spd_ir_14_25_ff&cd=2XzuyEtN2Y1L1Qzu0B0CyD0F0FyE0DtB0F0B0CyBzyzzyB0DtN0D0Tzu0SzytDtAtN1L2XzutBtFtBtCtFzytFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0C0BtAyC0Czy0CtGtCzz0C0BtGyB0CzztCtGtCtAtCyDtGyDtC0DyD0F0EyCtC0E0E0Dzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtDzzyD0F0D0AtDtG0EyE0EtCtGyD0E0EyDtG0EyB0EtCtGyByB0CtAtC0BzyyCtCtAzz0B2Q&cr=705253262&ir=, Quarantined, [701d484b4d3d06301e257ceab550966a]
PUP.Optional.SpeeDial.A, HKU\S-1-5-21-4145080920-3812403697-566172317-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{c9ab6446-7efc-47fe-966c-dc54324eff9f}|TopResultURLFallback, http://speedial.com/results.php?f=4&q={searchTerms}&a=spd_ir_14_25_ff&cd=2XzuyEtN2Y1L1Qzu0B0CyD0F0FyE0DtB0F0B0CyBzyzzyB0DtN0D0Tzu0SzytDtAtN1L2XzutBtFtBtCtFzytFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0C0BtAyC0Czy0CtGtCzz0C0BtGyB0CzztCtGtCtAtCyDtGyDtC0DyD0F0EyCtC0E0E0Dzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtDzzyD0F0D0AtDtG0EyE0EtCtGyD0E0EyDtG0EyB0EtCtGyByB0CtAtC0BzyyCtCtAzz0B2Q&cr=705253262&ir=, Quarantined, [3954811266243df9f1524a1c8b7a7c84]
PUP.Optional.SpeeDial.A, HKU\S-1-5-21-4145080920-3812403697-566172317-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{c9ab6446-7efc-47fe-966c-dc54324eff9f}|FaviconPath, C:\Program Files (x86)\Speedial\1.8.29.15\FavIcon.ico, Quarantined, [aae3306348425bdb53f07aec8085768a]
PUP.Optional.SpeeDial.A, HKU\S-1-5-21-4145080920-3812403697-566172317-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{c9ab6446-7efc-47fe-966c-dc54324eff9f}, Speedial, Quarantined, [14799bf8107adf570c372f37e421db25]
PUP.Optional.SpeeDial.A, HKU\S-1-5-21-4145080920-3812403697-566172317-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{c9ab6446-7efc-47fe-966c-dc54324eff9f}|DisplayName, Speedial, Quarantined, [8607781beaa0f343db68165050b5e41c]
 
Registry Data: 0
(No malicious items detected)
 
Folders: 122
PUP.Optional.WebBar.A, C:\Windows\System32\config\systemprofile\AppData\Local\WebBar, Quarantined, [b7d6573ce8a26ec8c1550dc98e7503fd], 
PUP.Optional.MultiPlug.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\182, Quarantined, [28655c3761292412340e392e4abba45c], 
PUP.Optional.MultiPlug.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced, Quarantined, [28655c3761292412340e392e4abba45c], 
PUP.Optional.MultiPlug.A, C:\Users\With\AppData\Local\03000200-1431458587-0500-0006-000700080009, Delete-on-Reboot, [4b420f8406846fc784c57ee97a8bc63a], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\skin, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\api, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\core, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\defaults, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\defaults\preferences, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\userCode, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\locale, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\locale\en-US, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\skin, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\api, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\core, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\defaults, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\defaults\preferences, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\userCode, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\locale, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\locale\en-US, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
Rogue.Multiple, C:\ProgramData\3872871776, Quarantined, [602dbbd8b9d11224f3859ef40cf7a15f], 
PUP.Optional.GlobalUpdate.A, C:\Users\With\AppData\Local\Temp\comh.179649, Quarantined, [305da8eb32588aac6c0a5165b44f867a], 
PUP.Optional.GlobalUpdate.A, C:\Users\With\AppData\Local\Temp\comh.71792, Quarantined, [315cc6cddab07bbb31459d194ab9ae52], 
PUP.Optional.ConsumerInput.A, C:\Program Files (x86)\Setup Support for Consumer Input, Quarantined, [cfbeddb63357e056e9c80ac43ec58d73], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Roaming\Run_dregol, Quarantined, [5a33f89b7119f640b453b11f9b687090], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Roaming\Run_dregol\UpdateProc, Quarantined, [5a33f89b7119f640b453b11f9b687090], 
PUP.Optional.Dregol.A, C:\Program Files (x86)\Run_Dregol, Quarantined, [97f661324e3cc76f4cbc97398f749c64], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\facebook, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\facebook\images, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\facebook\images\carousel, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\facebook\images\carousel\screenshots, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\data, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\blackfriday, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\weather, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\weather\images, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\css, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\about, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\apps, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\clean, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\discovery, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\favorites, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\ftue, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\icons, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\icons\pageAction, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\image-upload, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\loaders, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\notifications, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\phone, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\review-gifs, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\review-gifs\cat, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\search, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\binki, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\bubbles, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\buttons, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\city, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\clean, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\deizy, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\disco, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\fishing, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\forest, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\ironDudes, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\layla, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\littleDeizy, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\mountains, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\mykonos, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\planets, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\robot, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\sea, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\space, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\stikeez, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\strips, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\sunset, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\tzipi, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\user, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\js, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\lib, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\locales, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\_locales, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\_locales\ar, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\_locales\de, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\_locales\en, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\_locales\es, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\_locales\fr, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\_locales\he, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\_locales\it, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\_locales\ja, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\_locales\nl, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\_locales\pl, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\_locales\pt_BR, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\_locales\ru, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\_locales\tr, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\_metadata, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.ShopperPro.A, C:\Users\Public\Documents\ShopperPro, Quarantined, [55388e05e7a3a591cadb963aae55d32d], 
PUP.Optional.ShopperPro.A, C:\Users\Public\Documents\ShopperPro\JsDriver, Quarantined, [55388e05e7a3a591cadb963aae55d32d], 
PUP.Optional.EduApp.A, C:\Program Files (x86)\Edu App, Quarantined, [830a583b3d4d91a5d33301d09f64a858], 
PUP.Optional.EduApp.A, C:\Users\With\AppData\Local\Temp\Edu App, Quarantined, [ef9e94ffbbcf2115a4639f3229da1de3], 
PUP.Optional.SearchModule.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlcgehabolcakkjhgmgpkagpolbjlhfa, Quarantined, [c6c7f49fd1b91620ee2db61da95aac54], 
PUP.Optional.SearchModule.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlcgehabolcakkjhgmgpkagpolbjlhfa\1.5_0, Quarantined, [c6c7f49fd1b91620ee2db61da95aac54], 
PUP.Optional.SearchModule.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlcgehabolcakkjhgmgpkagpolbjlhfa\1.5_0\newtab, Quarantined, [c6c7f49fd1b91620ee2db61da95aac54], 
PUP.Optional.SearchModule.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlcgehabolcakkjhgmgpkagpolbjlhfa\1.5_0\newtab\js, Quarantined, [c6c7f49fd1b91620ee2db61da95aac54], 
PUP.Optional.SearchModule.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlcgehabolcakkjhgmgpkagpolbjlhfa\1.5_0\_metadata, Quarantined, [c6c7f49fd1b91620ee2db61da95aac54], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance, Delete-on-Reboot, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer, Delete-on-Reboot, [9bf20192d6b4f14544718c47a45fc937], 
 
Files: 897
PUP.Optional.Infonaut.A, C:\WINDOWS\SYSTEM32\drivers\innfd_1_10_0_14.sys, Delete-on-Reboot, [9a3a331881a112551748860edd857a26], 
PUP.Optional.WebTInst.A, C:\Windows\System32\drivers\Msft_Kernel_webTinstMKTN84_01009.Wdf, Delete-on-Reboot, , 
PUP.Optional.JellySplit.Gen.A, C:\ProgramData\cb7ea4a0b01f4c88a9315fc70a3584f8\cb7ea4a0b01f4c88a9315fc70a3584f8.exe, Quarantined, [6726177c5337dc5a28e50039e220a759], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\F46tQTi5u8je.exe, Quarantined, [632a2b684a4038fefb452d20b44e8a76], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\ST5oNoWE90BVieXe.exe, Quarantined, [eca1b6dda1e98aac403a85d27d83b54b], 
PUP.Optional.Nova.A, C:\Program Files (x86)\3223e5b9-cdd3-4754-916f-8a7b31fab8a8\9ff6f930-3490-4b9b-ad27-b03fe73c93d2.dll, Quarantined, [0b82d5beeaa0c86ebb03020f6c9650b0], 
PUP.Optional.CrossRider.A, C:\Program Files (x86)\86583d2e-7ff4-4b9c-83ad-6b374a1be126\4cda47ad-bd15-4a2d-aafe-a7f13abbf1f7.dll, Quarantined, [6d20573cf199c27489114a0efe08d22e], 
PUP.Optional.Nova.A, C:\Program Files (x86)\86583d2e-7ff4-4b9c-83ad-6b374a1be126\7c3f83a9-5620-49fc-bf02-14c97a3fdca3.dll, Quarantined, [533af3a024667db9d9e551c0c939629e], 
PUP.Optional.Nova.A, C:\Program Files (x86)\Add to Wish List\b83f7db2-8328-4901-b005-92545cc8296f.dll, Quarantined, [fc91fc97a0eadc5a9d218091837fe21e], 
PUP.Optional.Nova.A, C:\Program Files (x86)\Adobe\66c3b775-7622-4146-a654-38874f48e05c.dll, Quarantined, [8ffe474c3a50fa3cc9f52be6d03246ba], 
PUP.Optional.CrossRider.A, C:\Program Files (x86)\Adobe\86583d2e-7ff4-4b9c-83ad-6b374a1be126.dll, Quarantined, [94f9b9da6e1cb97db3e706523bcba060], 
PUP.Optional.SpywareClear, C:\Program Files (x86)\OpenSoftwareUpdater\spyclear2.exe, Quarantined, [d1bc593a04862e08bc2755e0976bff01], 
PUP.Optional.Dregol.C, C:\Program Files (x86)\Run_Dregol\uninstall.exe, Quarantined, [711c177cf397b1852872e2751aecbe42], 
PUP.Optional.CrossRider.A, C:\$Recycle.Bin\S-1-5-21-4145080920-3812403697-566172317-1000\$R8DBMWR.exe, Quarantined, [6f1e6e259cee16204670aca34bbb867a], 
PUP.Optional.GeForce.A, C:\$Recycle.Bin\S-1-5-21-4145080920-3812403697-566172317-1000\$R9YXI2B.exe, Quarantined, [206d3a599dedc571910c88b56f93e11f], 
PUP.Optional.Crossbrowse.C, C:\$Recycle.Bin\S-1-5-21-4145080920-3812403697-566172317-1000\$RNDAUOX.exe, Quarantined, [395461321d6da98d8b395ff89a6cdb25], 
PUP.Optional.GeForce.A, C:\$Recycle.Bin\S-1-5-21-4145080920-3812403697-566172317-1000\$RHIWCD2.exe, Quarantined, [c7c6266d008aeb4beab360dd37cbab55], 
PUP.Optional.CrossRider.A, C:\$Recycle.Bin\S-1-5-21-4145080920-3812403697-566172317-1000\$RS5ATU9.exe, Quarantined, [5538d8bb0189b87e46709eb1fb0b20e0], 
PUP.Optional.SmartWeb.A, C:\$Recycle.Bin\S-1-5-21-4145080920-3812403697-566172317-1000\$RSEE275.exe, Quarantined, [eda09300ee9c2c0a79a2ca3923dfe020], 
PUP.Optional.CrossRider.A, C:\$Recycle.Bin\S-1-5-21-4145080920-3812403697-566172317-1000\$RTIXIYZ.exe, Quarantined, [7419246f6129b87e504ae672ee1809f7], 
PUP.Optional.Crossbrowse.C, C:\$Recycle.Bin\S-1-5-21-4145080920-3812403697-566172317-1000\$RUMBS9Z.dll, Quarantined, [325b197a1f6bb482a024abacbd49fc04], 
PUP.Optional.CrossRider.A, C:\$Recycle.Bin\S-1-5-21-4145080920-3812403697-566172317-1000\$R2B771V.exe, Quarantined, [4548d7bc1377a393872f8dc2ae5844bc], 
PUP.Optional.GeForce.A, C:\$Recycle.Bin\S-1-5-21-4145080920-3812403697-566172317-1000\$R3H5JAI.exe, Quarantined, [9eef02917f0b2214d6c750ed7a88b749], 
PUP.Optional.CrossBrowse, C:\$Recycle.Bin\S-1-5-21-4145080920-3812403697-566172317-1000\$RX2WAUA.exe, Quarantined, [820b3063f8926ec8936babaa639f16ea], 
PUP.Optional.CrossRider.A, C:\$Recycle.Bin\S-1-5-21-4145080920-3812403697-566172317-1000\$RYJA51R.exe, Quarantined, [fe8f385be3a793a3b9fd173811f536ca], 
PUP.Optional.CrossRider.A, C:\$Recycle.Bin\S-1-5-21-4145080920-3812403697-566172317-1000\$RZ5Y786.exe, Quarantined, [b1dc3162eb9f5bdbecca8dc256b0c23e], 
PUP.Optional.Nova.A, C:\$Recycle.Bin\S-1-5-21-4145080920-3812403697-566172317-1000\$RZJAQNP.dll, Quarantined, [b9d49ff4b5d50531f3cbae6358aa46ba], 
PUP.Optional.CrossRider.A, C:\$Recycle.Bin\S-1-5-21-4145080920-3812403697-566172317-1000\$RPFZ6W3.exe, Quarantined, [8c01bfd47b0fe5516b4bbf90000655ab], 
PUP.Optional.CrossRider.A, C:\$Recycle.Bin\S-1-5-21-4145080920-3812403697-566172317-1000\$RPYT5ZV.dll, Quarantined, [b6d7f2a1b4d60c2a27736eea46c0e11f], 
PUP.Optional.Crossbrowse.C, C:\$Recycle.Bin\S-1-5-21-4145080920-3812403697-566172317-1000\$RQDQBJC.exe, Quarantined, [424b2b686228ef47faca1b3c0303857b], 
PUP.Optional.GeForce.A, C:\$Recycle.Bin\S-1-5-21-4145080920-3812403697-566172317-1000\$RQVJE5I.exe, Quarantined, [4944bed5f892e74fb4e9f24b1ae8659b], 
PUP.Optional.CrossRider.A, C:\$Recycle.Bin\S-1-5-21-4145080920-3812403697-566172317-1000\$RR64UA8.exe, Quarantined, [1d7095fe8ffb8aac5f5749066d993fc1], 
PUP.Optional.CrossRider.A, C:\$Recycle.Bin\S-1-5-21-4145080920-3812403697-566172317-1000\$R76EHYP.exe, Quarantined, [5e2f355e2862aa8cdcda044bb650bd43], 
PUP.Optional.GeForce.A, C:\$Recycle.Bin\S-1-5-21-4145080920-3812403697-566172317-1000\$RDPXLUV.exe, Quarantined, [3e4ff69d75151a1ca1fc6dd07a88e818], 
PUP.Optional.Nova.A, C:\$Recycle.Bin\S-1-5-21-4145080920-3812403697-566172317-1000\$RE6NH9S.dll, Quarantined, [84097c17cfbbbc7a7e408988a95952ae], 
PUP.Optional.Crossbrowse.C, C:\$Recycle.Bin\S-1-5-21-4145080920-3812403697-566172317-1000\$REBO8V7.exe, Quarantined, [3e4fc2d18505ec4ae5df91c626e0956b], 
PUP.Optional.GeForce.A, C:\$Recycle.Bin\S-1-5-21-4145080920-3812403697-566172317-1000\$RELEWIP.exe, Quarantined, [c1cc53402e5c2e086d3074c93bc751af], 
FraudTool.YAC, C:\$Recycle.Bin\S-1-5-21-4145080920-3812403697-566172317-1000\$RHSLR1K.exe, Quarantined, [7d108b08bad01e188494b2869f63fc04], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Local\Temp\3685.exe, Quarantined, [e7a68f04711913237145470817ef5da3], 
PUP.Optional.CrossBrowse, C:\Users\With\AppData\Local\Temp\6922.exe, Quarantined, [8409f1a2f793dd5947b730256c965da3], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Local\Temp\8135.exe, Quarantined, [fd9093008307f24433837bd4e91df40c], 
PUP.Optional.CrossBrowse, C:\Users\With\AppData\Local\Temp\8153.exe, Quarantined, [7c116b28c3c775c120de9fb648ba34cc], 
PUP.Optional.Goobzo, C:\Users\With\AppData\Local\Temp\tu17p84.exe, Quarantined, [90fdbdd62961f0461c234315ba4c07f9], 
PUP.Optional.OfferInstaller.C, C:\Users\With\AppData\Local\Temp\mVOA469.exe, Quarantined, [2d604b48bbcffe3891f5142820e25aa6], 
Trojan.Downloader, C:\Users\With\AppData\Local\Temp\nsp2839.tmp, Quarantined, [d0bdb5de98f22016d02549fbe51ee61a], 
PUP.Optional.Bundle, C:\Users\With\AppData\Local\Temp\nsp283A.tmp, Quarantined, [afde6a2951394beb4ae80604d92dec14], 
PUP.Optional.Imali.SID.A, C:\Users\With\AppData\Local\Temp\nsv9E93.tmp, Quarantined, [c1cce2b1a3e777bfc7402b2d6f97d12f], 
PUP.Optional.ModGoog, C:\Users\With\AppData\Local\Temp\comh.179649\globalupdate.exe, Quarantined, [5d30118298f20234b79c004925dd29d7], 
PUP.Optional.ModGoog, C:\Users\With\AppData\Local\Temp\comh.179649\globalupdateBroker.exe, Quarantined, [7914029125658ea89bb8f554ac563fc1], 
PUP.Optional.ModGoog, C:\Users\With\AppData\Local\Temp\comh.179649\globalupdateCrashHandler.exe, Quarantined, [5e2f197a1377ea4c341fc584c33fd828], 
PUP.Optional.ModGoog, C:\Users\With\AppData\Local\Temp\comh.179649\globalupdateOnDemand.exe, Quarantined, [523b4c47ff8b60d669ea7ccde41e59a7], 
PUP.Optional.ModGoog, C:\Users\With\AppData\Local\Temp\comh.179649\goopdate.dll, Quarantined, [4449157eef9b94a2e46f6adf9072639d], 
PUP.Optional.ModGoog, C:\Users\With\AppData\Local\Temp\comh.179649\goopdateres_en.dll, Quarantined, [1875e1b25c2e89ad6ce78abf29d96a96], 
PUP.Optional.ModGoog, C:\Users\With\AppData\Local\Temp\comh.179649\npglobalupdateUpdate4.dll, Quarantined, [5f2e5d369cee3006d87b1a2f7191b44c], 
PUP.Optional.ModGoog, C:\Users\With\AppData\Local\Temp\comh.179649\psmachine.dll, Quarantined, [a1ecdeb5107a2c0a85ceee5b669c22de], 
PUP.Optional.ModGoog, C:\Users\With\AppData\Local\Temp\comh.179649\psuser.dll, Quarantined, [d3ba326176145fd7e07377d2a35f09f7], 
PUP.Optional.ModGoog, C:\Users\With\AppData\Local\Temp\comh.71792\globalupdate.exe, Quarantined, [b0dd840fddad7abc5af9f65304fe32ce], 
PUP.Optional.ModGoog, C:\Users\With\AppData\Local\Temp\comh.71792\globalupdateBroker.exe, Quarantined, [c5c86f246f1b64d20152c683c33fdc24], 
PUP.Optional.ModGoog, C:\Users\With\AppData\Local\Temp\comh.71792\globalupdateCrashHandler.exe, Quarantined, [e3aa1b7898f2cc6a0d465fead62c738d], 
PUP.Optional.ModGoog, C:\Users\With\AppData\Local\Temp\comh.71792\globalupdateOnDemand.exe, Quarantined, [18759bf8dcae85b1e66d3f0a39c932ce], 
PUP.Optional.ModGoog, C:\Users\With\AppData\Local\Temp\comh.71792\goopdate.dll, Quarantined, [95f8bcd70f7bcc6a153ef950bc46e020], 
PUP.Optional.ModGoog, C:\Users\With\AppData\Local\Temp\comh.71792\goopdateres_en.dll, Quarantined, [6825ace77a10ca6c82d1ba8f03ff07f9], 
PUP.Optional.ModGoog, C:\Users\With\AppData\Local\Temp\comh.71792\npglobalupdateUpdate4.dll, Quarantined, [0e7feaa99cee6dc9e370dc6d05fd669a], 
PUP.Optional.ModGoog, C:\Users\With\AppData\Local\Temp\comh.71792\psmachine.dll, Quarantined, [95f8a5ee662477bf9fb46fda7290f30d], 
PUP.Optional.ModGoog, C:\Users\With\AppData\Local\Temp\comh.71792\psuser.dll, Quarantined, [a8e5f0a35c2eca6c54ff89c0c63c7d83], 
PUP.Optional.GeForce.A, C:\Users\With\AppData\Local\Temp\Install_12431\ins_geforce.exe, Quarantined, [9cf1dcb7e6a4e84e405df04db84a2ed2], 
PUP.Optional.Goobzo, C:\Users\With\AppData\Local\Temp\Install_3560\ins_ytd.exe, Quarantined, [a8e5e6ad18722c0a4af5a5b33ec8a35d], 
PUP.Optional.Taplika, C:\Users\With\AppData\Local\Temp\is-4O6TO.tmp\150.exe, Quarantined, [7f0ecbc863278fa7c6c7bbbcc040e31d], 
PUP.Optional.SpeedItUp.A, C:\Users\With\AppData\Local\Temp\is-4O6TO.tmp\package_speeditup_installer_multilang.exe, Quarantined, [4c41b9da5436e15516c989cefc0aba46], 
PUP.Optional.ChartChoosing.A, C:\Users\With\AppData\Local\Temp\is-4O6TO.tmp\package_chartchoosing_installer_multilang.exe, Quarantined, [1875167dbfcb201612c597c02ed84eb2], 
PUP.Optional.CubepileShopperz.A, C:\Users\With\AppData\Local\Temp\is-4O6TO.tmp\package_CubepileShopperz_installer_multilang.exe, Quarantined, [2e5fe7acadddbe785187f76031d5ce32], 
PUP.Optional.Taplika, C:\Users\With\AppData\Local\Temp\is-BAKLP.tmp\150.exe, Quarantined, [404daae9464470c6810c6215e21e42be], 
PUP.Optional.SpeedItUp.A, C:\Users\With\AppData\Local\Temp\is-BAKLP.tmp\package_speeditup_installer_multilang.exe, Quarantined, [cac3f49fe1a9df579b44ec6bcf37aa56], 
PUP.Optional.ChartChoosing.A, C:\Users\With\AppData\Local\Temp\is-BAKLP.tmp\package_chartchoosing_installer_multilang.exe, Quarantined, [008d395a850596a0ebec510638cef709], 
PUP.Optional.CubepileShopperz.A, C:\Users\With\AppData\Local\Temp\is-BAKLP.tmp\package_CubepileShopperz_installer_multilang.exe, Quarantined, [b0dd5d36d2b84fe7d9ffd97ebf4720e0], 
PUP.Optional.Tuto4PC.A, C:\Users\With\AppData\Local\Temp\is-CURAN.tmp\gentlemjmp_ieeuu.exe, Quarantined, [5835157ec3c7261053cd3721dc2ade22], 
PUP.Optional.Tuto4PC.A, C:\Users\With\AppData\Local\Temp\is-DREV4.tmp\gentlemjmp_ieeuu.exe, Quarantined, [a2ebfc97bccede5843ddbe9acb3bf010], 
PUP.Optional.Taplika, C:\Users\With\AppData\Local\Temp\is-GRGVT.tmp\150.exe, Quarantined, [434a0192d6b4e452246930477789758b], 
PUP.Optional.SpeedItUp.A, C:\Users\With\AppData\Local\Temp\is-GRGVT.tmp\package_speeditup_installer_multilang.exe, Quarantined, [e5a84e459dedd36329b67dda679fbd43], 
PUP.Optional.ChartChoosing.A, C:\Users\With\AppData\Local\Temp\is-GRGVT.tmp\package_chartchoosing_installer_multilang.exe, Quarantined, [3c51aae96c1e71c503d4e86fde288e72], 
PUP.Optional.CubepileShopperz.A, C:\Users\With\AppData\Local\Temp\is-GRGVT.tmp\package_CubepileShopperz_installer_multilang.exe, Quarantined, [36578211a6e478be86524d0a49bd4bb5], 
PUP.Optional.Tuto4PC.A, C:\Users\With\AppData\Local\Temp\is-HGS1I.tmp\TUTOBUN.exe, Quarantined, [6429256ea3e73006a67a79df31d52fd1], 
PUP.Optional.Tuto4PC.A, C:\Users\With\AppData\Local\Temp\is-LAHNO.tmp\gentlemjmp_ieeuu.exe, Quarantined, [127b02912a6090a6fb25b4a4a165d927], 
PUP.Optional.Tuto4PC.A, C:\Users\With\AppData\Local\Temp\is-LMHFG.tmp\gentlemjmp_ieeuu.exe, Quarantined, [a1ec4b487515d85e839dea6e60a628d8], 
PUP.Optional.Taplika, C:\Users\With\AppData\Local\Temp\is-OQF70.tmp\150.exe, Quarantined, [b9d4128101892a0cdfae591e8f71ac54], 
PUP.Optional.ChartChoosing.A, C:\Users\With\AppData\Local\Temp\is-OQF70.tmp\package_chartchoosing_installer_multilang.exe, Quarantined, [66278d0694f668ceb720f56214f224dc], 
PUP.Optional.CubepileShopperz.A, C:\Users\With\AppData\Local\Temp\is-OQF70.tmp\package_CubepileShopperz_installer_multilang.exe, Quarantined, [ccc1c8cb3b4f0135f4e4c5928383f808], 
PUP.Optional.SpeedItUp.A, C:\Users\With\AppData\Local\Temp\is-OQF70.tmp\package_speeditup_installer_multilang.exe, Quarantined, [721b276c7c0e96a00cd34c0b0bfb13ed], 
PUP.Adware.Agent, C:\Users\With\AppData\Local\Temp\nsb91D4.tmp\Offer5.zip, Quarantined, [7e0f41527d0d1e18506b4c6a5aa6748c], 
PUP.Adware.Agent, C:\Users\With\AppData\Local\Temp\nsb91D4.tmp\HTMLTester2.exe, Quarantined, [cdc0fc97eb9f3ff7c0fb11a530d041bf], 
PUP.Optional.SpeedBit, C:\Users\With\AppData\Local\Installer\Installgeforce_4629\DCytdkietut_tutdk_setup.exe, Quarantined, [7f0e23705c2ed066cb7aa5a938ca32ce], 
PUP.Optional.SpeedBit, C:\Users\With\AppData\Local\Installer\Installshopperpro_23951\DCytdkietut_tutdk_setup.exe, Quarantined, [2f5ee5ae0c7e38fe192c7ed06f939f61], 
PUP.Optional.SpeedBit, C:\Users\With\AppData\Local\Installer\Install_17228\DCytdkietut_tutdk_setup.exe, Quarantined, [038ae8ab57335ed8de67b89616ec45bb], 
PUP.Optional.SpeedBit, C:\Users\With\AppData\Local\Installer\Install_18660\DCytdkietut_tutdk_setup.exe, Quarantined, [5934484bc1c90432ba8b5df13dc59a66], 
PUP.Optional.SpeedBit, C:\Users\With\AppData\Local\Installer\Install_20396\DCytdkietut_tutdk_setup.exe, Quarantined, [038ab6ddb6d48ea8c283f35b7290c63a], 
PUP.Optional.SpeedBit, C:\Users\With\AppData\Local\Installer\Install_26528\DCytdkietut_tutdk_setup.exe, Quarantined, [4c412a69f397ce68c0858bc3669c4db3], 
PUP.Optional.SpeedBit, C:\Users\With\AppData\Local\Installer\Install_4787\DCytdkietut_tutdk_setup.exe, Quarantined, [b8d513807317b77f47fe90be44beed13], 
PUP.Optional.SpeedBit, C:\Users\With\AppData\Local\Installer\Install_9164\DCytdkietut_tutdk_setup.exe, Quarantined, [66274f447f0b54e23114f05e3dc501ff], 
PUP.Optional.PricePeep.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.pricepeep00.pricepeep.net_0.localstorage, Quarantined, [c3ca048f2c5e45f1ea50a92b8e755ca4], 
PUP.Optional.PricePeep.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.pricepeep00.pricepeep.net_0.localstorage-journal, Quarantined, [cebfa2f12169171fc377874d2dd64db3], 
PUP.Optional.Dregol.C, C:\Users\With\AppData\LocalLow\Microsoft\Internet Explorer\Services\Run_Dregol.ico, Quarantined, [fd90751ea7e37bbb57709b39f50efa06], 
PUP.Optional.Dregol.C, C:\Users\With\AppData\Local\Chromium\Application\Dregol.ico, Quarantined, [3a53a5ee8ffb6fc77d53874d59aa3fc1], 
PUP.Optional.Dregol.C, C:\Users\With\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Dregol (2).lnk, Quarantined, [e2ab850e1f6b1a1c1072dcf9e221649c], 
PUP.Optional.Dregol.C, C:\Users\With\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Dregol.lnk, Quarantined, [503d6e255e2cf93d4042597c32d1f709], 
PUP.Optional.Dregol.C, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ihokndmjeombjojnfkmapfnjeghjohim_0.localstorage, Quarantined, [d3bad9ba5535c2746431f5e07c87867a], 
PUP.Optional.WebBar.A, C:\Windows\System32\config\systemprofile\AppData\Local\WebBar\wb.log, Quarantined, [b7d6573ce8a26ec8c1550dc98e7503fd], 
PUP.Optional.Dregol.A, C:\Windows\System32\Tasks\Dregol sidi, Quarantined, [0489860df892be7845789148669d8b75], 
PUP.Optional.Dregol.A, C:\Windows\System32\Tasks\Run_dregol, Quarantined, [65283c57a8e27abce2db984162a133cd], 
PUP.Optional.Dregol.A, C:\Windows\Tasks\Run_dregol.job, Quarantined, [84098b080d7d2115e5d9d108ce35f50b], 
PUP.Optional.ShopperPro.A, C:\Windows\System32\Tasks\SPBIW_UpdateTask_Time_313735383037363438392d3437415a556c2a3223346c41, Quarantined, [bbd28310355550e6f97237aa956e58a8], 
PUP.Optional.BoostSaves.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.boostsaves.com_0.localstorage, Quarantined, [0687d3c00d7dd75fe854ad3b1be858a8], 
PUP.Optional.BoostSaves.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.boostsaves.com_0.localstorage-journal, Quarantined, [c6c77e15375363d3013b7375030045bb], 
PUP.Optional.Goobzo, C:\Windows\System32\Tasks\SMW_UpdateTask_Time_313735383037363438392d3437415a556c2a3223346c41, Quarantined, [a0eddab92b5fc6701fe6718843c0b050], 
PUP.Optional.SelectNGo.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.select-n-go00.select-n-go.com_0.localstorage, Quarantined, [404da4efe2a82115bb225baf03019d63], 
PUP.Optional.SelectNGo.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.select-n-go00.select-n-go.com_0.localstorage-journal, Quarantined, [6726385b7a108babb8252ae00afaf30d], 
PUP.Optional.Vitruvian.A, C:\Users\With\AppData\Local\Temp\vitruvian-installer-hardwareprofile-v0001, Quarantined, [58352c6762281422c07f77e98481b44c], 
PUP.Optional.Vitruvian.A, C:\Users\With\AppData\Local\Temp\vitruvian-installer-install-v0003, Quarantined, [bad392015a3037ff67d8aab6c63f24dc], 
PUP.Optional.Vitruvian.A, C:\Users\With\AppData\Local\Temp\vitruvian-installer-processes-v0002, Quarantined, [4f3edfb41377db5b77c8f26e8f76a25e], 
PUP.Optional.Vitruvian.A, C:\Users\With\AppData\Local\Temp\vitruvian-installer-scheduledtasks-v0001, Quarantined, [5b32bbd823670a2ce55ad48c7c89ae52], 
PUP.Optional.ReMarkable.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage, Quarantined, [325b593a7e0c0d294224e97dea1b46ba], 
PUP.Optional.MultiPlug.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\182\lsdb.js, Quarantined, [28655c3761292412340e392e4abba45c], 
PUP.Optional.MultiPlug.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\182\background.html, Quarantined, [28655c3761292412340e392e4abba45c], 
PUP.Optional.MultiPlug.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\182\content.js, Quarantined, [28655c3761292412340e392e4abba45c], 
PUP.Optional.MultiPlug.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\182\manifest.json, Quarantined, [28655c3761292412340e392e4abba45c], 
PUP.Optional.MultiPlug.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\182\NLNdI.js, Quarantined, [28655c3761292412340e392e4abba45c], 
PUP.Optional.MultiPlug.A, C:\Users\With\AppData\Local\03000200-1431458587-0500-0006-000700080009\onsd65B9.tmp, Quarantined, [4b420f8406846fc784c57ee97a8bc63a], 
PUP.Optional.MultiPlug.A, C:\Users\With\AppData\Local\03000200-1431458587-0500-0006-000700080009\pnsi65D9.exe, Quarantined, [4b420f8406846fc784c57ee97a8bc63a], 
PUP.Optional.MultiPlug.A, C:\Users\With\AppData\Local\03000200-1431458587-0500-0006-000700080009\rnsd65B8.exe, Quarantined, [4b420f8406846fc784c57ee97a8bc63a], 
PUP.Optional.MultiPlug.A, C:\Users\With\AppData\Local\03000200-1431458587-0500-0006-000700080009\snsd65B7.tmp, Delete-on-Reboot, [4b420f8406846fc784c57ee97a8bc63a], 
PUP.Optional.MultiPlug.A, C:\Users\With\AppData\Local\03000200-1431458587-0500-0006-000700080009\Uninstall.exe, Quarantined, [4b420f8406846fc784c57ee97a8bc63a], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\skin\crossrider_statusbar.png, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\skin\button1.png, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\skin\button2.png, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\skin\button3.png, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\skin\button4.png, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\skin\button5.png, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\skin\icon128.png, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\skin\icon16.png, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\skin\icon24.png, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\skin\icon48.png, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\skin\panelarrow-up.png, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\skin\popup.html, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\skin\skin.css, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\skin\update.css, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome.manifest, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\install.rdf, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\0cbedffb85a81a58ec1b06adf0fe18d2.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\614700d213106b297c36ee9d30d7e164.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\93933eece494d42aafe012a1962086ab.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\a77aedd8536c4ffd3fafb275eea91740.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\background.html, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\browser.xul, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\da81b5e6555e597bffc7cc27e2281a8c.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\dialog.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\fd71a4dafd79db3c80c92c60b4980393.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\ffCoreFilesIndex.txt, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\options.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\options.xul, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\search_dialog.xul, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\api\74171e07a0369bbb9c4fbb81744c2789.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\api\0189cc78a696add019e453f95dab98a2.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\api\0947030cc34d4e5d6fa63620ad0d0c10.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\api\12cb53cc62643162b1c504b0ea07718e.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\api\1e00833ec261d981162f266fbac8d44a.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\api\20fb54e26ba91d412b5acb1efd1e5330.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\api\46242188bebe30b3ecf5be36bf4eaa98.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\api\52861625d897a7d5d5ede99bdc4ef965.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\api\5e54146bc4e97a80bca482546f5ddaf4.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\api\805fc353381ac1b547e112a9d02b286f.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\api\958840e6dccc39153b114c8a0868d61b.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\api\b88723ed638007bcd54e27637656d8e8.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\api\dde9adb6a50e13b2b89dfeb91a0c35f8.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\api\ecd3208dfeb687eedc3f14909b7f5e07.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\api\fa56921737211c313e8eab05d0807d49.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\api\fb8dc284144ce2cbdb855951d2c9f9bf.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\core\05eecac56116643731fb6556c29a6e94.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\core\05f30651c22b0328c751d9a2af33c645.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\core\07846040ade82bf6a0090c522b0f5bc7.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\core\0a229768911fa7a8e631f4f102102f39.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\core\125e704135909561ae945ca9a7ca7850.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\core\3e10079fbb8ac55eb8a0efb7cbfdcecc.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\core\487447b750b51c8eaff886c5f85edc5c.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\core\5383cad7530728257a542ba03f4e021d.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\core\7a93b61dd95208a9c9c7e6bc26fc3fb0.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\core\880418c18b3b0836cbd01cf657962085.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\core\a432079e674785721bfbf0b42df04653.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\core\a94ac97f999e86eaa1412ed032559a70.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\core\b4c8a2b00bad5fa561f3274a604220e5.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\core\b758d4bb4cef9f8b036d5827919befd8.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\core\cab8809cd8daec488ee854e9ac5cd8a0.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\core\cc8b1d090c4c7be8f8db10c8f93c5653.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\core\e732f14a0e81b6b0f3063fdde9848a97.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\core\f39859e04e339956b6c4ff5ce92aa13d.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\core\f48fef21a3731bfc1f900588ac864777.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\core\fb2f1102ed56bb85c997bc7c2f14875e.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\chrome\content\core\installer.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\defaults\preferences\prefs.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\manifest.xml, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins.json, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\262.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\102.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\119.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\13.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\14.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\16.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\17.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\178.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\179.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\180.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\184.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\195.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\200.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\220.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\221.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\223.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\231.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\232.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\234.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\242.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\246.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\252.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\253.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\260.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\263.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\273.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\281.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\288.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\289.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\334.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\335.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\339.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\345.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\354.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\356.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\376.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\380.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\385.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\389.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\390.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\391.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\397.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\4.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\47.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\64.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\7.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\78.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\9.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\plugins\91.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\userCode\background.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\extensionData\userCode\extension.js, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com\locale\en-US\translations.dtd, Quarantined, [a4e96e258bff59ddbd94ce99d13413ed], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\skin\crossrider_statusbar.png, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\skin\button1.png, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\skin\button2.png, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\skin\button3.png, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\skin\button4.png, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\skin\button5.png, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\skin\icon128.png, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\skin\icon16.png, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\skin\icon24.png, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\skin\icon48.png, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\skin\panelarrow-up.png, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\skin\popup.html, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\skin\skin.css, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\skin\update.css, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome.manifest, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\install.rdf, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\2aecf9121735558da46543727270b9ae.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\3a682fee1d140f90dc1bd47b2d8c03bb.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\49203ed7dfddd1420024993596c5d802.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\6a71a407e0b29fde6688e8f590db85c3.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\background.html, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\browser.xul, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\dialog.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\e758059cc1308994ef017a3aedfe9ce3.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\ea59f28ba0d6c853af264ebee1c00ee8.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\ffCoreFilesIndex.txt, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\options.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\options.xul, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\search_dialog.xul, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\api\793fd5bcdf4a2abed562b16340166f4b.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\api\03649e92e5721cf041e1e75daeafa334.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\api\1b43cc41976e6149dcdc34d947351aef.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\api\1f389d5c8e63b396e9a74f3e16a4e350.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
 
Post to long Continued

Continued

 

PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\api\32eb720bc4e99c9828e2c5157d464d2c.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\api\338bd1c94b68c26cb6e7ac811d921027.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\api\522e142c3c1d59caeb3df486de20806a.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\api\68ab4d93a90d0836c57412f1eb58ac43.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\api\78eaeae54aa9531ae96b2b2739bcb1d0.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\api\82948df11b6b2e82e7ca86052c395d86.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\api\9373291be7e2c0aef9dff1f3c72c122f.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\api\a5febb71823d7af745559112f156b44f.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\api\bff0360870ec687f8027daf79b014184.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\api\e4d66dfbf9c7f98a94f57f4152a240b3.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\api\e75632297f25c1697f1854fa8f961507.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\api\f9b2c455a825e0a3f3fec77576ae2201.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\core\9a4199f8c94bc5479d99ca80720562bc.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\core\01f08609b55fb9dc5c0b4b2752ebb532.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\core\132fd6967863cf230d2bc7d238a1d77f.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\core\272fb6b6c7d47934226f1813b09e9c64.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\core\2b233e0e2adb009ceb997b7db78eed6b.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\core\2d25a27cb2045e1bdb2370fca050313c.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\core\317741566a2dc21dc9405a19a3dbb028.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\core\34806871daeb92c0018a4a973383689b.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\core\37d750c7a321ff7ee7edc054dc56149d.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\core\55a5059d33b249e4a2b4ed70953f0b66.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\core\645d4e77e4d5ba61ad211ae1822845be.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\core\6bca2545b4f1e3ab6d10521075a1f769.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\core\9d1077f83a1fecf434d1bdabdc0cc47c.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\core\be6bbea518aeb88737ea6ce24be02ed6.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\core\bf569888ee55ddbda2c6253865ed11ca.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\core\c702f218807e41f7df837aa63e271343.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\core\e2776051701c4ce45ae9da75bdc30a8b.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\core\e37dde8426d8bfbfc700fcf4b649b500.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\core\e7359ff6e1f1eaf8ed5ce4fd1d01f5d1.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\core\e7abdd9c36e10a066d6bd9b0e23d1e26.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\chrome\content\core\installer.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\defaults\preferences\prefs.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\manifest.xml, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins.json, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\253.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\1.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\102.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\13.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\14.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\16.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\17.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\177.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\180.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\182.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\183.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\184.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\192.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\193.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\195.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\200.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\207.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\21.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\22.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\220.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\223.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\242.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\246.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\28.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\281.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\288.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\337.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\339.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\345.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\354.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\356.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\376.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\380.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\390.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\391.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\399.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\4.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\47.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\64.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\7.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\72.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\78.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\9.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\91.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\98.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\userCode\background.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\extensionData\userCode\extension.js, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.CrossRider.A, C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com\locale\en-US\translations.dtd, Quarantined, [5b32e5aed6b47eb8ada42047df2655ab], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\InternetEnhancerService.exe, Delete-on-Reboot, [028b95fe434777bf2ed096d663a2a55b], 
Rogue.Multiple, C:\ProgramData\3872871776\BIT5BBE.tmp, Quarantined, [602dbbd8b9d11224f3859ef40cf7a15f], 
PUP.Optional.GlobalUpdate.A, C:\Users\With\AppData\Local\Temp\comh.179649\globalupdateHelper.msi, Quarantined, [305da8eb32588aac6c0a5165b44f867a], 
PUP.Optional.GlobalUpdate.A, C:\Users\With\AppData\Local\Temp\comh.71792\globalupdateHelper.msi, Quarantined, [315cc6cddab07bbb31459d194ab9ae52], 
PUP.Optional.ConsumerInput.A, C:\Program Files (x86)\Setup Support for Consumer Input\uninst.exe, Quarantined, [cfbeddb63357e056e9c80ac43ec58d73], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Roaming\Run_dregol\UpdateProc\bkup.dat, Quarantined, [5a33f89b7119f640b453b11f9b687090], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Roaming\Run_dregol\UpdateProc\config.dat, Quarantined, [5a33f89b7119f640b453b11f9b687090], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Roaming\Run_dregol\UpdateProc\info.dat, Quarantined, [5a33f89b7119f640b453b11f9b687090], 
PUP.Optional.Dregol.A, C:\Program Files (x86)\Run_Dregol\config.dat, Quarantined, [97f661324e3cc76f4cbc97398f749c64], 
PUP.Optional.Dregol.A, C:\Program Files (x86)\Run_Dregol\Sqlite3.dll, Quarantined, [97f661324e3cc76f4cbc97398f749c64], 
PUP.Optional.Dregol.A, C:\Program Files (x86)\Run_Dregol\uninst.dat, Quarantined, [97f661324e3cc76f4cbc97398f749c64], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\background.html, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\manifest.json, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\newtab.html, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\opentab.html, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\facebook\images\carousel\comp.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\facebook\images\carousel\phone-frame.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\facebook\images\carousel\phone.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\facebook\images\carousel\screenshots\0-mobile.jpg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\facebook\images\carousel\screenshots\0.jpg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\facebook\images\carousel\screenshots\1-mobile.jpg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\facebook\images\carousel\screenshots\1.jpg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\facebook\images\carousel\screenshots\2-mobile.jpg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\facebook\images\carousel\screenshots\2.jpg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\facebook\images\carousel\screenshots\3-mobile.jpg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\facebook\images\carousel\screenshots\3.jpg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\facebook\images\carousel\screenshots\4-mobile.jpg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\facebook\images\carousel\screenshots\4.jpg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\facebook\images\carousel\screenshots\5-mobile.jpg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\facebook\images\carousel\screenshots\5.jpg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\data\gallery.json, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\9gag.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\afterDownload.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\aim.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\aim_alt.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\aliexpress.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\amazon.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\apple.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\app_store.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\arto.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\aws.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\baidu.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\basecamp.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\bebo.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\behance.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\bing.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\blip.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\blogger.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\bnter.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\booking.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\brightkite.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\castPlatform.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\cinch.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\cloudapp.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\coroflot.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\creative_commons.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\dailybooth.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\delicious.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\designfloat.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\designmoo.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\deviantart.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\digg.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\digg_alt.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\diigo.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\dribbble.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\dropbox.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\drupal.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\dx.jpg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\dzone.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\ebay.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\ember.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\etsy.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\expedia.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\facebook.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\facebook.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\facebook_alt.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\facebook_places.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\facto.me.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\feedburner.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\flickr.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\folkd.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\formspring.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\forrst.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\foursquare.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\foxtab.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\friendfeed.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\friendster.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\funmoods.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\gameo.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\gameo.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\gdgt.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\github.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\github_alt.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\gmail.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\goodreads.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\goodWeather.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\google-drive.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\google_buzz.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\google_talk.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\gowalla.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\gowalla_alt.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\grooveshark.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\hacker_news.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\hi5.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\hype_machine.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\hyves.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\icq.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\identi.ca.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\designbump.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\evernote.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\google.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\iS-linkedin.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\livejournal.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\newsvine.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\playstation.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\whatsapp.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\installCore.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\instapaper.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\ironSource.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\iS-bizcards.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\iS-confluence.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\iS-employeeGuide.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\iS-facebook.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\iS-googleplus.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\iS-jira.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\iS-news.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\iS-presence.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\iS-signature.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\iS-twitter.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\itunes.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\jira.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\kik.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\krop.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\kudosKit.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\last.fm.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\linkedin.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\linkedin_alt.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\lovedsgn.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\meetup.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\metacafe.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\ming.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\mister_wong.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\mixx.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\mixx_alt.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\mobileCore.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\mobileme.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\msn_messenger.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\myspace.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\myspace_alt.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\netflix.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\noaa.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\nytimes.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\official.fm.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\openid.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\orkut.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\pandora.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\path.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\paypal.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\photobucket.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\picasa.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\picassa.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\pinboard.in.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\ping.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\pingchat.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\pivotal.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\plixi.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\plurk.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\podcast.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\posterous.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\qik.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\quik.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\quora.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\rdio.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\readernaut.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\reddit.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\retweet.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\robo.to.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\rss.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\salesforce.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\savefront.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\savefront.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\scribd.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\sharethis.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\simplenote.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\skype.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\slashdot.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\slideshare.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\smugmug.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\soundcloud.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\spearmintBrowser.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\spotify.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\spotsMagic.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\squarespace.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\squidoo.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\steam.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\stumbleupon.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\technorati.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\theweatherchannel.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\threewords.me.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\trello.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\tribe.net.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\tripadvisor.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\tripit.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\tumblr.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\tweaks-soft.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\twitter.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\twitter_alt.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\twitter_old.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\vcard.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\viddler.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\vimeo.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\virb.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\w3.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\weatherbug.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\wikipedia.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\windows.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\wists.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\wordpress.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\wordpress_alt.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\xing.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\yahoo!_buzz.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\yahoo!_messenger.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\yahoo.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\yelp.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\youtube.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\youtube_alt.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\zerply.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\zootool.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\zynga.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\blackfriday\amazon.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\blackfriday\bestbuy.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\blackfriday\kmart.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\blackfriday\newegg.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\blackfriday\overstock.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\blackfriday\samsung.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\blackfriday\target.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\gallery\images\blackfriday\wallmart.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\weather\images\clock-icon-small-black.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\weather\images\clock-icon-small.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\weather\images\cloud-icon-small-black.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\weather\images\cloud-icon-small.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\weather\images\icons-black.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\app\spots\weather\images\icons.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\css\jquery-ui-1.10.3.custom.min.css, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\css\newtab.css, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\css\normalize.css, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\css\opentab.css, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\css\opentab_global.css, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\close-btn.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\close_80x80.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\default-image-grey.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\default-image.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\default-image.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\ironSource.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\powered-by-google.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\about\spotsbeta.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\apps\android-white.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\apps\download.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\apps\star.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\apps\star_full.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\clean\add.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\clean\chrome_apps.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\clean\menu-icon.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\clean\profile.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\clean\recently.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\clean\search.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\clean\searchb.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\clean\sms.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\discovery\arrow-down-active.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\discovery\arrow-down.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\discovery\discovery_facebook.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\favorites\add-item-icon-black.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\favorites\add-item-icon.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\favorites\arrow-down-black.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\favorites\arrow-down-white.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\favorites\arrow-up-black.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\favorites\arrow-up-white.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\favorites\edit-item-icon-black.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\favorites\edit-item-icon-white.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\favorites\new-tab-black.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\favorites\new-tab-white.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\favorites\plus-black.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\favorites\plus-white.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\favorites\remove-item-icon-black.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\favorites\remove-item-icon-white.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\ftue\arrow-up.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\ftue\ftue-finish-icon.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\ftue\ftue-phone.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\ftue\search-bar.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\icons\128.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\icons\16.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\icons\48.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\icons\arrow-down.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\icons\logo.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\icons\v-icon.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\icons\whitelogo.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\icons\x-icon.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\icons\pageAction\19x19.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\icons\pageAction\19x19b.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\icons\pageAction\38x38.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\icons\pageAction\38x38b.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\image-upload\computer.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\image-upload\screenshot1.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\image-upload\screenshot2.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\image-upload\screenshot3.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\image-upload\screenshot4.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\image-upload\warning.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\loaders\loader.swf, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\loaders\loader_white.swf, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\notifications\birthday-black.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\notifications\birthday.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\notifications\dismiss-icon-black.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\notifications\dismiss-icon.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\notifications\event-black.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\notifications\event.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\notifications\minimize.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\phone\em-clean.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\phone\!.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\phone\android-clean.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\phone\android.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\phone\call-clean.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\phone\call.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\phone\close-chat-clean.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\phone\close-chat.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\phone\contact-default-clean.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\phone\contact-default.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\phone\contact-opacity.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\phone\hangup-black.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\phone\hangup-clean.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\phone\hangup.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\phone\phone-welcome-dismiss-icon-clean.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\phone\phone-welcome-dismiss-icon.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\phone\phone_icon-clean.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\phone\phone_icon.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\phone\phone_preview-clean.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\phone\phone_preview.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\phone\search-call-black.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\phone\search-call-clean.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\phone\search-call.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\phone\search-clean.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\phone\search.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\phone\sms-black.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\phone\sms-clean.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\phone\sms.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\review-gifs\plane.gif, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\review-gifs\rating-star.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\review-gifs\cat\cat_1.gif, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\review-gifs\cat\cat_2.gif, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\review-gifs\cat\cat_3.gif, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\review-gifs\cat\cat_4.gif, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\review-gifs\cat\cat_5.gif, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\search\bookmark-icon-black.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\search\bookmark-icon-white.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\search\calculator-icon-black.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\search\calculator-icon-white.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\search\hangup.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\search\navigation-icon-black.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\search\navigation-icon-white.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\search\phone_preview.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\search\plus-dark-sm.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\search\remove-dark-sm.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\search\search-black.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\search\search-icon-black.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\search\search-icon-white.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\search\search.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\search\sms.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\search\web-result-icon-black.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\search\web-result-icon-white.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\binki\thumb.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\bubbles\bg.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\bubbles\footer.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\bubbles\thumb.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\buttons\bg.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\buttons\footer.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\buttons\thumb.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\city\bg.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\city\footer.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\city\thumb.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\clean\thumb.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\deizy\bg.jpg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\deizy\thumb.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\disco\bg.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\disco\footer.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\disco\thumb.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\fishing\bg.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\fishing\footer.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\fishing\thumb.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\forest\bg.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\forest\footer.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\forest\thumb.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\ironDudes\footer.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\ironDudes\thumb.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\layla\bg.jpg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\layla\thumb.jpg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\littleDeizy\bg.jpg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\littleDeizy\thumb.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\mountains\bg.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\mountains\footer.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\mountains\thumb.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\mykonos\bg.jpg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\mykonos\thumb.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\planets\bg.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\planets\footer.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\planets\thumb.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\robot\bg.jpg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\robot\thumb.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\sea\bg.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\sea\footer.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\sea\thumb.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\space\bg.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\space\footer.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\space\thumb.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\stikeez\bg.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\stikeez\footer.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\stikeez\thumb.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\strips\bg.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\strips\footer.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\strips\thumb.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\sunset\bg.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\sunset\footer.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\sunset\thumb.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\tzipi\bg.jpg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\themes\tzipi\thumb.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\user\login.svg, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\img\user\menu-icon.png, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\js\background.js, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\js\bootstrap.js, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\js\newtab.js, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\js\opentab.js, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\lib\aes.js, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\lib\angular-route.min.js, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\lib\angular.min.js, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\lib\async.min.js, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\lib\aws-sdk-2.0.0-rc9.min.js, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\lib\eventsource.min.js, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\lib\idbstore.min.js, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\lib\jquery-2.1.1.min.js, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\lib\jquery-ui-1.10.3.custom.min.js, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\lib\js-canvas-to-blob.js, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\lib\lodash.underscore.min.js, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\lib\md5.js, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\lib\mixins.loadash.js, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\lib\moment-with-langs.min.js, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\lib\moment.min.js, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\lib\phoneformat.js, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\lib\sha1.js, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\lib\sortable.js, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\lib\utils.js, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\locales\i18n_de.json, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\locales\i18n_en.json, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\locales\i18n_es.json, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\locales\i18n_fr.json, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\locales\i18n_he.json, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\locales\i18n_it.json, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\locales\i18n_ja.json, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\locales\i18n_nl.json, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\locales\i18n_pl.json, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\locales\i18n_pt.json, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\locales\i18n_ru.json, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\locales\i18n_tr.json, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\_locales\ar\messages.json, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\_locales\de\messages.json, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\_locales\en\messages.json, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\_locales\es\messages.json, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\_locales\fr\messages.json, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\_locales\he\messages.json, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\_locales\it\messages.json, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\_locales\ja\messages.json, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\_locales\nl\messages.json, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\_locales\pl\messages.json, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\_locales\pt_BR\messages.json, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\_locales\ru\messages.json, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\_locales\tr\messages.json, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.Dregol.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim\0.5.1_0\_metadata\verified_contents.json, Quarantined, [830a1b78e7a3b68048c2844c996a11ef], 
PUP.Optional.ShopperPro.A, C:\Users\Public\Documents\ShopperPro\JsDriver\Config.xml, Quarantined, [55388e05e7a3a591cadb963aae55d32d], 
PUP.Optional.SearchModule.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlcgehabolcakkjhgmgpkagpolbjlhfa\1.5_0\favicon.png, Quarantined, [c6c7f49fd1b91620ee2db61da95aac54], 
PUP.Optional.SearchModule.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlcgehabolcakkjhgmgpkagpolbjlhfa\1.5_0\manifest.json, Quarantined, [c6c7f49fd1b91620ee2db61da95aac54], 
PUP.Optional.SearchModule.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlcgehabolcakkjhgmgpkagpolbjlhfa\1.5_0\newtab\newtab-hp.html, Quarantined, [c6c7f49fd1b91620ee2db61da95aac54], 
PUP.Optional.SearchModule.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlcgehabolcakkjhgmgpkagpolbjlhfa\1.5_0\newtab\js\background.js, Quarantined, [c6c7f49fd1b91620ee2db61da95aac54], 
PUP.Optional.SearchModule.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlcgehabolcakkjhgmgpkagpolbjlhfa\1.5_0\newtab\js\newtab-hp.js, Quarantined, [c6c7f49fd1b91620ee2db61da95aac54], 
PUP.Optional.SearchModule.A, C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlcgehabolcakkjhgmgpkagpolbjlhfa\1.5_0\_metadata\verified_contents.json, Quarantined, [c6c7f49fd1b91620ee2db61da95aac54], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\uninstall.exe, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\amazon.ico, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\argos.ico, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\ask.ico, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\bestbuy.ico, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\ebay.ico, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\etsy.ico, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\facebook.ico, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\favicon.ico, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\google.ico, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\homedepot.ico, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\ikea.ico, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\imdb.ico, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\lowes.ico, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\mercado.ico, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\mysearchweb.ico, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\myshopping.ico, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\searchresult.ico, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\sears.ico, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\setting.ico, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\settings.ico, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\shopping.ico, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\target.ico, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\tesco.ico, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\tripadvisor.ico, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\twitter.ico, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\wajam.ico, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\walmart.ico, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\wiki.ico, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\yahoo.ico, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\zalando.ico, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\fd6dbc306c804c8ddc05bbf7718a9fb0, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\007290c6eaab8e3f7a895162dbe596bc, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\082f5ca15ec57c3df008923c9e8741e6, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\27a3e026958775027c50df2378a10264, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\7a7f47864cc9f47f051a99757259e4c6, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\8f4e413e15e24f194e5329cacb14280f, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\a6ae6d2596b121bf37b260719739349b, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\ApiHandlr.dll, Delete-on-Reboot, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\b35a34e159184b8830d3b6afbaa6c0b1, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\FiddlerCore.dll, Delete-on-Reboot, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\HtmlAgilityPack.dll, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\InternetEnhancer.exe, Delete-on-Reboot, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\lan-proxy-settings.dat, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\makecert.exe, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\Newtonsoft.Json.dll, Delete-on-Reboot, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\wie, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\WJManifest, Quarantined, [9bf20192d6b4f14544718c47a45fc937], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

 

Restarted computer

 

Upon restart Symantic Quarantined ApiHandlr.dll

One System Care & Chromina still showed up

 

Thanks again



#5 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:13 PM

Posted 15 May 2015 - 02:30 AM

Please proceed with step 4. :)
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#6 Phaze13

Phaze13
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:06:13 AM

Posted 15 May 2015 - 02:18 PM

Step 4

FRST.txt Log

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-05-2015 02
Ran by With (administrator) on WITH-PC on 15-05-2015 15:16:00
Running from C:\Users\With\Desktop
Loaded Profiles: With (Available profiles: With)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Windows\SysWOW64\ASGT.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SmcGui.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP ENVY 110 series\Bin\ScanToPCActivationApp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\With\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SavUI.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Dropbox, Inc.) C:\Users\With\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AnimGraph) C:\Program Files (x86)\Magic Mouse Utilities\MagicMouseUtilities.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(Oracle Corporation) C:\Program Files\Java\jre1.8.0_25\bin\javaw.exe
(Symantec Corporation) C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP ENVY 110 series\Bin\HPNetworkCommunicator.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-28] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-27] (NVIDIA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [286704 2013-04-30] (Intel Corporation)
HKLM-x32\...\Run: [ccApp] => C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe [115560 2009-07-08] (Symantec Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-10] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-08-19] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-4145080920-3812403697-566172317-1000\...\Run: [HP ENVY 110 series (NET)] => C:\Program Files\HP\HP ENVY 110 series\Bin\ScanToPCActivationApp.exe [2676584 2011-09-19] (Hewlett-Packard Co.)
HKU\S-1-5-21-4145080920-3812403697-566172317-1000\...\Run: [GoogleChromeAutoLaunch_952B3A22E8EB6153397103CE452AA6C9] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [812872 2015-05-05] (Google Inc.)
HKU\S-1-5-21-4145080920-3812403697-566172317-1000\...\Run: [Google Update] => C:\Users\With\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-07-12] (Google Inc.)
HKU\S-1-5-21-4145080920-3812403697-566172317-1000\...\Run: [MusicManager] => C:\Users\With\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7475200 2015-03-31] (Google Inc.)
HKU\S-1-5-21-4145080920-3812403697-566172317-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25700400 2015-04-28] (Google)
HKU\S-1-5-21-4145080920-3812403697-566172317-1000\...\Run: [GoogleChromeAutoLaunch_AF9A6CD07E4B43119E70183BD40C78F4] => C:\Users\With\AppData\Local\Chromium\Application\chrome.exe [656896 2015-05-09] (The Chromium Authors)
HKU\S-1-5-21-4145080920-3812403697-566172317-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
AppInit_DLLs: C:\ProgramData\FlashBeat\FlashBeat64.dll => C:\ProgramData\FlashBeat\FlashBeat64.dll File Not Found
AppInit_DLLs-x32: C:\ProgramData\FlashBeat\FlashBeat32.dll => "C:\ProgramData\FlashBeat\FlashBeat32.dll" File Not Found
AppInit_DLLs-x32:  c:\progra~3\{7d2f9~1\1170~1.1\sidi.dll => c:\ProgramData\{7D2F95EC-2DAD-446A-9C2B-34E84CA9E766}\1.17.0.1\sidi.dll [778752 2015-05-12] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Universal Media Server.lnk [2014-10-16]
ShortcutTarget: Universal Media Server.lnk -> C:\Program Files (x86)\Universal Media Server\UMS.exe (Universal Media Server)
Startup: C:\Users\With\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-01-11]
ShortcutTarget: Dropbox.lnk -> C:\Users\With\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\With\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Magic Mouse Utilities.lnk [2014-01-05]
ShortcutTarget: Magic Mouse Utilities.lnk -> C:\Program Files (x86)\Magic Mouse Utilities\MagicMouseUtilities.exe (AnimGraph)
Startup: C:\Users\With\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2014-02-08]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:47574
ProxyServer: [S-1-5-21-4145080920-3812403697-566172317-1000] => http=127.0.0.1:47574
HKU\S-1-5-21-4145080920-3812403697-566172317-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4145080920-3812403697-566172317-1000 -> {4D1769A7-E76A-40BB-BE0C-89A13F161E7C} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4145080920-3812403697-566172317-1000 -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL = 
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-12-11] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-11] (Oracle Corporation)
BHO: YoutuBEAdiBlocckea -> {e74a6ea1-aa96-484a-b06b-fc0d5cdf51a3} -> C:\Program Files (x86)\YoutuBEAdiBlocckea\wAkYOIrF8czsBA.x64.dll No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF ProfilePath: C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366
FF NewTab: 
FF DefaultSearchEngine.US: Search Module
FF SelectedSearchEngine: 
FF Homepage: 
FF NetworkProxy: "type", 5
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-05-06] ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-11] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-05-06] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-05-06] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-08-13] (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2011-02-21] (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin-x32: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files (x86)\Yahoo!\Common\npyaxmpb.dll [2007-03-09] (Yahoo! Inc.)
FF Plugin HKU\S-1-5-21-4145080920-3812403697-566172317-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\With\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-4145080920-3812403697-566172317-1000: @talk.google.com/O1DPlugin -> C:\Users\With\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-4145080920-3812403697-566172317-1000: @tools.google.com/Google Update;version=3 -> C:\Users\With\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-4145080920-3812403697-566172317-1000: @tools.google.com/Google Update;version=9 -> C:\Users\With\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-4145080920-3812403697-566172317-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\With\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-20] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\With\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\With\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Extension: FT DeepDark - C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2015-04-15]
FF Extension: Pin It Button - C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2014-12-31]
FF Extension: Pinterest Pin Button - C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\Extensions\{677a8f98-fd64-40b0-a883-b8c95d0cbf17}.xpi [2014-12-19]
FF Extension: Crazy Score - C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\Extensions\{6b0c9c8b-76e8-4048-b069-8376aa74be4b}.xpi [2015-05-12]
FF Extension: Adblock Plus - C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-19]
FF Extension: No Name - C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com [Not Found]
FF Extension: No Name - C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [Not Found]
FF Extension: No Name - C:\Users\With\AppData\Roaming\Mozilla\Firefox\Profiles\yolvwqn5.default-1419019564366\extensions\TTSD90021300@PYDKGV101145942.com [Not Found]
StartMenuInternet: FIREFOX.EXE - firefox.exe
 
Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\With\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Angry Birds) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-01-05]
CHR Extension: (Google Docs) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-04]
CHR Extension: (Google Drive) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-04]
CHR Extension: (SteamPowered [aNTP]) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\apopkdkjmbfhmmohkhcbcnfipaiilkjb [2014-01-05]
CHR Extension: (YouTube) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-04]
CHR Extension: (Google Cast) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-01-05]
CHR Extension: (Google Search) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-04]
CHR Extension: (Google Calendar) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-01-05]
CHR Extension: (Google Play Music) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2015-02-25]
CHR Extension: (ZenMate) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-06-18]
CHR Extension: (AdBlock) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-05]
CHR Extension: (Material For Chrome) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\gokahbgdhhcjfnjlfeiojfmgnoikpcco [2015-04-27]
CHR Extension: (Google Play Music) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2014-01-05]
CHR Extension: (Chrome to Mobile) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\idknbmbdnapjicclomlijcgfpikmndhd [2014-01-05]
CHR Extension: (Digital Clock Widget [ANTP]) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikimcdcgajipgcoehakmgloecbaacmoj [2014-01-05]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-01-04]
CHR Extension: (Google Maps) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-01-05]
CHR Extension: (Google Wallet) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-04]
CHR Extension: (Gmail) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-04]
CHR Extension: (Canvas Rider) - C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk [2014-01-05]
CHR HKU\S-1-5-21-4145080920-3812403697-566172317-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jlcgehabolcakkjhgmgpkagpolbjlhfa] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4145080920-3812403697-566172317-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
R2 ccEvtMgr; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [108392 2009-07-08] (Symantec Corporation)
R2 ccSetMgr; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [108392 2009-07-08] (Symantec Corporation)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [614624 2014-09-02] (Futuremark)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-27] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
S3 LiveUpdate; C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_3.EXE [3093880 2009-07-13] (Symantec Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-27] (NVIDIA Corporation)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 SmcService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe [3197256 2009-09-17] (Symantec Corporation)
S4 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE [411976 2009-09-17] (Symantec Corporation)
R2 Symantec AntiVirus; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe [2477304 2009-09-17] (Symantec Corporation)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2014-01-11] (Microsoft Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 fugewybu; No ImagePath
S2 qozyzuwu; No ImagePath
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 applebmt; C:\Windows\System32\DRIVERS\applebmt.sys [52736 2011-06-02] (Apple Inc.)
S3 AsrDrv101; C:\Windows\SysWOW64\Drivers\AsrDrv101.sys [22280 2014-01-05] (ASRock Incorporation)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [34640 2012-08-09] (ASRock Inc.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-11-25] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-11-25] (Symantec Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-04-30] (Intel Corporation)
R2 IntelHaxm; C:\Windows\System32\DRIVERS\IntelHaxm.sys [84992 2014-11-18] (Intel  Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-01-19] ()
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [118504 2012-12-18] (Qualcomm Atheros Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-15] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 NAVENG; C:\ProgramData\Symantec\Definitions\VirusDefs\20150105.019\eng64.sys [129752 2014-08-11] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Symantec\Definitions\VirusDefs\20150105.019\ex64.sys [2137304 2014-08-11] (Symantec Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\SRTSP64.SYS [443952 2009-08-25] (Symantec Corporation)
R1 SRTSP; C:\Windows\SysWOW64\Drivers\SRTSP64.SYS [443952 2009-08-25] (Symantec Corporation)
S3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL64.SYS [481840 2009-08-25] (Symantec Corporation)
S3 SRTSPL; C:\Windows\SysWOW64\Drivers\SRTSPL64.SYS [481840 2009-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX64.SYS [32304 2009-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\SysWOW64\Drivers\SRTSPX64.SYS [32304 2009-08-25] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [172592 2014-01-05] (Symantec Corporation)
R3 Teefer2; C:\Windows\System32\DRIVERS\teefer2.sys [62512 2009-05-27] (Symantec Corporation)
R1 WPS; C:\Windows\system32\drivers\wpsdrvnt.sys [52784 2009-09-17] (Symantec Corporation)
R3 WpsHelper; C:\Windows\system32\drivers\WpsHelper.sys [233120 2012-11-14] (Symantec Corporation)
S2 SPDRIVER_1.42.0.1828; \??\C:\Program Files (x86)\ShopperPro\JSDriver\1.42.0.1828\jsdrv.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-15 15:16 - 2015-05-15 15:16 - 00030908 _____ () C:\Users\With\Desktop\FRST.txt
2015-05-14 20:23 - 2015-05-14 20:23 - 00000000 ____D () C:\Avenger
2015-05-14 20:11 - 2015-05-15 13:15 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-14 20:11 - 2015-05-14 20:11 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-14 20:11 - 2015-05-14 20:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-14 20:11 - 2015-05-14 20:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-14 20:11 - 2015-05-14 20:11 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-14 20:11 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-14 20:11 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-14 20:11 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-14 20:10 - 2015-05-14 20:10 - 00025850 _____ () C:\Users\With\Desktop\AdwCleaner[S0].txt
2015-05-14 20:05 - 2015-05-14 20:07 - 00000000 ____D () C:\AdwCleaner
2015-05-14 17:38 - 2015-05-14 17:38 - 00001264 _____ () C:\Users\With\Desktop\Revo Uninstaller.lnk
2015-05-14 17:38 - 2015-05-14 17:38 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-05-14 17:37 - 2015-05-14 17:37 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\With\Desktop\mbam-setup-2.1.6.1022.exe
2015-05-14 17:37 - 2015-05-14 17:37 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\With\Desktop\revosetup.exe
2015-05-14 17:37 - 2015-05-14 17:37 - 02204160 _____ () C:\Users\With\Desktop\adwcleaner_4.203.exe
2015-05-13 20:06 - 2015-05-15 15:15 - 00000000 ____D () C:\Users\With\Desktop\FRST-OlderVersion
2015-05-13 19:54 - 2015-05-13 19:54 - 00343440 _____ () C:\Windows\Minidump\051315-9812-01.dmp
2015-05-13 19:48 - 2015-05-13 19:48 - 00000000 ____D () C:\Program Files (x86)\3223e5b9-cdd3-4754-916f-8a7b31fab8a8
2015-05-13 19:45 - 2015-05-14 20:24 - 00000328 _____ () C:\Windows\Tasks\LGICBV1.job
2015-05-13 19:45 - 2015-05-14 20:21 - 00000000 ____D () C:\ProgramData\cb7ea4a0b01f4c88a9315fc70a3584f8
2015-05-13 19:45 - 2015-05-13 19:45 - 00003552 _____ () C:\Windows\System32\Tasks\LIBXXSJ
2015-05-13 19:45 - 2015-05-13 19:45 - 00002850 _____ () C:\Windows\System32\Tasks\LGICBV1
2015-05-13 19:45 - 2015-05-13 19:45 - 00000000 ____D () C:\ProgramData\28341ff220e0446c9fff27c4493d622e
2015-05-13 19:41 - 2015-05-13 19:41 - 00003588 _____ () C:\Windows\System32\Tasks\SMWUpd
2015-05-13 19:41 - 2015-05-13 19:41 - 00000000 ____D () C:\Users\With\AppData\Local\CrashRpt
2015-05-12 19:46 - 2015-05-15 13:40 - 00000992 _____ () C:\Windows\Tasks\F46tQTi5u8je.job
2015-05-12 19:46 - 2015-05-15 07:52 - 00001000 _____ () C:\Windows\Tasks\ST5oNoWE90BVieXe.job
2015-05-12 19:46 - 2015-05-12 19:46 - 00004022 _____ () C:\Windows\System32\Tasks\ST5oNoWE90BVieXe
2015-05-12 19:46 - 2015-05-12 19:46 - 00004014 _____ () C:\Windows\System32\Tasks\F46tQTi5u8je
2015-05-12 19:45 - 2015-05-14 20:21 - 00000000 ____D () C:\Program Files (x86)\86583d2e-7ff4-4b9c-83ad-6b374a1be126
2015-05-12 19:45 - 2015-05-13 19:54 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-05-12 19:25 - 2015-05-12 19:25 - 00000000 ____D () C:\Users\With\AppData\Roaming\One System Care
2015-05-12 19:20 - 2015-05-15 15:15 - 00000274 _____ () C:\Windows\Tasks\One System CarePeriod.job
2015-05-12 19:20 - 2015-05-14 20:25 - 00000274 _____ () C:\Windows\Tasks\One System CareStartUp.job
2015-05-12 19:20 - 2015-05-12 19:20 - 00003304 _____ () C:\Windows\System32\Tasks\One System Care Run Delay
2015-05-12 19:20 - 2015-05-12 19:20 - 00003238 _____ () C:\Windows\System32\Tasks\One System Care Monitor
2015-05-12 19:20 - 2015-05-12 19:20 - 00002848 _____ () C:\Windows\System32\Tasks\One System CarePeriod
2015-05-12 19:20 - 2015-05-12 19:20 - 00002546 _____ () C:\Windows\System32\Tasks\One System CareStartUp
2015-05-12 19:20 - 2015-05-12 19:20 - 00000000 ____D () C:\Users\With\AppData\Roaming\OpenSoftwareUpdater
2015-05-12 19:20 - 2015-05-12 19:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneSystemCare
2015-05-12 19:20 - 2015-05-12 19:20 - 00000000 ____D () C:\Program Files (x86)\OneSystemCare
2015-05-12 19:18 - 2015-05-13 19:58 - 00000000 ____D () C:\Program Files (x86)\OpenSoftwareUpdater
2015-05-12 19:18 - 2015-05-12 19:51 - 00002888 _____ () C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
2015-05-12 19:18 - 2015-05-12 19:51 - 00002888 _____ () C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-05-12 19:18 - 2015-05-12 19:18 - 00000000 ____D () C:\Users\With\AppData\Local\Chromium
2015-05-12 19:18 - 2015-05-12 19:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-05-12 19:18 - 2015-04-30 10:50 - 00429392 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2015-05-12 19:18 - 2015-04-30 10:50 - 00347976 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
2015-05-12 19:17 - 2015-05-12 19:17 - 00000000 ____D () C:\ProgramData\{7D2F95EC-2DAD-446A-9C2B-34E84CA9E766}
2015-05-11 20:05 - 2015-05-11 20:13 - 00000000 ____D () C:\Users\With\Downloads\Silicon.Valley.S02E04.HDTV.x264-ASAP[ettv]
2015-05-11 20:05 - 2015-05-11 20:10 - 00000000 ____D () C:\Users\With\Downloads\Silicon.Valley.S02E05.HDTV.x264-ASAP[ettv]
2015-05-11 20:04 - 2015-05-11 20:04 - 00015793 _____ () C:\Users\With\Downloads\[kickass.to]silicon.valley.s02e05.hdtv.x264.asap.ettv.torrent
2015-05-11 20:04 - 2015-05-11 20:04 - 00014976 _____ () C:\Users\With\Downloads\[kickass.to]silicon.valley.s02e04.hdtv.x264.asap.ettv.torrent
2015-05-11 20:03 - 2015-05-11 20:04 - 00000000 ____D () C:\Users\With\Downloads\Game.of.Thrones.S05E05.HDTV.x264-ASAP[ettv]
2015-05-11 20:03 - 2015-05-11 20:03 - 00024905 _____ () C:\Users\With\Downloads\[kickass.to]game.of.thrones.s05e05.hdtv.x264.asap.ettv.torrent
2015-05-10 19:56 - 2015-05-10 19:56 - 00000000 ____D () C:\Users\With\AppData\Roaming\3242
2015-05-08 16:50 - 2015-05-08 16:50 - 00000000 ____D () C:\Users\With\AppData\Local\openvr
2015-04-27 20:00 - 2015-04-27 20:09 - 00000000 ____D () C:\Users\With\Downloads\Silicon.Valley.S02E03.HDTV.x264-KILLERS[ettv]
2015-04-27 20:00 - 2015-04-27 20:07 - 00000000 ____D () C:\Users\With\Downloads\Silicon.Valley.S02E02.HDTV.x264-ASAP[ettv]
2015-04-26 09:03 - 2015-04-08 16:32 - 00560968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-04-26 09:02 - 2015-04-08 20:58 - 31570064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 30397072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 25375048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 24053576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 15716232 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 14006752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 12852784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 11380728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 10423952 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-04-26 09:02 - 2015-04-08 20:58 - 02896528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 02573456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 01895568 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435012.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435012.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 01086424 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 01047368 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 01037640 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 00970568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 00962192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 00927440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 00499344 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 00402576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 00346256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-04-26 09:02 - 2015-04-08 20:58 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-04-23 20:18 - 2015-04-23 20:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-19 12:01 - 2015-04-19 12:03 - 00000000 ____D () C:\Users\With\Downloads\Silicon.Valley.S02E01.HDTV.x264-ASAP[ettv]
2015-04-19 08:20 - 2015-04-19 08:20 - 00005872 _____ () C:\Users\With\AppData\Roaming\F46tQTi5u8je
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-15 15:16 - 2014-12-19 15:35 - 00000000 ____D () C:\FRST
2015-05-15 15:15 - 2014-12-19 16:02 - 02106368 _____ (Farbar) C:\Users\With\Desktop\FRST64.exe
2015-05-15 14:48 - 2014-01-05 03:00 - 01960035 _____ () C:\Windows\WindowsUpdate.log
2015-05-15 14:46 - 2015-01-31 12:14 - 00000336 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job
2015-05-15 14:41 - 2014-07-12 08:16 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4145080920-3812403697-566172317-1000UA.job
2015-05-15 14:22 - 2014-01-04 15:22 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-15 10:37 - 2014-01-05 17:48 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-15 04:22 - 2014-01-04 15:22 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-15 04:17 - 2014-01-04 15:22 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-15 04:17 - 2014-01-04 15:22 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-14 23:41 - 2014-07-12 08:16 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4145080920-3812403697-566172317-1000Core.job
2015-05-14 20:31 - 2009-07-14 00:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-14 20:31 - 2009-07-14 00:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-14 20:30 - 2009-07-14 01:13 - 00785234 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-14 20:24 - 2015-01-04 14:14 - 00000000 ___RD () C:\Users\With\Google Drive
2015-05-14 20:24 - 2014-10-16 21:48 - 00000000 ____D () C:\ProgramData\UMS
2015-05-14 20:24 - 2014-01-12 15:02 - 00000000 ____D () C:\Temp
2015-05-14 20:24 - 2014-01-11 11:47 - 00000000 ___RD () C:\Users\With\Dropbox
2015-05-14 20:24 - 2014-01-11 11:47 - 00000000 ____D () C:\Users\With\AppData\Roaming\Dropbox
2015-05-14 20:24 - 2014-01-05 20:41 - 00000063 _____ () C:\Users\With\AppData\Roaming\Magic Mouse Utilities.ini
2015-05-14 20:24 - 2014-01-04 15:39 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-14 20:24 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-14 20:24 - 2009-07-14 00:51 - 00103684 _____ () C:\Windows\setupact.log
2015-05-14 20:23 - 2010-11-20 23:47 - 00542112 _____ () C:\Windows\PFRO.log
2015-05-14 20:21 - 2014-01-05 17:48 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-05-14 20:07 - 2014-01-05 00:03 - 00000987 _____ () C:\Users\With\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-14 20:07 - 2014-01-04 15:26 - 00001061 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-14 20:07 - 2014-01-04 15:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-13 20:05 - 2014-12-19 16:01 - 00000000 ____D () C:\Users\With\Downloads\Fubar Recovery
2015-05-13 19:54 - 2014-08-07 07:26 - 870324916 _____ () C:\Windows\MEMORY.DMP
2015-05-13 19:54 - 2014-08-07 07:26 - 00000000 ____D () C:\Windows\Minidump
2015-05-13 19:50 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-05-13 19:48 - 2014-12-11 22:16 - 00000000 ____D () C:\Program Files (x86)\Add to Wish List
2015-05-12 19:51 - 2009-07-14 00:45 - 00417296 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-12 19:25 - 2014-01-04 15:10 - 00111696 _____ () C:\Users\With\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-12 18:35 - 2014-01-11 11:47 - 00000000 ____D () C:\Users\With\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-05-12 18:33 - 2014-01-11 10:45 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-05-11 20:02 - 2014-02-20 22:01 - 00000000 ____D () C:\Users\With\Documents\DVDFab9
2015-05-08 06:18 - 2015-01-04 13:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-05-06 18:08 - 2014-01-09 09:13 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-06 18:08 - 2014-01-09 09:13 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-06 18:07 - 2014-01-04 15:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-03 14:56 - 2014-03-02 10:56 - 00000000 ____D () C:\Users\With\AppData\Local\Paint.NET
2015-04-30 08:09 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-04-26 09:03 - 2014-01-04 15:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-04-26 09:02 - 2014-01-04 15:36 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-04-21 11:42 - 2014-01-04 15:26 - 00000000 ____D () C:\Users\With\AppData\Roaming\Mozilla
 
==================== Files in the root of some directories =======
 
2015-04-19 08:20 - 2015-04-19 08:20 - 0005872 _____ () C:\Users\With\AppData\Roaming\F46tQTi5u8je
2014-01-05 20:41 - 2015-05-14 20:24 - 0000063 _____ () C:\Users\With\AppData\Roaming\Magic Mouse Utilities.ini
2015-04-14 12:28 - 2015-04-14 12:28 - 0004387 _____ () C:\Users\With\AppData\Roaming\ST5oNoWE90BVieXe
2014-10-16 21:28 - 2014-10-16 21:28 - 0003584 _____ () C:\Users\With\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-04 15:10 - 2014-01-04 15:10 - 0000003 _____ () C:\Users\With\AppData\Local\user_data.ini
2014-01-05 21:36 - 2014-01-05 21:36 - 0000057 _____ () C:\ProgramData\Ament.ini
 
Some content of TEMP:
====================
C:\Users\With\AppData\Local\Temp\90E0288A-4DCF-07E0-6397-BC7246C4123C.exe
C:\Users\With\AppData\Local\Temp\C4810D25-29C9-B176-8369-77630CBF9544.dll
C:\Users\With\AppData\Local\Temp\C4810D25-29C9-B176-8369-77630CBF9544.exe
C:\Users\With\AppData\Local\Temp\cw.exe
C:\Users\With\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpirdwrn.dll
C:\Users\With\AppData\Local\Temp\jna7734475573608545954.dll
C:\Users\With\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\With\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\With\AppData\Local\Temp\nvStInst.exe
C:\Users\With\AppData\Local\Temp\optprosetup.exe
C:\Users\With\AppData\Local\Temp\Quarantine.exe
C:\Users\With\AppData\Local\Temp\Setup_194831.exe
C:\Users\With\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-05-14 00:59
 
==================== End Of Log ============================
 
Addition.txt Log
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-05-2015 02
Ran by With at 2015-05-15 15:16:19
Running from C:\Users\With\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-4145080920-3812403697-566172317-500 - Administrator - Disabled)
Guest (S-1-5-21-4145080920-3812403697-566172317-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4145080920-3812403697-566172317-1004 - Limited - Enabled)
With (S-1-5-21-4145080920-3812403697-566172317-1000 - Administrator - Enabled) => C:\Users\With
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Symantec Endpoint Protection (Enabled - Out of date) {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Symantec Endpoint Protection (Enabled - Out of date) {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Symantec Endpoint Protection (Enabled) {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
3DMark Demo (HKLM-x32\...\Steam App 231350) (Version:  - Futuremark)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASRock XFast RAM v2.0.28 (HKLM\...\ASRock XFast RAM_is1) (Version:  - ASRock Inc.)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.3.9.2 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.3.9.2 - ASUSTek COMPUTER INC.) Hidden
A-Tuning v1.0.19 (HKLM-x32\...\A-Tuning_is1) (Version: 1.0.19 - )
AviSynth (HKLM-x32\...\AviSynth) (Version: 2.6.0 MT - )
AVS Video Converter 9.1 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 9.1.1.568 - Online Media Technologies Ltd.)
Big Brainz Home (HKLM-x32\...\Big Brainz Home 2.0.1) (Version: 2.0.1 - Big Brainz)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.88 - DivX, LLC)
Dregol (HKU\S-1-5-21-4145080920-3812403697-566172317-1000\...\Chromium) (Version: 44.0.2397.0 - Chromium)
Dropbox (HKU\S-1-5-21-4145080920-3812403697-566172317-1000\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
DVDFab 9.1.2.8 (19/02/2014) (HKLM-x32\...\DVDFab 9_is1) (Version:  - Fengtao Software Inc.)
FindingDiscount (HKLM-x32\...\FindingDiscount) (Version:  - )
Futuremark SystemInfo (HKLM-x32\...\{E114E635-F06E-43B4-A800-74A22536B1B0}) (Version: 4.30.472.0 - Futuremark)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.152 - Google Inc.)
Google Drive (HKLM-x32\...\{35574F09-89F9-4B16-B69B-64F3E25901B8}) (Version: 1.21.9226.6034 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
HP ENVY 110 series Basic Device Software (HKLM\...\{9EDA8125-D287-4AD1-BE32-6B105A275645}) (Version: 25.0.622.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.16432 - HP)
iCloud (HKLM\...\{6096C0CC-7E19-4355-87F0-627EC5AA146D}) (Version: 4.0.3.56 - Apple Inc.)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.102 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{ECCB31F5-435D-4F37-A98D-5854D3C62718}) (Version: 1.1.1 - Intel Corporation)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
Java™ SE Development Kit 6 Update 24 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160240}) (Version: 1.6.0.240 - Oracle)
LiveUpdate 3.3 (Symantec Corporation) (HKLM-x32\...\LiveUpdate) (Version: 3.3.0.92 - Symantec Corporation)
Magic Mouse Utilities version 1.1 (HKLM-x32\...\{F659CE9D-CA4B-43AA-8C32-D523CD955494}_is1) (Version: 1.1 - AnimGraph)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.2 (HKLM-x32\...\{06C90FCC-4C95-4142-A0AF-D3A4C12882DE}_is1) (Version: 1.2 - Sam Rodberg)
mkv2vob (HKLM-x32\...\{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}) (Version: 2.4.9 - 3r1c)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{759E6A2F-1F01-45EF-A0C4-22F1B56CB975}) (Version: 6.3.0 - Motorola Mobility LLC)
Mozilla Firefox 37.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Music Manager (HKU\S-1-5-21-4145080920-3812403697-566172317-1000\...\MusicManager) (Version:  - Google, Inc.)
NVIDIA 3D Vision Controller Driver 349.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 349.95 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Graphics Driver 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
One System Care (HKLM-x32\...\OneSystemCare) (Version: 2.00.00.1 - OneSystemCare)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PS3 Media Server-SHB (HKLM-x32\...\PS3 Media Server-SHB) (Version: 1.52.2-SHB43 - PS3 Media Server)
qBittorrent 3.1.9.2 (HKLM-x32\...\qbittorrent) (Version: 3.1.9.2 - The qBittorrent project)
Qualcomm Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.2 beta r2326 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.450.0 - SAMSUNG Electronics Co., Ltd.)
Sharepod 4.0.1.1 (HKLM-x32\...\{085BCFB8-F6FB-4600-AFAB-1F6DBC7F5F99}_is1) (Version:  - Macroplant LLC)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Symantec Endpoint Protection (HKLM\...\{530992D4-DDBA-4F68-8B0D-FF50AC57531B}) (Version: 11.0.5002.333 - Symantec Corporation)
Tag&Rename 3.8 (HKLM-x32\...\Tag&Rename_is1) (Version: 3.8 - Softpointer Inc)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
The Old Tree (HKLM-x32\...\Steam App 346250) (Version:  - Red Dwarf Games)
The Stanley Parable Demo (HKLM-x32\...\Steam App 247750) (Version:  - Galactic Cafe)
Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}) (Version: 1.01 - Ubisoft)
Unity Web Player (HKU\S-1-5-21-4145080920-3812403697-566172317-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Universal Media Server (HKLM-x32\...\Universal Media Server) (Version: 5.0.1 - Universal Media Server)
Uplay (HKLM-x32\...\Uplay) (Version: 4.2 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Driver Package - Apple Inc. Apple Wireless Mouse (06/01/2011 4.0.0.1) (HKLM\...\D088EE4BD2819FBA2B349EF9D55176F223419BE6) (Version: 06/01/2011 4.0.0.1 - Apple Inc.)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-4145080920-3812403697-566172317-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\With\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4145080920-3812403697-566172317-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\With\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4145080920-3812403697-566172317-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\With\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-4145080920-3812403697-566172317-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\With\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4145080920-3812403697-566172317-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4145080920-3812403697-566172317-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4145080920-3812403697-566172317-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4145080920-3812403697-566172317-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4145080920-3812403697-566172317-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4145080920-3812403697-566172317-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4145080920-3812403697-566172317-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4145080920-3812403697-566172317-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4145080920-3812403697-566172317-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\With\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
 
==================== Restore Points  =========================
 
12-05-2015 19:18:30 LavasoftWeCompanion
13-05-2015 19:38:20 LavasoftWeCompanion
14-05-2015 17:39:45 Revo Uninstaller's restore point - CinemaPlus-3.2cV12.05
14-05-2015 17:43:56 Revo Uninstaller's restore point - Crossbrowse
14-05-2015 17:48:43 Revo Uninstaller's restore point - FlashBeat
14-05-2015 17:51:38 Revo Uninstaller's restore point - FLV Player
14-05-2015 17:52:39 Revo Uninstaller's restore point - GamesDesktop 025.558
14-05-2015 17:54:37 Revo Uninstaller's restore point - GamesDesktop 025.574
14-05-2015 17:55:48 Revo Uninstaller's restore point - Ge-Force
14-05-2015 17:57:09 Revo Uninstaller's restore point - Menu Operating System
14-05-2015 17:58:22 Revo Uninstaller's restore point - Remote Desktop Access (VuuPC)
14-05-2015 18:00:00 Revo Uninstaller's restore point - Shopper-Pro
14-05-2015 18:02:04 Revo Uninstaller's restore point - SmartWeb
14-05-2015 18:03:51 Revo Uninstaller's restore point - Wajam
14-05-2015 18:04:56 Revo Uninstaller's restore point - Wajam
14-05-2015 19:57:07 Revo Uninstaller's restore point - Crossbrowse
14-05-2015 20:02:04 Revo Uninstaller's restore point - GamesDesktop 025.583
14-05-2015 20:03:11 Revo Uninstaller's restore point - FlashBeat
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {03CC5233-CEDC-4076-B952-062EDA866339} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-04] (Google Inc.)
Task: {0D533FAF-2644-4989-BAA8-5B8A5552E5C9} - System32\Tasks\One System CarePeriod => C:\Program Files (x86)\OneSystemCare\OneSystemCare.exe [2015-05-04] ()
Task: {12203194-9AD1-4194-B548-34A948396CEF} - System32\Tasks\LIBXXSJ => C:\ProgramData\cb7ea4a0b01f4c88a9315fc70a3584f8\cb7ea4a0b01f4c88a9315fc70a3584f8.exe
Task: {1C32CA41-69F3-4629-B075-B85C687A35DE} - System32\Tasks\{95AE6B30-7113-4FAA-96B0-9F8F11C001F9} => pcalua.exe -a C:\Users\With\Downloads\iPodResetUtilitySetup.exe -d C:\Users\With\Downloads
Task: {2E396D3E-023E-4DF0-A9B2-D43AF9EB240C} - System32\Tasks\LGICBV1 => C:\ProgramData\FlashBeat\FlashBeat.exe
Task: {346C8A18-60CE-4C5E-9332-C2408353552D} - System32\Tasks\ST5oNoWE90BVieXe => C:\Users\With\AppData\Roaming\ST5oNoWE90BVieXe.exe <==== ATTENTION
Task: {41DC0184-4A31-41E4-926A-CF38C1190769} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4145080920-3812403697-566172317-1000Core => C:\Users\With\AppData\Local\Google\Update\GoogleUpdate.exe [2014-07-12] (Google Inc.)
Task: {43BB70D5-070D-42AE-BDC2-AFF186947FE0} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2015-01-31] ()
Task: {4D7272D8-7B93-4958-92DB-637B65D2D675} - \SMW_UpdateTask_Time_313735383037363438392d3437415a556c2a3223346c41 No Task File <==== ATTENTION
Task: {56A19C19-4428-4AAF-A635-936FD501B520} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-04] (Google Inc.)
Task: {59BB5A95-1CA2-4414-90BF-87DDAEFB5339} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4145080920-3812403697-566172317-1000UA => C:\Users\With\AppData\Local\Google\Update\GoogleUpdate.exe [2014-07-12] (Google Inc.)
Task: {6134844F-3B2D-4E54-BC75-2A9A6EEBEDA1} - System32\Tasks\One System Care Run Delay => C:\Program Files (x86)\OneSystemCare\OneSystemCare.exe [2015-05-04] ()
Task: {64EBA476-1651-4799-A9F8-43BC0146E764} - System32\Tasks\One System Care Monitor => C:\Program Files (x86)\OneSystemCare\CleanupConsole.exe [2015-05-04] ()
Task: {66E36F27-01BD-4B12-BFAC-CF3163ED24C8} - System32\Tasks\One System CareStartUp => C:\Program Files (x86)\OneSystemCare\OneSystemCare.exe [2015-05-04] ()
Task: {785EF48B-A178-48FC-B5E2-85350999631C} - System32\Tasks\SMWUpd => C:\Program Files\Common Files\Goobzo\GBUpdate\updater.exe <==== ATTENTION
Task: {93889A24-6B5B-4F83-B605-9278359D607F} - \SPBIW_UpdateTask_Time_313735383037363438392d3437415a556c2a3223346c41 No Task File <==== ATTENTION
Task: {B17CC6EB-3108-4F4B-92B3-72A8D7D1D62E} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {C46BCF29-8FFC-4270-85B9-8E3431F7676C} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {D1BDC18A-EC6E-47E0-9220-1D5C4BD48AF0} - \Dregol sidi No Task File <==== ATTENTION
Task: {D4A60292-9F62-4AFC-8BC1-D8C99868DF94} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {E0C21EDF-5A67-482A-81DB-3E1A1DD304FF} - System32\Tasks\F46tQTi5u8je => C:\Users\With\AppData\Roaming\F46tQTi5u8je.exe <==== ATTENTION
Task: {FC53DCCD-650D-4835-BDB4-DE15EAC19D8A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\F46tQTi5u8je.job => C:\Users\With\AppData\Roaming\F46tQTi5u8je.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4145080920-3812403697-566172317-1000Core.job => C:\Users\With\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4145080920-3812403697-566172317-1000UA.job => C:\Users\With\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe
Task: C:\Windows\Tasks\LGICBV1.job => C:\ProgramData\FlashBeat\FlashBeat.exe
Task: C:\Windows\Tasks\One System CarePeriod.job => C:\Program Files (x86)\OneSystemCare\OneSystemCare.exe
Task: C:\Windows\Tasks\One System CareStartUp.job => C:\Program Files (x86)\OneSystemCare\OneSystemCare.exe
Task: C:\Windows\Tasks\ST5oNoWE90BVieXe.job => C:\Users\With\AppData\Roaming\ST5oNoWE90BVieXe.exe <==== ATTENTION
 
==================== Loaded Modules (Whitelisted) ==============
 
2014-01-04 15:39 - 2015-04-08 17:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-01-17 12:24 - 2012-01-17 12:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2014-09-17 09:13 - 2014-09-17 09:13 - 00036536 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2014-09-17 09:13 - 2014-09-17 09:13 - 00752312 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2014-09-17 09:12 - 2014-09-17 09:12 - 00011776 _____ () C:\Program Files\Rainmeter\Plugins\PowerPlugin.DLL
2014-09-17 09:12 - 2014-09-17 09:12 - 00016896 _____ () C:\Program Files\Rainmeter\Plugins\AdvancedCPU.DLL
2014-09-17 09:12 - 2014-09-17 09:12 - 00022528 _____ () C:\Program Files\Rainmeter\Plugins\WifiStatus.DLL
2014-09-17 09:12 - 2014-09-17 09:12 - 00019968 _____ () C:\Program Files\Rainmeter\Plugins\SysInfo.DLL
2014-09-17 09:12 - 2014-09-17 09:12 - 00056832 _____ () C:\Program Files\Rainmeter\Plugins\WebParser.DLL
2014-01-10 01:26 - 2014-01-10 01:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-31 11:05 - 2013-10-31 11:05 - 00172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2015-04-25 15:09 - 2015-03-27 23:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-09-03 15:15 - 2014-09-03 15:15 - 10683392 _____ () C:\Users\With\AppData\Local\Programs\Google\MusicManager\QtWebKit4.dll
2014-09-03 15:15 - 2014-09-03 15:15 - 07741952 _____ () C:\Users\With\AppData\Local\Programs\Google\MusicManager\QtGui4.dll
2014-09-03 15:15 - 2014-09-03 15:15 - 02248192 _____ () C:\Users\With\AppData\Local\Programs\Google\MusicManager\QtCore4.dll
2014-09-03 15:15 - 2014-09-03 15:15 - 01681408 _____ () C:\Users\With\AppData\Local\Programs\Google\MusicManager\QtNetwork4.dll
2015-03-31 18:33 - 2015-03-31 18:33 - 00117248 _____ () C:\Users\With\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
2015-03-31 18:33 - 2015-03-31 18:33 - 00231936 _____ () C:\Users\With\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
2015-03-31 18:33 - 2015-03-31 18:33 - 00253440 _____ () C:\Users\With\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
2015-03-31 18:33 - 2015-03-31 18:33 - 00344064 _____ () C:\Users\With\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll
2014-09-03 15:15 - 2014-09-03 15:15 - 00026624 _____ () C:\Users\With\AppData\Local\Programs\Google\MusicManager\imageformats\qgif4.dll
2015-05-14 20:24 - 2015-05-14 20:24 - 00043008 _____ () c:\users\with\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpirdwrn.dll
2015-03-04 17:45 - 2015-03-04 17:45 - 00750080 _____ () C:\Users\With\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 17:45 - 2015-03-04 17:45 - 00047616 _____ () C:\Users\With\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 17:45 - 2015-03-04 17:45 - 00865280 _____ () C:\Users\With\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 17:45 - 2015-03-04 17:45 - 00200704 _____ () C:\Users\With\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-05-14 20:24 - 2015-05-14 20:24 - 00098816 _____ () C:\Users\With\AppData\Local\Temp\_MEI37562\win32api.pyd
2015-05-14 20:24 - 2015-05-14 20:24 - 00110080 _____ () C:\Users\With\AppData\Local\Temp\_MEI37562\pywintypes27.dll
2015-05-14 20:24 - 2015-05-14 20:24 - 00364544 _____ () C:\Users\With\AppData\Local\Temp\_MEI37562\pythoncom27.dll
2015-05-14 20:24 - 2015-05-14 20:24 - 00045568 _____ () C:\Users\With\AppData\Local\Temp\_MEI37562\_socket.pyd
2015-05-14 20:24 - 2015-05-14 20:24 - 01161216 _____ () C:\Users\With\AppData\Local\Temp\_MEI37562\_ssl.pyd
2015-05-14 20:24 - 2015-05-14 20:24 - 00320512 _____ () C:\Users\With\AppData\Local\Temp\_MEI37562\win32com.shell.shell.pyd
2015-05-14 20:24 - 2015-05-14 20:24 - 00713216 _____ () C:\Users\With\AppData\Local\Temp\_MEI37562\_hashlib.pyd
2015-05-14 20:24 - 2015-05-14 20:24 - 01175040 _____ () C:\Users\With\AppData\Local\Temp\_MEI37562\wx._core_.pyd
2015-05-14 20:24 - 2015-05-14 20:24 - 00805888 _____ () C:\Users\With\AppData\Local\Temp\_MEI37562\wx._gdi_.pyd
2015-05-14 20:24 - 2015-05-14 20:24 - 00811008 _____ () C:\Users\With\AppData\Local\Temp\_MEI37562\wx._windows_.pyd
2015-05-14 20:24 - 2015-05-14 20:24 - 01062400 _____ () C:\Users\With\AppData\Local\Temp\_MEI37562\wx._controls_.pyd
2015-05-14 20:24 - 2015-05-14 20:24 - 00735232 _____ () C:\Users\With\AppData\Local\Temp\_MEI37562\wx._misc_.pyd
2015-05-14 20:24 - 2015-05-14 20:24 - 00682496 _____ () C:\Users\With\AppData\Local\Temp\_MEI37562\pysqlite2._sqlite.pyd
2015-05-14 20:24 - 2015-05-14 20:24 - 00128512 _____ () C:\Users\With\AppData\Local\Temp\_MEI37562\_elementtree.pyd
2015-05-14 20:24 - 2015-05-14 20:24 - 00127488 _____ () C:\Users\With\AppData\Local\Temp\_MEI37562\pyexpat.pyd
2015-05-14 20:24 - 2015-05-14 20:24 - 00087552 _____ () C:\Users\With\AppData\Local\Temp\_MEI37562\_ctypes.pyd
2015-05-14 20:24 - 2015-05-14 20:24 - 00119808 _____ () C:\Users\With\AppData\Local\Temp\_MEI37562\win32file.pyd
2015-05-14 20:24 - 2015-05-14 20:24 - 00108544 _____ () C:\Users\With\AppData\Local\Temp\_MEI37562\win32security.pyd
2015-05-14 20:24 - 2015-05-14 20:24 - 00007168 _____ () C:\Users\With\AppData\Local\Temp\_MEI37562\hashobjs_ext.pyd
2015-05-14 20:24 - 2015-05-14 20:24 - 00017408 _____ () C:\Users\With\AppData\Local\Temp\_MEI37562\usb_ext.pyd
2015-05-14 20:24 - 2015-05-14 20:24 - 00167936 _____ () C:\Users\With\AppData\Local\Temp\_MEI37562\win32gui.pyd
2015-05-14 20:24 - 2015-05-14 20:24 - 00018432 _____ () C:\Users\With\AppData\Local\Temp\_MEI37562\win32event.pyd
2015-05-14 20:24 - 2015-05-14 20:24 - 00013824 _____ () C:\Users\With\AppData\Local\Temp\_MEI37562\common.time34.pyd
2015-05-14 20:24 - 2015-05-14 20:24 - 00036864 _____ () C:\Users\With\AppData\Local\Temp\_MEI37562\_psutil_windows.pyd
2015-05-14 20:24 - 2015-05-14 20:24 - 00038912 _____ () C:\Users\With\AppData\Local\Temp\_MEI37562\win32inet.pyd
2015-05-14 20:24 - 2015-05-14 20:24 - 00011264 _____ () C:\Users\With\AppData\Local\Temp\_MEI37562\win32crypt.pyd
2015-05-14 20:24 - 2015-05-14 20:24 - 00070656 _____ () C:\Users\With\AppData\Local\Temp\_MEI37562\wx._html2.pyd
2015-05-14 20:24 - 2015-05-14 20:24 - 00027136 _____ () C:\Users\With\AppData\Local\Temp\_MEI37562\_multiprocessing.pyd
2015-05-14 20:24 - 2015-05-14 20:24 - 00020480 _____ () C:\Users\With\AppData\Local\Temp\_MEI37562\_yappi.pyd
2015-05-14 20:24 - 2015-05-14 20:24 - 00035840 _____ () C:\Users\With\AppData\Local\Temp\_MEI37562\win32process.pyd
2015-05-14 20:24 - 2015-05-14 20:24 - 00686080 _____ () C:\Users\With\AppData\Local\Temp\_MEI37562\unicodedata.pyd
2015-05-14 20:24 - 2015-05-14 20:24 - 00122368 _____ () C:\Users\With\AppData\Local\Temp\_MEI37562\wx._wizard.pyd
2015-05-14 20:24 - 2015-05-14 20:24 - 00024064 _____ () C:\Users\With\AppData\Local\Temp\_MEI37562\win32pipe.pyd
2015-05-14 20:24 - 2015-05-14 20:24 - 00010240 _____ () C:\Users\With\AppData\Local\Temp\_MEI37562\select.pyd
2015-05-14 20:24 - 2015-05-14 20:24 - 00025600 _____ () C:\Users\With\AppData\Local\Temp\_MEI37562\win32pdh.pyd
2015-05-14 20:24 - 2015-05-14 20:24 - 00525640 _____ () C:\Users\With\AppData\Local\Temp\_MEI37562\windows._lib_cacheinvalidation.pyd
2015-05-14 20:24 - 2015-05-14 20:24 - 00017408 _____ () C:\Users\With\AppData\Local\Temp\_MEI37562\win32profile.pyd
2015-05-14 20:24 - 2015-05-14 20:24 - 00022528 _____ () C:\Users\With\AppData\Local\Temp\_MEI37562\win32ts.pyd
2015-05-14 20:24 - 2015-05-14 20:24 - 00078336 _____ () C:\Users\With\AppData\Local\Temp\_MEI37562\wx._animate.pyd
2014-01-10 01:28 - 2014-01-10 01:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2015-05-14 03:48 - 2015-05-05 00:06 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.152\libglesv2.dll
2015-05-14 03:48 - 2015-05-05 00:06 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.152\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antvirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccEvtMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccSetMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmcService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Symantec Antivirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Symantec Antvirus => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-4145080920-3812403697-566172317-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\With\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
FirewallRules: [{9F0E2B77-3E95-40BA-B2FD-4D60B42AFA54}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
FirewallRules: [{1799EC42-901F-43B8-A332-7479C0FB0491}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
FirewallRules: [{511CBEB8-206C-4CF3-A6EE-32D485727EC0}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE
FirewallRules: [{8C4583DB-C24D-416B-97DA-3E0D05C9FFB0}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE
FirewallRules: [{A0BB0A3D-E6B7-49E3-9035-0AC655AB7A50}] => (Allow) C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
FirewallRules: [{B6C5E2E0-6E5A-4F04-A454-9E00AADD4371}] => (Allow) C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
FirewallRules: [{464E037F-E538-48CF-9230-8D4519C334A7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3FC865ED-C93E-4DA9-BD0A-1D23BDA03AB3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E349AB72-3C7C-43A1-AF0D-8A0F36276B19}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7B01ECA7-820D-4EEA-9CD1-048B6600C4C6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{90EA1F13-43F8-4BB5-8AF0-257EF3F93643}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{EE8D37B2-DFFA-40FD-BB10-F53AB335BCF9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{F6DE9BFF-5256-44A1-B02D-F194EBC227F0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{997D3A3F-9697-42E9-BF8E-01271AAAD738}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A4ED9835-5C4A-47B0-B283-AC75EFDCEC01}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{26014AC1-22A6-4D68-81A6-8FBA90AEA2EB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B4C5B714-E882-4080-BD1B-958C0E070D3F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{81AA5AF0-6367-473A-B790-BB4CE41110A2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{00CF6937-FBE3-4BAF-B202-F920BF80D336}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{857F62FD-CD68-448E-8E6F-5C25D6BCC31C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A9367C1F-15AA-4758-B59F-65A41EED5486}] => (Allow) C:\Program Files\HP\HP ENVY 110 series\Bin\DeviceSetup.exe
FirewallRules: [{1F5C5FD5-BE39-44C4-908E-0F48E5C9BA6C}] => (Allow) C:\Program Files\HP\HP ENVY 110 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{1677AB67-8E2D-4841-BEEF-ED612228E8A9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{93A312E5-B554-4D84-BA4A-9D8CE24122CD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8872B64F-12F3-4BBB-BE11-09583517C788}] => (Allow) C:\Users\With\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{AB7288E0-AF54-489B-99A7-A5CCB3F2EFC5}] => (Allow) C:\Users\With\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{124D0D23-505E-4674-B593-B7021C1B1A9C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\3DMark\3DMarkLauncher.exe
FirewallRules: [{E44EECB0-AD3A-49DE-B730-4393C85B3192}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\3DMark\3DMarkLauncher.exe
FirewallRules: [{FD5B630B-9E64-4865-812F-3989C3EA47B7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{9DB63C9E-F65C-4478-8CD1-417B838028FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{71B387F4-1215-4134-AA77-B1A435DAFCD9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [{93291CF7-F604-4439-BCEB-BBB347188FDB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [{3DB4E025-C54C-418A-8F0F-ED7573A5E1C3}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\Blacklist_Launcher.exe
FirewallRules: [{BB95AD9F-0EC2-420C-8DC8-C15CDBF024AA}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\Blacklist_Launcher.exe
FirewallRules: [{1E2CC697-AAB1-4279-8FF7-CFE457275D2F}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\Blacklist_game.exe
FirewallRules: [{C98256A2-0103-42A6-812D-466B078ACE9E}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\Blacklist_game.exe
FirewallRules: [{82F85424-B8D8-419E-BA43-33E7FBCDD891}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\Blacklist_DX11_game.exe
FirewallRules: [{19F4C8DE-7EB7-4CE5-B413-CCEA63289385}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\Blacklist_DX11_game.exe
FirewallRules: [{E2C6C041-21FC-430C-91B4-EA39D7A4F3F7}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\gu.exe
FirewallRules: [{379E130F-BB7C-45D4-AFAD-E5089EFC42B3}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\gu.exe
FirewallRules: [{25F76C8C-E998-43B4-99C8-B684F4253605}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2AA39916-CE25-47DB-A842-70A37C8AF47D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{739BC5AF-1FC5-4C17-8A55-F2005B256C47}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{4021B75F-FFDB-4BBB-B623-5EE7B13D012C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{6692D166-CE02-469A-B85A-AF18E1508804}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FD03A6E1-5FDB-46BF-80DD-A3447D371F0B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{628B59E9-7089-473A-A217-B4676E4BDB69}C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [UDP Query User{2FA4729D-B17E-4AD2-AD02-2F1FD421F9A3}C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [TCP Query User{47440ABA-BE30-4AFC-9FBF-4EA87D4ACAFB}C:\program files (x86)\xbmc\xbmc.exe] => (Allow) C:\program files (x86)\xbmc\xbmc.exe
FirewallRules: [UDP Query User{1DB3019B-78DB-4411-AC37-ABCAE87A4EB9}C:\program files (x86)\xbmc\xbmc.exe] => (Allow) C:\program files (x86)\xbmc\xbmc.exe
FirewallRules: [{4BE31ECF-E8B2-4275-8A44-798DEC559F66}] => (Allow) C:\Users\With\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7788240A-434D-4D4C-9914-49BADEC7AEBE}] => (Allow) C:\Users\With\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B9738E8B-3923-4BE1-969E-ACD352CF2E70}] => (Allow) C:\Program Files (x86)\PS3 Media Server\pms.exe
FirewallRules: [{C27B09F6-877C-4C15-8242-BEBF597A43CC}] => (Allow) C:\Program Files (x86)\PS3 Media Server\pms.exe
FirewallRules: [{EE7F571F-0D57-4565-9B75-3859DCC284A6}] => (Allow) C:\Program Files (x86)\PS3 Media Server\pms.exe
FirewallRules: [{9A55B186-5BF9-4204-AEBF-7C9A8188AEBB}] => (Allow) C:\Program Files (x86)\PS3 Media Server\pms.exe
FirewallRules: [TCP Query User{2437F5F9-3DE2-4C62-9706-72FE62B6D5B5}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{81739696-DE8B-466C-B757-F00B3E8B35DD}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{28CA98F5-2510-48ED-9B28-82E5532B42B0}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{2B697B2A-3F7F-46C3-9F13-03D155D9B806}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [TCP Query User{DA511ABF-4E59-4E55-81E7-F7BC82B2ECBE}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{F0B753CA-7C55-4F29-8828-0C4FF652D6BD}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{B42268CB-5500-4034-B31F-FEBC3AC73D02}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{DFCDD9E6-36A4-4560-9703-43A519D16DCB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7FE9E214-5D04-47F5-8595-B233B493CAFC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1EEE2DB7-D198-4350-9C5B-E1C0885580DD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{03D49B8F-ED41-4D04-A3D4-D40FC8F22D93}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{154F24C6-15BF-44CE-B2B5-D599BF48A7B8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\3DMark\3DMarkLauncher.exe
FirewallRules: [{7FD366F8-CD63-4A9D-BDE7-78E87EE2976D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\3DMark\3DMarkLauncher.exe
FirewallRules: [{3EDB65BE-802D-4C2D-B5E9-AEFF59DFEF15}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Stanley Parable Demo\stanley.exe
FirewallRules: [{9CC54471-4C44-4139-9E11-187737D3F6CA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Stanley Parable Demo\stanley.exe
FirewallRules: [TCP Query User{C92AE416-6AFC-49B4-90AE-232EF2BBA60D}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{D0B4509C-4A71-4FA9-82CB-201792D39722}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{B31B9A02-E975-4E06-ADD3-16F30F5B928F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{39E8F3B2-4446-4CA8-8A38-2F9C9EC3225C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A9B1999B-E1FC-4E40-9C7C-C444AF380F85}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{9EAE7697-D406-495F-9273-7C8B4DED7D90}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{A01FE1BF-21C3-4E29-8BCD-C7310B0A514B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Old Tree\TheOldTree.exe
FirewallRules: [{892D23D8-6EA6-4258-9F45-B21E4A2440AF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Old Tree\TheOldTree.exe
FirewallRules: [{72CA8567-F0C9-43BE-99EC-BE279B8928D4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{A75E9CCC-D61C-4AEC-9549-120B501454A2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{73B92E2E-DC5E-4BCA-B912-AFA34A18F9AA}C:\users\with\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\with\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{336E2460-A5D9-40AB-BF74-AA88D1DE20CE}C:\users\with\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\with\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{B3534494-8F54-4441-830B-B5153E757174}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{8E47BA23-58E8-4331-8B86-25E919B483BF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [TCP Query User{D1CD7235-5919-412F-9116-06BB5D013737}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{4638AAA7-8C07-4FC3-AE9D-A320151C7DA5}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{59DCB188-EBB5-4164-9615-D2E73BE93E91}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{20EC4E7F-F646-4D1A-BD7C-7AEEBBE9A4FE}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{923EE6F0-990E-4328-8412-529A4D27CD61}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{2459631E-D746-43D7-B4E2-19DBAE2EABDE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{F298770E-CDF6-4DC8-BA3D-18DFFFF71DEC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [{8D588A66-BFBC-4569-A8A7-B3BB66E53529}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [{0E6ABEDE-61AA-4845-A772-84904F73A0D2}] => (Allow) C:\Users\With\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{2A4E7160-17CD-424C-9E64-4D6FE3F661AF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
Name: SPDRIVER_1.42.0.1828
Description: SPDRIVER_1.42.0.1828
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: SPDRIVER_1.42.0.1828
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/14/2015 08:27:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program CleanupConsole.exe version 3.2.0.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1228
 
Start Time: 01d08ea57ea6fa33
 
Termination Time: 0
 
Application Path: C:\Program Files (x86)\OneSystemCare\CleanupConsole.exe
 
Report Id:
 
Error: (05/14/2015 08:25:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/14/2015 08:24:38 PM) (Source: Symantec AntiVirus) (EventID: 51) (User: )
Description: Security Risk Found!Bloodhound.MalPE in File: C:\Avenger\ApiHandlr.dll by: Auto-Protect scan.  Action: Quarantine succeeded : Access denied.  Action Description: The file was quarantined successfully.
 
Error: (05/14/2015 08:10:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/14/2015 08:05:31 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "39.5.2171.95,language="&#x2a;",type="win32",version="39.5.2171.95"1".
Dependent Assembly 39.5.2171.95,language="&#x2a;",type="win32",version="39.5.2171.95" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (05/14/2015 05:25:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17420 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 9f8
 
Start Time: 01d08dfb3302570f
 
Termination Time: 503
 
Application Path: C:\Program Files\Internet Explorer\IEXPLORE.EXE
 
Report Id:
 
Error: (05/14/2015 05:25:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program iexplore.exe version 11.0.9600.17420 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1a20
 
Start Time: 01d08e3e4274b48f
 
Termination Time: 211
 
Application Path: C:\Program Files\Internet Explorer\iexplore.exe
 
Report Id:
 
Error: (05/14/2015 05:06:47 PM) (Source: Symantec AntiVirus) (EventID: 51) (User: )
Description: Security Risk Found!Infostealer.Consmiper in File: C:\Users\With\AppData\Local\Temp\compete.exe by: Auto-Protect scan.  Action: Cleaned by Deletion.  Action Description: The file was deleted successfully.
 
Error: (05/14/2015 04:40:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ISightHost.exe, version: 0.0.0.0, time stamp: 0x54653b3d
Faulting module name: ISightSDK.DLL, version: 0.0.0.0, time stamp: 0x54653b59
Exception code: 0x40000015
Fault offset: 0x000000000005d3dd
Faulting process id: 0x5498
Faulting application start time: 0xISightHost.exe0
Faulting application path: ISightHost.exe1
Faulting module path: ISightHost.exe2
Report Id: ISightHost.exe3
 
Error: (05/14/2015 03:55:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: gmsd_us_574.exe, version: 0.0.0.0, time stamp: 0x5551d8da
Faulting module name: gmsd_us_574.exe, version: 0.0.0.0, time stamp: 0x5551d8da
Exception code: 0x40000015
Fault offset: 0x001edeba
Faulting process id: 0x224c
Faulting application start time: 0xgmsd_us_574.exe0
Faulting application path: gmsd_us_574.exe1
Faulting module path: gmsd_us_574.exe2
Report Id: gmsd_us_574.exe3
 
 
System errors:
=============
Error: (05/14/2015 08:24:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SPDRIVER_1.42.0.1828 service failed to start due to the following error: 
%%3
 
Error: (05/14/2015 08:24:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Design Template Hyperlink service failed to start due to the following error: 
%%3
 
Error: (05/14/2015 08:24:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Drag And Drop Shift Key service failed to start due to the following error: 
%%3
 
Error: (05/14/2015 08:08:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SPDRIVER_1.42.0.1828 service failed to start due to the following error: 
%%3
 
Error: (05/14/2015 08:08:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Design Template Hyperlink service failed to start due to the following error: 
%%2
 
Error: (05/14/2015 08:08:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Infonaut 1.10.0.14 Client Service service failed to start due to the following error: 
%%2
 
Error: (05/14/2015 08:08:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Drag And Drop Shift Key service failed to start due to the following error: 
%%2
 
Error: (05/14/2015 08:08:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Search service failed to start due to the following error: 
%%1069
 
Error: (05/14/2015 08:08:10 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The WSearch service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error: 
%%50
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
Error: (05/14/2015 08:07:50 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Symantec Endpoint Protection service, but this action failed with the following error: 
%%1056
 
 
Microsoft Office Sessions:
=========================
Error: (01/21/2015 04:45:17 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 73112 seconds with 240 seconds of active time.  This session ended with a crash.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-4570 CPU @ 3.20GHz
Percentage of memory in use: 45%
Total physical RAM: 8111.48 MB
Available physical RAM: 4437.65 MB
Total Pagefile: 16221.14 MB
Available Pagefile: 12079.82 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:232.79 GB) (Free:39.06 GB) NTFS
Drive d: (Drive) (Fixed) (Total:1397.26 GB) (Free:87.54 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 311BDA87)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1397.3 GB) (Disk ID: 95C87E00)
Partition 1: (Not Active) - (Size=1397.3 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#7 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:13 PM

Posted 16 May 2015 - 05:44 AM

Hi there,

Step 1

frst.pngfrstfix.png

Press thew7.png + R on your keyboard at the same time. Type notepad and click OK.

  • Copy the entire content of the codebox below and paste into the notepad document:
    CloseProcesses:
    AppInit_DLLs: C:\ProgramData\FlashBeat\FlashBeat64.dll => C:\ProgramData\FlashBeat\FlashBeat64.dll File Not Found
    AppInit_DLLs-x32: C:\ProgramData\FlashBeat\FlashBeat32.dll => "C:\ProgramData\FlashBeat\FlashBeat32.dll" File Not Found
    AppInit_DLLs-x32:  c:\progra~3\{7d2f9~1\1170~1.1\sidi.dll => c:\ProgramData\{7D2F95EC-2DAD-446A-9C2B-34E84CA9E766}\1.17.0.1\sidi.dll [778752 2015-05-12] ()
    c:\ProgramData\{7D2F95EC-2DAD-446A-9C2B-34E84CA9E766}
    RemoveProxy:
    SearchScopes: HKLM -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL = 
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-21-4145080920-3812403697-566172317-1000 -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL = 
    BHO: YoutuBEAdiBlocckea -> {e74a6ea1-aa96-484a-b06b-fc0d5cdf51a3} -> C:\Program Files (x86)\YoutuBEAdiBlocckea\wAkYOIrF8czsBA.x64.dll No File
    S2 fugewybu; No ImagePath
    S2 qozyzuwu; No ImagePath
    S2 SPDRIVER_1.42.0.1828; \??\C:\Program Files (x86)\ShopperPro\JSDriver\1.42.0.1828\jsdrv.sys [X]
    C:\Program Files (x86)\ShopperPro
    2015-05-13 19:48 - 2015-05-13 19:48 - 00000000 ____D () C:\Program Files (x86)\3223e5b9-cdd3-4754-916f-8a7b31fab8a8
    2015-05-12 19:45 - 2015-05-14 20:21 - 00000000 ____D () C:\Program Files (x86)\86583d2e-7ff4-4b9c-83ad-6b374a1be126
    2015-05-12 19:45 - 2015-05-13 19:54 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
    2015-05-12 19:25 - 2015-05-12 19:25 - 00000000 ____D () C:\Users\With\AppData\Roaming\One System Care
    2015-05-12 19:20 - 2015-05-12 19:20 - 00000000 ____D () C:\Users\With\AppData\Roaming\OpenSoftwareUpdater
    2015-05-12 19:20 - 2015-05-12 19:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneSystemCare
    2015-05-12 19:20 - 2015-05-12 19:20 - 00000000 ____D () C:\Program Files (x86)\OneSystemCare
    2015-05-12 19:18 - 2015-05-13 19:58 - 00000000 ____D () C:\Program Files (x86)\OpenSoftwareUpdater
    2015-04-19 08:20 - 2015-04-19 08:20 - 0005872 _____ () C:\Users\With\AppData\Roaming\F46tQTi5u8je
    2015-04-14 12:28 - 2015-04-14 12:28 - 0004387 _____ () C:\Users\With\AppData\Roaming\ST5oNoWE90BVieXe
    C:\ProgramData\cb7ea4a0b01f4c88a9315fc70a3584f8
    Task: {0D533FAF-2644-4989-BAA8-5B8A5552E5C9} - System32\Tasks\One System CarePeriod => C:\Program Files (x86)\OneSystemCare\OneSystemCare.exe [2015-05-04] ()
    Task: {12203194-9AD1-4194-B548-34A948396CEF} - System32\Tasks\LIBXXSJ => C:\ProgramData\cb7ea4a0b01f4c88a9315fc70a3584f8\cb7ea4a0b01f4c88a9315fc70a3584f8.exe
    Task: {2E396D3E-023E-4DF0-A9B2-D43AF9EB240C} - System32\Tasks\LGICBV1 => C:\ProgramData\FlashBeat\FlashBeat.exe
    Task: {346C8A18-60CE-4C5E-9332-C2408353552D} - System32\Tasks\ST5oNoWE90BVieXe => C:\Users\With\AppData\Roaming\ST5oNoWE90BVieXe.exe 
    Task: {4D7272D8-7B93-4958-92DB-637B65D2D675} - \SMW_UpdateTask_Time_313735383037363438392d3437415a556c2a3223346c41 No Task File 
    Task: {6134844F-3B2D-4E54-BC75-2A9A6EEBEDA1} - System32\Tasks\One System Care Run Delay => C:\Program Files (x86)\OneSystemCare\OneSystemCare.exe [2015-05-04] ()
    Task: {64EBA476-1651-4799-A9F8-43BC0146E764} - System32\Tasks\One System Care Monitor => C:\Program Files (x86)\OneSystemCare\CleanupConsole.exe [2015-05-04] ()
    Task: {66E36F27-01BD-4B12-BFAC-CF3163ED24C8} - System32\Tasks\One System CareStartUp => C:\Program Files (x86)\OneSystemCare\OneSystemCare.exe [2015-05-04] ()
    Task: {785EF48B-A178-48FC-B5E2-85350999631C} - System32\Tasks\SMWUpd => C:\Program Files\Common Files\Goobzo\GBUpdate\updater.exe 
    Task: {93889A24-6B5B-4F83-B605-9278359D607F} - \SPBIW_UpdateTask_Time_313735383037363438392d3437415a556c2a3223346c41 No Task File 
    C:\Program Files\Common Files\Goobzo
    Task: {D1BDC18A-EC6E-47E0-9220-1D5C4BD48AF0} - \Dregol sidi No Task File 
    Task: {E0C21EDF-5A67-482A-81DB-3E1A1DD304FF} - System32\Tasks\F46tQTi5u8je => C:\Users\With\AppData\Roaming\F46tQTi5u8je.exe 
    Task: C:\Windows\Tasks\F46tQTi5u8je.job => C:\Users\With\AppData\Roaming\F46tQTi5u8je.exe 
    Task: C:\Windows\Tasks\LGICBV1.job => C:\ProgramData\FlashBeat\FlashBeat.exe
    Task: C:\Windows\Tasks\One System CarePeriod.job => C:\Program Files (x86)\OneSystemCare\OneSystemCare.exe
    Task: C:\Windows\Tasks\One System CareStartUp.job => C:\Program Files (x86)\OneSystemCare\OneSystemCare.exe
    Task: C:\Windows\Tasks\ST5oNoWE90BVieXe.job => C:\Users\With\AppData\Roaming\ST5oNoWE90BVieXe.exe
    C:\Program Files (x86)\OneSystemCare 
    C:\Users\With\AppData\Roaming\ST5oNoWE90BVieXe.exe
    C:\ProgramData\FlashBeat
    C:\Users\With\AppData\Roaming\F46tQTi5u8je.exe 
    EmptyTemp:
    
  • Click File, Save As and type fixlist.txt as the File Name.

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please post it to your reply.

After the Reboot:

Step 2

frst.pngfrstscan.png

Start FRST with administator privileges.

  • Make sure the following option is checked: addition.png
  • Press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
    Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#8 Phaze13

Phaze13
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:06:13 AM

Posted 16 May 2015 - 06:52 AM

Seems to be hung at:
Deleteing temporry files: c:\users\with\AppData\Local\MOZILLA\FIREFOX\PROFILES
 
please advise


#9 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:13 PM

Posted 16 May 2015 - 06:53 AM

Please be patient. :)
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#10 Phaze13

Phaze13
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:06:13 AM

Posted 16 May 2015 - 11:40 AM

Still hung at

Deleteing temporry files: c:\users\with\AppData\Local\MOZILLA\FIREFOX\PROFILES



#11 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:13 PM

Posted 16 May 2015 - 11:42 AM

OK, abort the fix please. Please make sure you let the system restart normally!


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#12 Phaze13

Phaze13
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:06:13 AM

Posted 16 May 2015 - 12:20 PM

There was a Fixlog generated. Maybe the window froze but the program still ran. This seems to happen with another program I use when the lockscreen comes on.

 

Fixlog:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-05-2015 02
Ran by With at 2015-05-16 07:37:58 Run:5
Running from C:\Users\With\Desktop
Loaded Profiles: With (Available profiles: With)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
CloseProcesses:
AppInit_DLLs: C:\ProgramData\FlashBeat\FlashBeat64.dll => C:\ProgramData\FlashBeat\FlashBeat64.dll File Not Found
AppInit_DLLs-x32: C:\ProgramData\FlashBeat\FlashBeat32.dll => "C:\ProgramData\FlashBeat\FlashBeat32.dll" File Not Found
AppInit_DLLs-x32:  c:\progra~3\{7d2f9~1\1170~1.1\sidi.dll => c:\ProgramData\{7D2F95EC-2DAD-446A-9C2B-34E84CA9E766}\1.17.0.1\sidi.dll [778752 2015-05-12] ()
c:\ProgramData\{7D2F95EC-2DAD-446A-9C2B-34E84CA9E766}
RemoveProxy:
SearchScopes: HKLM -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4145080920-3812403697-566172317-1000 -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL = 
BHO: YoutuBEAdiBlocckea -> {e74a6ea1-aa96-484a-b06b-fc0d5cdf51a3} -> C:\Program Files (x86)\YoutuBEAdiBlocckea\wAkYOIrF8czsBA.x64.dll No File
S2 fugewybu; No ImagePath
S2 qozyzuwu; No ImagePath
S2 SPDRIVER_1.42.0.1828; \??\C:\Program Files (x86)\ShopperPro\JSDriver\1.42.0.1828\jsdrv.sys [X]
C:\Program Files (x86)\ShopperPro
2015-05-13 19:48 - 2015-05-13 19:48 - 00000000 ____D () C:\Program Files (x86)\3223e5b9-cdd3-4754-916f-8a7b31fab8a8
2015-05-12 19:45 - 2015-05-14 20:21 - 00000000 ____D () C:\Program Files (x86)\86583d2e-7ff4-4b9c-83ad-6b374a1be126
2015-05-12 19:45 - 2015-05-13 19:54 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-05-12 19:25 - 2015-05-12 19:25 - 00000000 ____D () C:\Users\With\AppData\Roaming\One System Care
2015-05-12 19:20 - 2015-05-12 19:20 - 00000000 ____D () C:\Users\With\AppData\Roaming\OpenSoftwareUpdater
2015-05-12 19:20 - 2015-05-12 19:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneSystemCare
2015-05-12 19:20 - 2015-05-12 19:20 - 00000000 ____D () C:\Program Files (x86)\OneSystemCare
2015-05-12 19:18 - 2015-05-13 19:58 - 00000000 ____D () C:\Program Files (x86)\OpenSoftwareUpdater
2015-04-19 08:20 - 2015-04-19 08:20 - 0005872 _____ () C:\Users\With\AppData\Roaming\F46tQTi5u8je
2015-04-14 12:28 - 2015-04-14 12:28 - 0004387 _____ () C:\Users\With\AppData\Roaming\ST5oNoWE90BVieXe
C:\ProgramData\cb7ea4a0b01f4c88a9315fc70a3584f8
Task: {0D533FAF-2644-4989-BAA8-5B8A5552E5C9} - System32\Tasks\One System CarePeriod => C:\Program Files (x86)\OneSystemCare\OneSystemCare.exe [2015-05-04] ()
Task: {12203194-9AD1-4194-B548-34A948396CEF} - System32\Tasks\LIBXXSJ => C:\ProgramData\cb7ea4a0b01f4c88a9315fc70a3584f8\cb7ea4a0b01f4c88a9315fc70a3584f8.exe
Task: {2E396D3E-023E-4DF0-A9B2-D43AF9EB240C} - System32\Tasks\LGICBV1 => C:\ProgramData\FlashBeat\FlashBeat.exe
Task: {346C8A18-60CE-4C5E-9332-C2408353552D} - System32\Tasks\ST5oNoWE90BVieXe => C:\Users\With\AppData\Roaming\ST5oNoWE90BVieXe.exe 
Task: {4D7272D8-7B93-4958-92DB-637B65D2D675} - \SMW_UpdateTask_Time_313735383037363438392d3437415a556c2a3223346c41 No Task File 
Task: {6134844F-3B2D-4E54-BC75-2A9A6EEBEDA1} - System32\Tasks\One System Care Run Delay => C:\Program Files (x86)\OneSystemCare\OneSystemCare.exe [2015-05-04] ()
Task: {64EBA476-1651-4799-A9F8-43BC0146E764} - System32\Tasks\One System Care Monitor => C:\Program Files (x86)\OneSystemCare\CleanupConsole.exe [2015-05-04] ()
Task: {66E36F27-01BD-4B12-BFAC-CF3163ED24C8} - System32\Tasks\One System CareStartUp => C:\Program Files (x86)\OneSystemCare\OneSystemCare.exe [2015-05-04] ()
Task: {785EF48B-A178-48FC-B5E2-85350999631C} - System32\Tasks\SMWUpd => C:\Program Files\Common Files\Goobzo\GBUpdate\updater.exe 
Task: {93889A24-6B5B-4F83-B605-9278359D607F} - \SPBIW_UpdateTask_Time_313735383037363438392d3437415a556c2a3223346c41 No Task File 
C:\Program Files\Common Files\Goobzo
Task: {D1BDC18A-EC6E-47E0-9220-1D5C4BD48AF0} - \Dregol sidi No Task File 
Task: {E0C21EDF-5A67-482A-81DB-3E1A1DD304FF} - System32\Tasks\F46tQTi5u8je => C:\Users\With\AppData\Roaming\F46tQTi5u8je.exe 
Task: C:\Windows\Tasks\F46tQTi5u8je.job => C:\Users\With\AppData\Roaming\F46tQTi5u8je.exe 
Task: C:\Windows\Tasks\LGICBV1.job => C:\ProgramData\FlashBeat\FlashBeat.exe
Task: C:\Windows\Tasks\One System CarePeriod.job => C:\Program Files (x86)\OneSystemCare\OneSystemCare.exe
Task: C:\Windows\Tasks\One System CareStartUp.job => C:\Program Files (x86)\OneSystemCare\OneSystemCare.exe
Task: C:\Windows\Tasks\ST5oNoWE90BVieXe.job => C:\Users\With\AppData\Roaming\ST5oNoWE90BVieXe.exe
C:\Program Files (x86)\OneSystemCare 
C:\Users\With\AppData\Roaming\ST5oNoWE90BVieXe.exe
C:\ProgramData\FlashBeat
C:\Users\With\AppData\Roaming\F46tQTi5u8je.exe 
EmptyTemp:
*****************
 
Processes closed successfully.
"C:\ProgramData\FlashBeat\FlashBeat64.dll" => Value Data removed successfully.
"C:\ProgramData\FlashBeat\FlashBeat32.dll" => Value Data removed successfully.
" c:\progra~3\{7d2f9~1\1170~1.1\sidi.dll" => Value Data removed successfully.
c:\ProgramData\{7D2F95EC-2DAD-446A-9C2B-34E84CA9E766} => Moved successfully.
 
========= RemoveProxy: =========
 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully.
HKU\S-1-5-21-4145080920-3812403697-566172317-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
HKU\S-1-5-21-4145080920-3812403697-566172317-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully.
HKU\S-1-5-21-4145080920-3812403697-566172317-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully.
 
 
========= End of RemoveProxy: =========
 
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{c9ab6446-7efc-47fe-966c-dc54324eff9f}" => Key deleted successfully.
HKCR\CLSID\{c9ab6446-7efc-47fe-966c-dc54324eff9f} => Key not found. 
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-4145080920-3812403697-566172317-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{c9ab6446-7efc-47fe-966c-dc54324eff9f}" => Key deleted successfully.
HKCR\CLSID\{c9ab6446-7efc-47fe-966c-dc54324eff9f} => Key not found. 
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e74a6ea1-aa96-484a-b06b-fc0d5cdf51a3}" => Key deleted successfully.
"HKCR\CLSID\{e74a6ea1-aa96-484a-b06b-fc0d5cdf51a3}" => Key deleted successfully.
fugewybu => Service deleted successfully.
qozyzuwu => Service deleted successfully.
SPDRIVER_1.42.0.1828 => Service deleted successfully.
"C:\Program Files (x86)\ShopperPro" => File/Directory not found.
C:\Program Files (x86)\3223e5b9-cdd3-4754-916f-8a7b31fab8a8 => Moved successfully.
C:\Program Files (x86)\86583d2e-7ff4-4b9c-83ad-6b374a1be126 => Moved successfully.
C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 => Moved successfully.
C:\Users\With\AppData\Roaming\One System Care => Moved successfully.
C:\Users\With\AppData\Roaming\OpenSoftwareUpdater => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneSystemCare => Moved successfully.
C:\Program Files (x86)\OneSystemCare => Moved successfully.
C:\Program Files (x86)\OpenSoftwareUpdater => Moved successfully.
C:\Users\With\AppData\Roaming\F46tQTi5u8je => Moved successfully.
C:\Users\With\AppData\Roaming\ST5oNoWE90BVieXe => Moved successfully.
C:\ProgramData\cb7ea4a0b01f4c88a9315fc70a3584f8 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0D533FAF-2644-4989-BAA8-5B8A5552E5C9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D533FAF-2644-4989-BAA8-5B8A5552E5C9}" => Key deleted successfully.
C:\Windows\System32\Tasks\One System CarePeriod => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\One System CarePeriod" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{12203194-9AD1-4194-B548-34A948396CEF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{12203194-9AD1-4194-B548-34A948396CEF}" => Key deleted successfully.
C:\Windows\System32\Tasks\LIBXXSJ => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LIBXXSJ" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2E396D3E-023E-4DF0-A9B2-D43AF9EB240C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2E396D3E-023E-4DF0-A9B2-D43AF9EB240C}" => Key deleted successfully.
C:\Windows\System32\Tasks\LGICBV1 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LGICBV1" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{346C8A18-60CE-4C5E-9332-C2408353552D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{346C8A18-60CE-4C5E-9332-C2408353552D}" => Key deleted successfully.
C:\Windows\System32\Tasks\ST5oNoWE90BVieXe => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ST5oNoWE90BVieXe" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4D7272D8-7B93-4958-92DB-637B65D2D675}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D7272D8-7B93-4958-92DB-637B65D2D675}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SMW_UpdateTask_Time_313735383037363438392d3437415a556c2a3223346c41" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6134844F-3B2D-4E54-BC75-2A9A6EEBEDA1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6134844F-3B2D-4E54-BC75-2A9A6EEBEDA1}" => Key deleted successfully.
C:\Windows\System32\Tasks\One System Care Run Delay => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\One System Care Run Delay" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{64EBA476-1651-4799-A9F8-43BC0146E764}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{64EBA476-1651-4799-A9F8-43BC0146E764}" => Key deleted successfully.
C:\Windows\System32\Tasks\One System Care Monitor => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\One System Care Monitor" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{66E36F27-01BD-4B12-BFAC-CF3163ED24C8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{66E36F27-01BD-4B12-BFAC-CF3163ED24C8}" => Key deleted successfully.
C:\Windows\System32\Tasks\One System CareStartUp => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\One System CareStartUp" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{785EF48B-A178-48FC-B5E2-85350999631C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{785EF48B-A178-48FC-B5E2-85350999631C}" => Key deleted successfully.
C:\Windows\System32\Tasks\SMWUpd => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SMWUpd" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{93889A24-6B5B-4F83-B605-9278359D607F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{93889A24-6B5B-4F83-B605-9278359D607F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SPBIW_UpdateTask_Time_313735383037363438392d3437415a556c2a3223346c41" => Key deleted successfully.
"C:\Program Files\Common Files\Goobzo" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D1BDC18A-EC6E-47E0-9220-1D5C4BD48AF0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D1BDC18A-EC6E-47E0-9220-1D5C4BD48AF0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dregol sidi" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E0C21EDF-5A67-482A-81DB-3E1A1DD304FF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0C21EDF-5A67-482A-81DB-3E1A1DD304FF}" => Key deleted successfully.
C:\Windows\System32\Tasks\F46tQTi5u8je => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\F46tQTi5u8je" => Key deleted successfully.
C:\Windows\Tasks\F46tQTi5u8je.job => Moved successfully.
C:\Windows\Tasks\LGICBV1.job => Moved successfully.
C:\Windows\Tasks\One System CarePeriod.job => Moved successfully.
C:\Windows\Tasks\One System CareStartUp.job => Moved successfully.
C:\Windows\Tasks\ST5oNoWE90BVieXe.job => Moved successfully.
"C:\Program Files (x86)\OneSystemCare" => File/Directory not found.
"C:\Users\With\AppData\Roaming\ST5oNoWE90BVieXe.exe" => File/Directory not found.
"C:\ProgramData\FlashBeat" => File/Directory not found.
"C:\Users\With\AppData\Roaming\F46tQTi5u8je.exe" => File/Directory not found.
 
Aborted and restarted.
 
Please advise


#13 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:13 PM

Posted 16 May 2015 - 12:21 PM

Please proceed with step 2.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#14 Phaze13

Phaze13
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:06:13 AM

Posted 16 May 2015 - 12:37 PM

Step 2 AdwCleaner

 

Nothing showed in the results window after scan, clicked clean and computer rebooted.

Here is the log:

# AdwCleaner v4.203 - Logfile created 16/05/2015 at 13:35:02
# Updated 30/04/2015 by Xplode
# Database : 2015-05-12.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : With - WITH-PC
# Running from : C:\Users\With\Desktop\adwcleaner_4.203.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Deleted : C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0
File Deleted : C:\Users\With\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\papbadoldddalgcjcicnikcfenodpghp
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
Data Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17420
 
 
-\\ Mozilla Firefox v37.0.2 (x86 en-US)
 
 
-\\ Google Chrome v42.0.2311.152
 
 
-\\ Chromium v44.0.2397.0
 
 
*************************
 
AdwCleaner[R0].txt - [27239 bytes] - [14/05/2015 20:06:13]
AdwCleaner[R1].txt - [1412 bytes] - [16/05/2015 13:33:45]
AdwCleaner[S0].txt - [25850 bytes] - [14/05/2015 20:07:31]
AdwCleaner[S1].txt - [1345 bytes] - [16/05/2015 13:35:02]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1404  bytes] ##########


#15 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:13 PM

Posted 16 May 2015 - 01:04 PM

After the Reboot:

Step 2

frst.pngfrstscan.png

Start FRST with administator privileges.

  • Make sure the following option is checked: addition.png
  • Press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
    Please copy and paste these logs in your next reply.

This step 2 is the right one. :)
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users