Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cassiopessa search - can't uninstall


  • Please log in to reply
15 replies to this topic

#1 KeepinUp

KeepinUp

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:27 AM

Posted 05 August 2015 - 07:31 PM

I was blessed to receive a used computer - however it keeps using cassiopessa search and is very slow.  I tried to use revouninstaller, but it is still there.  I uninstalled Chrome, but it is also on Internet Explorer.  What should I do to remove this?



BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,411 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:27 AM

Posted 05 August 2015 - 08:11 PM

Welcome to BC !

cassiopessa among other things hijacks browser shortcuts. AdwCleaner should take care of that. But run all the programs as so often 

there is other adware and malware that is unseen especially since the computer is new to you.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

Download Malwarebytes' Anti-Malware from Here
Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).

  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • The scan may take some time to finish,so please be patient.
  • If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.

 

Download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

Edited by buddy215, 05 August 2015 - 08:39 PM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 KeepinUp

KeepinUp
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:27 AM

Posted 06 August 2015 - 04:29 PM

I could not install Eset:  I tried twice, but got this message both times:  an add-on for this website failed to run.

 

 

Junkware Log:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Malwarebytes

Version: 7.5.5 (08.05.2015:1)

OS: Windows Vista ™ Home Premium x86

Ran by Scott on Thu 08/06/2015 at 16:20:49.11

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

~~~ Services

 

~~~ Tasks

 

~~~ Registry Values

 

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page

 

~~~ Registry Keys

 

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3D47EA1F-61C7-4D19-A33D-19D45D1FF58B}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{781112C1-86E6-4C90-ADB1-2E538EDA16CB}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{781112C1-86E6-4C90-ADB1-2E538EDA16CB}

 

~~~ Files

 

~~~ Folders

 

Successfully deleted: [Folder] C:\Program Files\blekkotb_soc

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Thu 08/06/2015 at 16:23:04.83

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


AdwCleaner:

 

 

# AdwCleaner v4.208 - Logfile created 06/08/2015 at 16:11:31

# Updated 09/07/2015 by Xplode

# Database : 2015-08-01.1 [Server]

# Operating system : Windows Vista ™ Home Premium Service Pack 2 (x86)

# Username : Scott - SCOTT-PC

# Running from : C:\Users\Scott\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8RFU2VAK\AdwCleaner.exe

# Option : Cleaning

 

***** [ Services ] *****

 

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\blekko toolbars

Folder Deleted : C:\ProgramData\Conduit

Folder Deleted : C:\ProgramData\Tarma Installer

Folder Deleted : C:\Windows\system32\SearchProtect

Folder Deleted : C:\Users\Scott\AppData\Local\AVG Secure Search

Folder Deleted : C:\Users\Scott\AppData\Local\Conduit

Folder Deleted : C:\Users\Scott\AppData\Local\NativeMessaging

Folder Deleted : C:\Users\Scott\AppData\Local\PackageAware

Folder Deleted : C:\Users\Scott\AppData\LocalLow\Conduit

File Deleted : C:\END

File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

***** [ Scheduled tasks ] *****

 

***** [ Shortcuts ] *****

 

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D6918AC0-8A49-42C1-827B-1B29F5D9297E}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D6918AC0-8A49-42C1-827B-1B29F5D9297E}

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\Cr_Installer

Key Deleted : HKCU\Software\Softonic

Key Deleted : HKCU\Software\visualbee

Key Deleted : HKCU\Software\YahooPartnerToolbar

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit

Key Deleted : HKLM\SOFTWARE\Conduit

Key Deleted : HKLM\SOFTWARE\Tarma Installer

Key Deleted : HKLM\SOFTWARE\Uniblue

Key Deleted : HKLM\SOFTWARE\VBMZ

Key Deleted : HKLM\SOFTWARE\visualbee

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\cassiopessa.com

 

***** [ Web browsers ] *****

 

-\\ Internet Explorer v9.0.8112.16669

 

-\\ Chromium v

 

*************************

 

AdwCleaner[R0].txt - [2972 bytes] - [06/08/2015 15:59:46]

AdwCleaner[S0].txt - [2967 bytes] - [06/08/2015 16:11:31]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3026  bytes] ##########



#4 KeepinUp

KeepinUp
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:27 AM

Posted 06 August 2015 - 04:30 PM

Malwarebytes Log:

 

Malwarebytes Anti-Malware

www.malwarebytes.org

Scan Date: 8/6/2015

Scan Time: 10:58:15 AM

Logfile: Malwarebytes Log.txt

Administrator: Yes

 

Version: 2.1.8.1057

Malware Database: v2015.08.06.05

Rootkit Database: v2015.08.04.01

License: Trial

Malware Protection: Enabled

Malicious Website Protection: Enabled

Self-protection: Disabled

 

OS: Windows Vista Service Pack 2

CPU: x86

File System: NTFS

User: Scott

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 306040

Time Elapsed: 31 min, 50 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Disabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

Processes: 5

PUP.Optional.Adpeak, C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher32.exe, 368, Delete-on-Reboot, [e6b7c0453f4cfb3b9cc93787a95b758b]

Adware.PremierOpinion, C:\Program Files\PremierOpinion\pmservice.exe, 2364, Delete-on-Reboot, [237ae61fcebd033306003c7502fea957]

Adware.PremierOpinion, C:\Program Files\PremierOpinion\pmropn.exe, 4068, Delete-on-Reboot, [e1bc63a26d1eec4a4db907aaeb1522de]

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\pmropn.exe, 4068, Delete-on-Reboot, [4e4f1de89fec76c0404862a210f3f907]

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\pmservice.exe, 2364, Delete-on-Reboot, [4e4f1de89fec76c0404862a210f3f907]

 

Modules: 1

Adware.PremierOpinion, C:\Windows\System32\pmls.dll, Delete-on-Reboot, [960733d21576a88ed92d05ac59a7bf41],

Registry Keys: 41

PUP.Optional.Adpeak, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Level Quality Watcher, Quarantined, [e6b7c0453f4cfb3b9cc93787a95b758b],

Adware.PremierOpinion, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PremierOpinion, Quarantined, [237ae61fcebd033306003c7502fea957],

Adware.PremierOpinion, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{eeb86aef-4a5d-4b75-9d74-f16d438fc286}, Quarantined, [e1bc63a26d1eec4a4db907aaeb1522de],

PUP.Optional.Wajam.A, HKLM\SOFTWARE\CLASSES\APPID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}, Quarantined, [e4b955b0305b93a3e10d5b6ff70bb44c],

PUP.Optional.RecordPage.A, HKLM\SOFTWARE\CLASSES\CLSID\{2335267c-dbba-4dd5-a9d0-c4db8e6a75a4}, Quarantined, [b9e4778eaedd2e08b2a9b915778b51af],

PUP.Optional.RecordPage.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{1fcdf527-b10c-481d-b214-b09eea106124}, Quarantined, [b9e4778eaedd2e08b2a9b915778b51af],

PUP.Optional.RecordPage.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{D1611ACC-4B10-4B34-8CDE-0AE7B2A270A6}, Quarantined, [b9e4778eaedd2e08b2a9b915778b51af],

PUP.Optional.RecordPage.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{2335267C-DBBA-4DD5-A9D0-C4DB8E6A75A4}, Quarantined, [b9e4778eaedd2e08b2a9b915778b51af],

PUP.Optional.RecordPage.A, HKU\S-1-5-21-643037723-2711493865-3635803915-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{2335267C-DBBA-4DD5-A9D0-C4DB8E6A75A4}, Quarantined, [b9e4778eaedd2e08b2a9b915778b51af],

PUP.Optional.RecordPage.A, HKU\S-1-5-21-643037723-2711493865-3635803915-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{2335267C-DBBA-4DD5-A9D0-C4DB8E6A75A4}, Quarantined, [b9e4778eaedd2e08b2a9b915778b51af],

PUP.Optional.BlekkoSearchBar, HKLM\SOFTWARE\CLASSES\CLSID\{7d9e1adc-7db1-4eaf-b6c7-7e062074e6be}, Quarantined, [3f5e0ef73655cf679a3e535031d16f91],

PUP.Optional.BlekkoSearchBar, HKU\S-1-5-21-643037723-2711493865-3635803915-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{7D9E1ADC-7DB1-4EAF-B6C7-7E062074E6BE}, Quarantined, [3f5e0ef73655cf679a3e535031d16f91],

PUP.Optional.BlekkoSearchBar, HKU\S-1-5-21-643037723-2711493865-3635803915-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{7D9E1ADC-7DB1-4EAF-B6C7-7E062074E6BE}, Quarantined, [3f5e0ef73655cf679a3e535031d16f91],

PUP.Optional.SearchProtect.A, HKU\S-1-5-21-643037723-2711493865-3635803915-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, Quarantined, [1885fc098efd7abc91f5eba7b54de61a],

PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, Quarantined, [1885fc098efd7abc91f5eba7b54de61a],

Adware.GamePlayLab, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{65bcd620-07dd-012f-819f-073cf1b8f7c6}, Quarantined, [811c0005aae12d0916c56045d92959a7],

Adware.GamePlayLab, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{11111111-1111-1111-1111-110011221158}, Quarantined, [69344bbacdbea88eae290e9710f25fa1],

PUP.Optional.ConduitTB.Gen.A, HKLM\SOFTWARE\CLASSES\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}, Quarantined, [a7f62fd6e9a2c571c5434b578a7a27d9],

PUP.Optional.AdpeakProxy, HKLM\SOFTWARE\Adpeak, Inc., Quarantined, [b2ebf90caae168cead53ee94857f08f8],

PUP.Optional.AdPeak.A, HKLM\SOFTWARE\LevelQualityWatcher, Quarantined, [1588b5500487bf771d02f94cf40f2cd4],

PUP.Optional.ScorpionSaver, HKLM\SOFTWARE\Scorpion Saver, Quarantined, [f9a4fb0ae2a9a195ec02d3ad1ee660a0],

PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\CLASSES\Toolbar.CT3287802, Quarantined, [9b02dc29b8d33cfa12c942600afa41bf],

PUP.Optional.Adpeak, HKLM\SOFTWARE\CLASSES\APPID\AdpeakProxy.exe, Quarantined, [75287e8777142610f2fd3050fb092dd3],

PUP.Optional.RelevantKnowledge.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\mkndcbhcgphcfkkddanakjiepeknbgle, Quarantined, [cfce16efe6a531058307232553b0bb45],

PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\IEIIGGNFMHGCOLBIMGLMFJFPKJILDJDD, Quarantined, [346957ae02892313795f27f1669dc23e],

PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\GOOGLE\CHROME\NATIVEMESSAGINGHOSTS\nmhostct3287802, Quarantined, [504d3ec77912c96df21b8d894db69b65],

PUP.Optional.Cassiopesa.C, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\Tree\Tny_cassiopesa, Delete-on-Reboot, [fe9fbb4a098269cdfe88c64d808318e8],

PUP.Optional.VisualBee, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\Tree\VisualBeeRecovery, Delete-on-Reboot, [b2eb1beac2c99b9b9f59a66c4fb419e7],

PUP.Optional.Adpeak, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\Scorpion Saver, Quarantined, [2f6e54b16b20ae88664695c9a360ec14],

PUP.Optional.AdPeak.A, HKU\S-1-5-21-643037723-2711493865-3635803915-1000\SOFTWARE\Adpeak, Inc., Quarantined, [217c12f3e9a2bb7b63bbf1545da6e719],

PUP.Optional.Conduit.A, HKU\S-1-5-21-643037723-2711493865-3635803915-1000\SOFTWARE\APPDATALOW\SOFTWARE\ConduitSearchScopes, Quarantined, [7b22e520cdbe15215cf93ff09e65639d],

PUP.Optional.CrossRider.A, HKU\S-1-5-21-643037723-2711493865-3635803915-1000\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, Quarantined, [f7a612f3d7b4cc6a3ee1bcc921e32cd4],

PUP.Optional.Adpeak, HKU\S-1-5-21-643037723-2711493865-3635803915-1000\SOFTWARE\APPDATALOW\SOFTWARE\Scorpion Saver, Quarantined, [fba2c045e4a7da5c5557e67840c3b44c],

PUP.Optional.ValueApps.A, HKU\S-1-5-21-643037723-2711493865-3635803915-1000\SOFTWARE\CONDUIT\ValueApps, Quarantined, [b5e89a6ba6e50234d9b077e7ca39a15f],

PUP.Optional.Conduit.A, HKU\S-1-5-21-643037723-2711493865-3635803915-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{314C4A66-3796-4E87-9097-83325D897071}, Quarantined, [b6e7f5102764999d52320a110ff4b44c],

PUP.Optional.MyStart.A, HKU\S-1-5-21-643037723-2711493865-3635803915-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}, Quarantined, [d0cdea1b3358f83e04cc55bcea19ef11],

PUP.Optional.Conduit.A, HKU\S-1-5-21-643037723-2711493865-3635803915-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9143E921-7C9A-4D27-AC43-EACCC78CC55A}, Quarantined, [3e5fb64f0784fa3c493ba17a04ff9f61],

PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-643037723-2711493865-3635803915-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\CHCT3287802, Quarantined, [c6d7996c4a41003600f8940e4fb57c84],

PUP.Optional.Adpeak, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Level Quality Watcher, Quarantined, [326bd92c24675fd7264fed03857d41bf],

PUP.Optional.PremierOpinion.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{eeb86aef-4a5d-4b75-9d74-f16d438fc286}, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PremierOpinion, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

 

Registry Values: 20

PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\ieiiggnfmhgcolbimglmfjfpkjildjdd|path, C:\Users\Scott\AppData\Local\CRE\ieiiggnfmhgcolbimglmfjfpkjildjdd.crx, Quarantined, [346957ae02892313795f27f1669dc23e]

PUP.Optional.Cassiopesa.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files\Tny_Cassiopesa\\, Quarantined, [a9f424e1bdce0b2b620ed4cfbe462cd4]

PUP.Optional.Cassiopesa.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|URL, http://www.cassiopessa.com/results.php?f=4&q={searchTerms}&a=csp_tight2_15_26&cd=2XzuyEtN2Y1L1QzutDtDtC0B0F0CtBtAtDtB0ByCtC0EtD0EtN0D0Tzu0StCtByCzztN1L2XzutAtFtCtCtFtAtFtCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyCzy0CyEtDtA0CyBtGtDyE0FyDtG0F0EzytAtGtBtCtByDtGtByE0E0ByDtDtC0FtByCzyzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEzyzytByDtBzytCtGzy0AtByCtGyEyD0B0EtGzztD0DyBtGzy0CzztB0E0E0D0E0EyDyB0B2QtN0A0LzutBtN1B2Z1V1T1S1NzuzztBtB&cr=1159770598&ir=, Quarantined, [c6d7e124d4b795a14940396de420c53b]

PUP.Optional.Cassiopesa.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|TopResultURLFallback, http://www.cassiopessa.com/results.php?f=4&q={searchTerms}&a=csp_tight2_15_26&cd=2XzuyEtN2Y1L1QzutDtDtC0B0F0CtBtAtDtB0ByCtC0EtD0EtN0D0Tzu0StCtByCzztN1L2XzutAtFtCtCtFtAtFtCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyCzy0CyEtDtA0CyBtGtDyE0FyDtG0F0EzytAtGtBtCtByDtGtByE0E0ByDtDtC0FtByCzyzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEzyzytByDtBzytCtGzy0AtByCtGyEyD0B0EtGzztD0DyBtGzy0CzztB0E0E0D0E0EyDyB0B2QtN0A0LzutBtN1B2Z1V1T1S1NzuzztBtB&cr=1159770598&ir=, Quarantined, [acf15ea7ed9ef145f297c8de798b0000]

PUP.Optional.Cassiopesa.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|FaviconPath, C:\Users\Scott\AppData\LocalLow\Microsoft\Internet Explorer\Services\Tny_Cassiopesa.ico, Quarantined, [a0fdc5402269e353cbbe04a20afaec14]

PUP.Optional.Cassiopesa.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, Cassiopesa, Quarantined, [fba2b05587048da9f4956b3be123dd23]

PUP.Optional.Cassiopesa.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|DisplayName, Cassiopesa, Quarantined, [6f2e5fa6e6a5af871f6a3a6c689c8a76]

PUP.Optional.OpinionSquare.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}, C:\Program Files\PremierOpinion\firefox, Quarantined, [712cf3127f0c8aac536c88c227dcf30d]

PUP.Optional.CrossRider.A, HKU\S-1-5-21-643037723-2711493865-3635803915-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\NEW WINDOWS\ALLOW|*.crossrider.com, CrossriderApp0002258, Quarantined, [e4b90ef794f70e28bc55d0bd867e8080]

PUP.Optional.Cassiopesa.A, HKU\S-1-5-21-643037723-2711493865-3635803915-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|URL, http://www.cassiopessa.com/results.php?f=4&q={searchTerms}&a=csp_tight2_15_26&cd=2XzuyEtN2Y1L1QzutDtDtC0B0F0CtBtAtDtB0ByCtC0EtD0EtN0D0Tzu0StCtByCzztN1L2XzutAtFtCtCtFtAtFtCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyCzy0CyEtDtA0CyBtGtDyE0FyDtG0F0EzytAtGtBtCtByDtGtByE0E0ByDtDtC0FtByCzyzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEzyzytByDtBzytCtGzy0AtByCtGyEyD0B0EtGzztD0DyBtGzy0CzztB0E0E0D0E0EyDyB0B2QtN0A0LzutBtN1B2Z1V1T1S1NzuzztBtB&cr=1159770598&ir=, Quarantined, [6637f60f1b70a98da6e27b2b917309f7]

PUP.Optional.Cassiopesa.A, HKU\S-1-5-21-643037723-2711493865-3635803915-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|TopResultURLFallback, http://www.cassiopessa.com/results.php?f=4&q={searchTerms}&a=csp_tight2_15_26&cd=2XzuyEtN2Y1L1QzutDtDtC0B0F0CtBtAtDtB0ByCtC0EtD0EtN0D0Tzu0StCtByCzztN1L2XzutAtFtCtCtFtAtFtCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyCzy0CyEtDtA0CyBtGtDyE0FyDtG0F0EzytAtGtBtCtByDtGtByE0E0ByDtDtC0FtByCzyzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEzyzytByDtBzytCtGzy0AtByCtGyEyD0B0EtGzztD0DyBtGzy0CzztB0E0E0D0E0EyDyB0B2QtN0A0LzutBtN1B2Z1V1T1S1NzuzztBtB&cr=1159770598&ir=, Quarantined, [227b5ea7d8b3b185aeda5a4cbb497d83]

PUP.Optional.Cassiopesa.A, HKU\S-1-5-21-643037723-2711493865-3635803915-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|FaviconPath, C:\Users\Scott\AppData\LocalLow\Microsoft\Internet Explorer\Services\Tny_Cassiopesa.ico, Quarantined, [ecb174919af17fb718706b3bf1139c64]

PUP.Optional.Cassiopesa.A, HKU\S-1-5-21-643037723-2711493865-3635803915-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, Cassiopesa, Quarantined, [48557d885f2c93a32d5b565057ad33cd]

PUP.Optional.Cassiopesa.A, HKU\S-1-5-21-643037723-2711493865-3635803915-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|DisplayName, Cassiopesa, Quarantined, [e7b63dc8fe8d34026c1c7531f4106a96]

PUP.Optional.Conduit.A, HKU\S-1-5-21-643037723-2711493865-3635803915-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{314C4A66-3796-4E87-9097-83325D897071}|URL, http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3287802&CUI=UN14332266831737526&UM=2, Quarantined, [b6e7f5102764999d52320a110ff4b44c]

PUP.Optional.Conduit.A, HKU\S-1-5-21-643037723-2711493865-3635803915-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{314C4A66-3796-4E87-9097-83325D897071}|SuggestionsURL_JSON, http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}, Quarantined, [d4c950b50c7fbd79acd820fbdd267e82]

PUP.Optional.Conduit.A, HKU\S-1-5-21-643037723-2711493865-3635803915-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{314C4A66-3796-4E87-9097-83325D897071}|FaviconURL, http://search.conduit.com/favicon.ico, Quarantined, [9ffe5da87615d462a4e02eed3bc89f61]

PUP.Optional.MyStart.A, HKU\S-1-5-21-643037723-2711493865-3635803915-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}|URL, http://blekkosearch.mystart.com/blekkotb_soc/?source=86adbc52&tbp=rbox&toolbarid=blekkotb_soc&u=7EDA4A27802A324AAC9568B6&q={searchTerms}, Quarantined, [d0cdea1b3358f83e04cc55bcea19ef11]

PUP.Optional.Conduit.A, HKU\S-1-5-21-643037723-2711493865-3635803915-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9143e921-7c9a-4d27-ac43-eaccc78cc55a}|URL, http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3287802&CUI=UN14332266831737526&UM=2&UP=SP4B7CC2B2-C2FD-436F-AC43-BE06E685049D&SSPV=, Quarantined, [3e5fb64f0784fa3c493ba17a04ff9f61]

PUP.Optional.Conduit.A, HKU\S-1-5-21-643037723-2711493865-3635803915-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9143e921-7c9a-4d27-ac43-eaccc78cc55a}|SuggestionsURL_JSON, http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}, Quarantined, [7a23867f4d3e8bab82028a9159aa966a]

 

Registry Data: 1

PUP.Optional.Cassiopesa.A, HKU\S-1-5-21-643037723-2711493865-3635803915-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.cassiopessa.com/?f=1&a=csp_tight2_15_26&cd=2XzuyEtN2Y1L1QzutDtDtC0B0F0CtBtAtDtB0ByCtC0EtD0EtN0D0Tzu0StCtByCzztN1L2XzutAtFtCtCtFtAtFtCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyCzy0CyEtDtA0CyBtGtDyE0FyDtG0F0EzytAtGtBtCtByDtGtByE0E0ByDtDtC0FtByCzyzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEzyzytByDtBzytCtGzy0AtByCtGyEyD0B0EtGzztD0DyBtGzy0CzztB0E0E0D0E0EyDyB0B2QtN0A0LzutBtN1B2Z1V1T1S1NzuzztBtB&cr=1159770598&ir=, Good: (www.google.com), Bad: (http://www.cassiopessa.com/?f=1&a=csp_tight2_15_26&cd=2XzuyEtN2Y1L1QzutDtDtC0B0F0CtBtAtDtB0ByCtC0EtD0EtN0D0Tzu0StCtByCzztN1L2XzutAtFtCtCtFtAtFtCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyCzy0CyEtDtA0CyBtGtDyE0FyDtG0F0EzytAtGtBtCtByDtGtByE0E0ByDtDtC0FtByCzyzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEzyzytByDtBzytCtGzy0AtByCtGyEyD0B0EtGzztD0DyBtGzy0CzztB0E0E0D0E0EyDyB0B2QtN0A0LzutBtN1B2Z1V1T1S1NzuzztBtB&cr=1159770598&ir=),Replaced,[fe9fd62f96f51a1cace5a2aaf60f7f81]

Folders: 56

PUP.Optional.ConduitTB.Gen, C:\Users\Scott\AppData\Local\CRE, Quarantined, [4c51a06525662e0880571bfdd42ff10f],

PUP.Optional.Cassiopesa.C, C:\Program Files\Tny_Cassiopesa, Quarantined, [a8f5a0655833de5832d00a97fe065fa1],

PUP.Optional.UpdateProc.A, C:\Users\Scott\AppData\Roaming\Tny_cassiopesa\UpdateProc, Quarantined, [a9f4ed181279cf67cf72366b867ee11f],

PUP.Optional.UpdateProc.A, C:\Users\Scott\AppData\Roaming\Tny_cassiopesa, Quarantined, [a9f4ed181279cf67cf72366b867ee11f],

PUP.Optional.ConduitTB.Gen.A, C:\Program Files\Conduit\Community Alerts, Quarantined, [a7f62fd6e9a2c571c5434b578a7a27d9],

PUP.Optional.ConduitTB.Gen.A, C:\Program Files\Conduit, Quarantined, [a7f62fd6e9a2c571c5434b578a7a27d9],

PUP.Optional.ConduitTB.Gen.A, C:\Program Files\Conduit\CT3287802, Quarantined, [a7f62fd6e9a2c571c5434b578a7a27d9],

PUP.Optional.ConduitTB.Gen.A, C:\Program Files\Conduit\CT3287802\plugins, Quarantined, [a7f62fd6e9a2c571c5434b578a7a27d9],

Adware.PremierOpinion, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremierOpinion, Quarantined, [2c71bf462c5f50e672d9a335e81a8e72],

PUP.Optional.Conduit.A, C:\ProgramData\Conduit\IE, Quarantined, [fe9f61a487049c9a8a1f18c7cd35e818],

PUP.Optional.Conduit.A, C:\ProgramData\Conduit\IE\CT3287802, Quarantined, [fe9f61a487049c9a8a1f18c7cd35e818],

PUP.Optional.Conduit, C:\Users\Scott\AppData\Local\TBHostSupport, Quarantined, [a3faad5813789b9b186134ac4cb6e31d],

PUP.Optional.Visualbee, C:\Users\Scott\AppData\Local\VisualBeeExe, Quarantined, [97068382acdf51e5e8adab35719127d9],

PUP.Optional.Adpeak, C:\Program Files\Level Quality Watcher, Delete-on-Reboot, [326bd92c24675fd7264fed03857d41bf],

PUP.Optional.Adpeak, C:\Program Files\Level Quality Watcher\v1.01, Delete-on-Reboot, [326bd92c24675fd7264fed03857d41bf],

PUP.Optional.VisualBee, C:\ProgramData\VisualBee, Quarantined, [f9a415f0711a1224eff7b044857dfb05],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion, Delete-on-Reboot, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\components, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\defaults, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\defaults\preferences, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\addon, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\console, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\content, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\core, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\deprecated, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\deprecated\events, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\deprecated\traits, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\dom, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\event, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\io, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\l10n, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\lang, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\loader, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\net, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\page-mod, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\platform, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\preferences, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\private-browsing, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\private-browsing\window, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\system, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\tabs, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\util, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\window, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\windows, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\toolkit, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\dpjs, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\dpjs\data, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\dpjs\lib, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.ConduitTB.Gen, C:\Users\Scott\AppData\Local\NativeMessaging\CT3287802, Quarantined, [9706cc39fd8e270f196ea06cbf4429d7],

PUP.Optional.ConduitTB.Gen, C:\Users\Scott\AppData\Local\NativeMessaging\CT3287802\1_0_0_6, Quarantined, [9706cc39fd8e270f196ea06cbf4429d7],

PUP.Optional.RecordPage.A, C:\ProgramData\87737dd0-ad90-4193-bd48-336966b8d777, Quarantined, [118c53b2e5a68ea8b338ee1ee023f10f],

Files: 167

PUP.Optional.Adpeak, C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher32.exe, Delete-on-Reboot, [e6b7c0453f4cfb3b9cc93787a95b758b],

Adware.PremierOpinion, C:\Program Files\PremierOpinion\pmservice.exe, Delete-on-Reboot, [237ae61fcebd033306003c7502fea957],

Adware.PremierOpinion, C:\Program Files\PremierOpinion\pmropn.exe, Delete-on-Reboot, [e1bc63a26d1eec4a4db907aaeb1522de],

Adware.PremierOpinion, C:\Windows\System32\pmls.dll, Delete-on-Reboot, [960733d21576a88ed92d05ac59a7bf41],

Adware.PremierOpinion, C:\Program Files\PremierOpinion\pmls.dll, Quarantined, [2e6fa4614843072f37cf694845bbb64a],

Adware.PremierOpinion, C:\Program Files\PremierOpinion\pmls64.dll, Quarantined, [504d51b40b80d1653acc2d844bb5f010],

Adware.PremierOpinion, C:\Program Files\PremierOpinion\pmph.dll, Quarantined, [eab3ba4b5e2dec4a34d2feb3926e837d],

Adware.PremierOpinion, C:\Program Files\PremierOpinion\pmropn32.exe, Quarantined, [e6b7f114eba08ea89f6789285fa141bf],

Adware.PremierOpinion, C:\Program Files\PremierOpinion\pmropn64.exe, Quarantined, [f2abac595d2ee056a660951ca75948b8],

Adware.PremierOpinion, C:\Program Files\PremierOpinion\pmxf.dll, Quarantined, [38655aaba1ea9d995ea8d5dc9d639b65],

PUP.Optional.Adpeak, C:\temp\000.exe, Quarantined, [534af60f7912f04606ce3d81fa0a0cf4],

PUP.Optional.Adpeak, C:\temp\InstallServices32.msi, Quarantined, [bfdea4613b50a88e89a5a31c4db78c74],

PUP.Optional.ScorpionSaver, C:\temp\scorpionsaver.exe, Quarantined, [2677f70e8ffcab8b0864b446cc385ea2],

PUP.Optional.Adpeak, C:\temp\t.msi, Quarantined, [821bca3b5d2eca6c9fa7bb04f410e21e],

PUP.Optional.Adpeak, C:\Windows\System32\AdpeakProxy.dll, Quarantined, [118ce61fed9eeb4b734044304cb9837d],

PUP.Optional.InstallIQ.A, C:\Users\Scott\Downloads\movie_player_1280.exe, Quarantined, [9409a85d256605317189a94799677f81],

PUP.Optional.AirInstaller, C:\Users\Scott\Downloads\setup.exe, Quarantined, [168765a0c4c7989e91da8664fb05c838],

PUP.Optional.Bandoo, C:\Users\Scott\Downloads\iLividSetup-r394-n-bc.exe, Quarantined, [66372fd6711a43f30dda608888785ea2],

PUP.Optional.Softonic.A, C:\Users\Scott\Downloads\SoftonicDownloader_for_judith.exe, Quarantined, [633a36cf3457de58edb238bf916f19e7],

PUP.Optional.Softonic, C:\Users\Scott\Downloads\SoftonicDownloader_for_snes9x.exe, Quarantined, [b0ed52b3a1ea6dc9a3bc29bc956b867a],

PUP.Optional.iBryte, C:\Users\Scott\Downloads\Update.exe, Quarantined, [d6c7de27e4a770c6c83b786f5ea24ab6],

PUP.Optional.Cassiopesa.C, C:\Windows\System32\Tasks\Tny_cassiopesa, Quarantined, [c1dccd38434857dfa3f02beb26ddf709],

PUP.Optional.Cassiopesa.C, C:\Windows\Tasks\Tny_cassiopesa.job, Quarantined, [9a0380852e5d1c1acdc753c335ce758b],

PUP.Optional.ConduitTB.Gen, C:\Users\Scott\AppData\Local\CRE\ieiiggnfmhgcolbimglmfjfpkjildjdd.crx, Quarantined, [4c51a06525662e0880571bfdd42ff10f],

PUP.Optional.VisualBee, C:\Windows\System32\Tasks\VisualBeeRecovery, Quarantined, [3b62c73e0b807eb8843afe4033d0db25],

PUP.Optional.Cassiopesa.C, C:\Program Files\Tny_Cassiopesa\config.dat, Quarantined, [a8f5a0655833de5832d00a97fe065fa1],

PUP.Optional.Cassiopesa.C, C:\Program Files\Tny_Cassiopesa\Sqlite3.dll, Quarantined, [a8f5a0655833de5832d00a97fe065fa1],

PUP.Optional.Cassiopesa.C, C:\Program Files\Tny_Cassiopesa\uninst.dat, Quarantined, [a8f5a0655833de5832d00a97fe065fa1],

PUP.Optional.UpdateProc.A, C:\Users\Scott\AppData\Roaming\Tny_cassiopesa\UpdateProc\bkup.dat, Quarantined, [a9f4ed181279cf67cf72366b867ee11f],

PUP.Optional.UpdateProc.A, C:\Users\Scott\AppData\Roaming\Tny_cassiopesa\UpdateProc\info.dat, Quarantined, [a9f4ed181279cf67cf72366b867ee11f],

PUP.Optional.UpdateProc.A, C:\Users\Scott\AppData\Roaming\Tny_cassiopesa\UpdateProc\STTL.DAT, Quarantined, [a9f4ed181279cf67cf72366b867ee11f],

PUP.Optional.UpdateProc.A, C:\Users\Scott\AppData\Roaming\Tny_cassiopesa\UpdateProc\TTL.DAT, Quarantined, [a9f4ed181279cf67cf72366b867ee11f],

PUP.Optional.UpdateProc.A, C:\Users\Scott\AppData\Roaming\Tny_cassiopesa\UpdateProc\UpdateTask.exe, Quarantined, [a9f4ed181279cf67cf72366b867ee11f],

PUP.Optional.ConduitTB.Gen.A, C:\Program Files\Conduit\Community Alerts\Alert.dll, Quarantined, [a7f62fd6e9a2c571c5434b578a7a27d9],

PUP.Optional.ConduitTB.Gen.A, C:\Program Files\Conduit\CT3287802\plugins\TBVerifier.dll, Quarantined, [a7f62fd6e9a2c571c5434b578a7a27d9],

Adware.PremierOpinion, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremierOpinion\About PremierOpinion.lnk, Quarantined, [2c71bf462c5f50e672d9a335e81a8e72],

Adware.PremierOpinion, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremierOpinion\Member of GRID -  Goodware Repository Information Database.lnk, Quarantined, [2c71bf462c5f50e672d9a335e81a8e72],

Adware.PremierOpinion, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremierOpinion\Privacy Policy and User License Agreement.lnk, Quarantined, [2c71bf462c5f50e672d9a335e81a8e72],

Adware.PremierOpinion, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremierOpinion\Support.lnk, Quarantined, [2c71bf462c5f50e672d9a335e81a8e72],

Adware.PremierOpinion, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremierOpinion\Uninstall Instructions.lnk, Quarantined, [2c71bf462c5f50e672d9a335e81a8e72],

PUP.Optional.Conduit.A, C:\ProgramData\Conduit\IE\CT3287802\UninstallerUI.exe, Quarantined, [fe9f61a487049c9a8a1f18c7cd35e818],

PUP.Optional.Conduit, C:\Users\Scott\AppData\Local\TBHostSupport\TBHostSupport.dll, Quarantined, [a3faad5813789b9b186134ac4cb6e31d],

PUP.Optional.Adpeak, C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe, Quarantined, [326bd92c24675fd7264fed03857d41bf],

PUP.Optional.Adpeak, C:\Program Files\Level Quality Watcher\v1.01\uninst.exe, Quarantined, [326bd92c24675fd7264fed03857d41bf],

PUP.Optional.VisualBee, C:\ProgramData\VisualBee\VisualBeeDB.exe, Quarantined, [f9a415f0711a1224eff7b044857dfb05],

PUP.Optional.VisualBee, C:\ProgramData\VisualBee\VisualBeeSoftware.exe, Quarantined, [f9a415f0711a1224eff7b044857dfb05],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\chrome.manifest, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\install.rdf, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\ncncf.dat, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\nscf.dat, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\pmcm.crx, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\pmcm.txt, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\pmls.dll, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\pmls64.dll, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\pmoci.bin, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\pmph.dll, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\pmropn.exe, Delete-on-Reboot, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\pmropn32.exe, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\pmropn64.exe, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\pmservice.exe, Delete-on-Reboot, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\pmxf.dll, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\readme.txt, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\components\pmxg.dll, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\bootstrap.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\harness-options.json, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\install.rdf, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\locales.json, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\pmnx.dll, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\defaults\preferences\prefs.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\chrome.manifest, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\base64.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\page-mod.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\private-browsing.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\self.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\system.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\tabs.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\timers.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\url.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\windows.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\addon\runner.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\console\plain-text.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\console\traceback.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\content\content-proxy.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\content\content-worker.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\content\loader.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\content\thumbnail.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\content\worker.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\core\heritage.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\core\namespace.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\core\promise.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\deprecated\api-utils.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\deprecated\cortex.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\deprecated\errors.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\deprecated\events.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\deprecated\light-traits.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\deprecated\list.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\deprecated\memory.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\deprecated\observer-service.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\deprecated\traits.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\deprecated\window-utils.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\deprecated\events\assembler.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\deprecated\traits\core.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\dom\events.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\event\core.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\event\target.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\io\byte-streams.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\io\data.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\io\file.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\io\text-streams.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\l10n\core.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\l10n\html.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\l10n\loader.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\l10n\locale.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\l10n\prefs.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\lang\functional.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\loader\cuddlefish.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\loader\sandbox.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\net\url.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\page-mod\match-pattern.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\platform\xpcom.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\preferences\service.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\private-browsing\utils.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\private-browsing\window\utils.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\system\environment.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\system\events.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\system\globals.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\system\runtime.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\system\unload.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\system\xul-app.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\tabs\common.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\tabs\events.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\tabs\helpers.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\tabs\namespace.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\tabs\observer.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\tabs\tab-fennec.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\tabs\tab-firefox.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\tabs\tab.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\tabs\tabs-firefox.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\tabs\tabs.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\tabs\utils.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\tabs\worker.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\util\array.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\util\deprecate.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\util\list.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\util\object.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\util\registry.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\util\uuid.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\window\browser.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\window\namespace.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\window\utils.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\windows\dom.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\windows\fennec.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\windows\firefox.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\windows\loader.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\windows\observer.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\windows\tabs-fennec.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\windows\tabs-firefox.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\addon-sdk\lib\toolkit\loader.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\dpjs\data\content.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\dpjs\lib\dompilot.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\dpjs\lib\dputil.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.PremierOpinion.A, C:\Program Files\PremierOpinion\firefox\resources\dpjs\lib\main.js, Quarantined, [4e4f1de89fec76c0404862a210f3f907],

PUP.Optional.ConduitTB.Gen, C:\Users\Scott\AppData\Local\NativeMessaging\CT3287802\nmHostManifest.json, Quarantined, [9706cc39fd8e270f196ea06cbf4429d7],

PUP.Optional.ConduitTB.Gen, C:\Users\Scott\AppData\Local\NativeMessaging\CT3287802\1_0_0_6\nmHostConfig.json, Quarantined, [9706cc39fd8e270f196ea06cbf4429d7],

PUP.Optional.ConduitTB.Gen, C:\Users\Scott\AppData\Local\NativeMessaging\CT3287802\1_0_0_6\nmHostManifest.json, Quarantined, [9706cc39fd8e270f196ea06cbf4429d7],

PUP.Optional.ConduitTB.Gen, C:\Users\Scott\AppData\Local\NativeMessaging\CT3287802\1_0_0_6\TBMessagingHost.exe, Quarantined, [9706cc39fd8e270f196ea06cbf4429d7],

PUP.Optional.RecordPage.A, C:\ProgramData\87737dd0-ad90-4193-bd48-336966b8d777\temp, Quarantined, [118c53b2e5a68ea8b338ee1ee023f10f],

 

Physical Sectors: 0

(No malicious items detected)



#5 KeepinUp

KeepinUp
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:27 AM

Posted 06 August 2015 - 04:31 PM

# AdwCleaner v4.208 - Logfile created 06/08/2015 at 16:11:31

# Updated 09/07/2015 by Xplode

# Database : 2015-08-01.1 [Server]

# Operating system : Windows Vista ™ Home Premium Service Pack 2 (x86)

# Username : Scott - SCOTT-PC

# Running from : C:\Users\Scott\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8RFU2VAK\AdwCleaner.exe

# Option : Cleaning

 

***** [ Services ] *****

 

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\blekko toolbars

Folder Deleted : C:\ProgramData\Conduit

Folder Deleted : C:\ProgramData\Tarma Installer

Folder Deleted : C:\Windows\system32\SearchProtect

Folder Deleted : C:\Users\Scott\AppData\Local\AVG Secure Search

Folder Deleted : C:\Users\Scott\AppData\Local\Conduit

Folder Deleted : C:\Users\Scott\AppData\Local\NativeMessaging

Folder Deleted : C:\Users\Scott\AppData\Local\PackageAware

Folder Deleted : C:\Users\Scott\AppData\LocalLow\Conduit

File Deleted : C:\END

File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

***** [ Scheduled tasks ] *****

 

***** [ Shortcuts ] *****

 

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D6918AC0-8A49-42C1-827B-1B29F5D9297E}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D6918AC0-8A49-42C1-827B-1B29F5D9297E}

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\Cr_Installer

Key Deleted : HKCU\Software\Softonic

Key Deleted : HKCU\Software\visualbee

Key Deleted : HKCU\Software\YahooPartnerToolbar

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit

Key Deleted : HKLM\SOFTWARE\Conduit

Key Deleted : HKLM\SOFTWARE\Tarma Installer

Key Deleted : HKLM\SOFTWARE\Uniblue

Key Deleted : HKLM\SOFTWARE\VBMZ

Key Deleted : HKLM\SOFTWARE\visualbee

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\cassiopessa.com

 

***** [ Web browsers ] *****

 

-\\ Internet Explorer v9.0.8112.16669

 

-\\ Chromium v

 

*************************

 

AdwCleaner[R0].txt - [2972 bytes] - [06/08/2015 15:59:46]

AdwCleaner[S0].txt - [2967 bytes] - [06/08/2015 16:11:31]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3026  bytes] ##########




#6 buddy215

buddy215

  • Moderator
  • 13,411 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:27 AM

Posted 06 August 2015 - 07:57 PM

Wow...the comp should be about 5 pounds lighter..:)

 

See if Revo can find and remove Google Chrome. Use it in Advanced Mode. You may see a listing for Chromium..if so uninstall it.

 

Rerun MBAM...if it finds anything post the results of the scan.

 

Open CCleaner...post the three lists mentioned below using CCleaner:

 

Open CCleaner and click on Tools. Choose Startups. On that page you will see a list of Windows Startups and at the top tabs for each browser and Scheduled Tasks.

At the bottom right of that page you will see a button when clicked will allow you to Copy and Paste the list of Windows Startups and Scheduled Tasks into your next

post. Please do that.

 

Open CCleaner and click on Tools. Choose Uninstall. On that page you will see a list of programs installed on your computer and at the bottom right of that page you

will see a button when clicked will allow you to Copy and Paste that list in your next post. Please do that.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#7 KeepinUp

KeepinUp
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:27 AM

Posted 07 August 2015 - 11:36 AM

Below are the 3 documents from CC Cleaner.  They are all running together.  I hope that is OK.  Also, I have not run the Eset Online Scanner.  I couldn't figure it out.  Any suggestions on this?

 

 

Yes HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
Yes HKCU:Run ehTray.exe Microsoft Corporation C:\Windows\ehome\ehTray.exe
Yes HKCU:Run EPLTarget\P0000000000000000 SEIKO EPSON CORPORATION C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILAE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-410 Series"
Yes HKCU:Run EPSON Stylus CX7800 Series (Copy 1)  C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIAFA.EXE /FU "C:\Windows\TEMP\E_SEBCD.tmp" /EF "HKCU"
Yes HKCU:Run HPAdvisor Hewlett-Packard C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
Yes HKCU:Run Sidebar Microsoft Corporation C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
Yes HKCU:Run WMPNSCFG Microsoft Corporation C:\Program Files\Windows Media Player\WMPNSCFG.exe
Yes HKLM:Run ArcSoft Connection Service ArcSoft Inc. C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
Yes HKLM:Run DT ACR Portrait Displays, Inc. C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe -ACR
Yes HKLM:Run EEventManager SEIKO EPSON CORPORATION "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
Yes HKLM:Run HP Health Check Scheduler Hewlett-Packard c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
Yes HKLM:Run HP Software Update Hewlett-Packard C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
Yes HKLM:Run hpsysdrv Hewlett-Packard Company c:\hp\support\hpsysdrv.exe
Yes HKLM:Run KBD  C:\HP\KBD\KbdStub.EXE
Yes HKLM:Run mcui_exe  "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
Yes HKLM:Run NvCplDaemon Microsoft Corporation RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
Yes HKLM:Run NvMediaCenter Microsoft Corporation RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
Yes HKLM:Run OsdMaestro OsdMaestro "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
Yes HKLM:Run PivotSoftware Portrait Displays, Inc. "C:\Program Files\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe" -delay=10
Yes HKLM:Run QuickTime Task Apple Inc. "C:\Program Files\QuickTime\QTTask.exe" -atboottime
Yes HKLM:Run RtHDVCpl Realtek Semiconductor RtHDVCpl.exe
Yes HKLM:Run SunJavaUpdateSched Oracle Corporation "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
Yes HKLM:Run Windows Defender Microsoft Corporation %ProgramFiles%\Windows Defender\MSASCui.exe -hide
Yes HKLM:RunOnce Launcher soft thinks %WINDIR%\SMINST\launcher.exe
Acer eDisplay Management Portrait Displays, Inc. 1/23/2012 9.73 MB 1.34.003
Adobe Flash Player 18 ActiveX Adobe Systems Incorporated 8/5/2015  18.0.0.209
Adobe Reader X (10.1.15) Adobe Systems Incorporated 8/6/2015 151 MB 10.1.15
ArcSoft ShowBiz ArcSoft 7/16/2011 122 MB 3.5.0.64
ArcSoft WebCam Companion 3 ArcSoft 9/5/2013 94.3 MB 3.0.41.373
CCleaner Piriform 8/6/2015 9.10 MB 5.08
Enhanced Multimedia Keyboard Solution Hewlett-Packard 3/4/2011 8.36 MB 
EPSON Connect version 1.0 Epson America Inc. 8/5/2015 7.64 MB 1.0
Epson Customer Participation SEIKO EPSON CORPORATION 8/5/2015 2.62 MB 1.7.0.0
Epson Event Manager Seiko Epson Corporation 8/5/2015 42.4 MB 3.01.0013
EPSON Scan Seiko Epson Corporation 8/5/2015 7.64 MB 
EPSON XP-410 Series Printer Uninstall SEIKO EPSON Corporation 8/5/2015  
Epson XP-410 User's Guide version 1.0  8/5/2015 1.39 MB 1.0
EpsonNet Print SEIKO EPSON CORPORATION 8/5/2015 3.41 MB 2.6.0
HP Advisor Hewlett-Packard 3/5/2011 47.3 MB 3.1.9152.3107
HP Customer Experience Enhancements Hewlett-Packard 3/4/2011 0.98 MB 5.1.0.2264
HP Easy Setup - Frontend Hewlett-Packard 3/4/2011 1.93 MB 5.1.0.2269
HP On-Screen Cap/Num/Scroll Lock Indicator Hewlett-Packard 3/4/2011  
HP Update Hewlett-Packard 3/15/2012 3.98 MB 5.003.000.004
HP Webcam User's Guide Hewlett-Packard 7/16/2011 1.17 MB 
ISA 2 basic Scripture4all Foundation 11/28/2011 25.2 MB 2.1.5.0
ISA 2.0 - YLT module 1.2.1 Scripture4all.org 11/28/2011 25.2 MB 1.2.1
ISA_CLV_module 1.2.0 Scripture4all.org 11/28/2011 25.2 MB 1.2.0
Java 8 Update 45  3/4/2011  
Java 8 Update 51 Oracle Corporation 8/3/2015 9.36 MB 8.0.510
Malwarebytes Anti-Malware version 2.1.8.1057 Malwarebytes Corporation 8/6/2015 52.7 MB 2.1.8.1057
McAfee Virtual Technician McAfee, Inc. 7/20/2011 6.34 MB 6.0.0.0
Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 3/6/2011 27.8 MB 
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 2/16/2013 117 MB 4.0.30319
Microsoft .NET Framework 4 Extended Microsoft Corporation 2/16/2013 38.0 MB 4.0.30319
Microsoft SQL Server 2005 Microsoft Corporation 7/30/2011 61.3 MB 
Microsoft SQL Server Native Client Microsoft Corporation 7/30/2011 2.57 MB 9.00.3042.00
Microsoft SQL Server Setup Support Files (English) Microsoft Corporation 7/30/2011 20.2 MB 9.00.3042.00
Microsoft SQL Server VSS Writer Microsoft Corporation 7/30/2011 687 KB 9.00.3042.00
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 7/16/2011 422 KB 8.0.56336
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 5/16/2011 1.41 MB 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 3/12/2011 590 KB 9.0.30729.4148
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Microsoft Corporation 12/10/2013 6.12 MB 10.0.31119
Microsoft Works Microsoft Corporation 3/4/2011 265 MB 08.05.0818
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 3/5/2011 35.0 KB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 3/5/2011 1.33 MB 4.20.9876.0
My HP Games WildTangent 3/4/2011 797 MB HPCMPQ1701
NVIDIA Drivers  3/5/2011  
OpenOffice.org 3.3 OpenOffice.org 3/12/2011 372 MB 3.3.9567
QuickTime Apple Inc. 10/14/2012 73.2 MB 7.72.80.56
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 3/5/2011 11.3 MB 6.0.1.5548
Revo Uninstaller 1.95 VS Revo Group 8/3/2015 6.62 MB 1.95
Roxio Creator Audio Roxio 3/4/2011 3.81 MB 3.4.0
Roxio Creator Basic v9 Roxio 3/4/2011 29.2 MB 3.4.0
Roxio Creator Copy Roxio 3/4/2011 652 KB 3.4.0
Roxio Creator Data Roxio 3/4/2011 849 KB 3.4.0
Roxio Creator EasyArchive Roxio 3/4/2011 1.49 MB 3.4.0
Roxio Creator Tools Roxio 3/4/2011 358 KB 3.4.0
Roxio Express Labeler 3 Roxio 3/4/2011 18.0 MB 3.2.1
Roxio MyDVD Basic v9 Roxio 3/4/2011 322 MB 9.0.559
Soft Data Fax Modem with SmartCP Conexant Systems 8/3/2015 0.97 MB 7.74.00
Software Updater SEIKO EPSON CORPORATION 8/5/2015 6.41 MB 4.0.1
VST Bridge 1.1  3/12/2011 10.5 MB 
Windows Media Player Firefox Plugin Microsoft Corp 8/6/2011 296 KB 1.0.0.8
Windows Migration Assistant Apple Inc. 6/5/2012 7.24 MB 1.0.0.32
Yes Task Adobe Acrobat Update Task Adobe Systems Incorporated C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Yes Task Adobe Flash Player Updater Adobe Systems Incorporated C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Yes Task Carbonite Upgrade Check  "C:\ProgramData\Carbonite\Carbonite Backup\CarboniteUpgrade.exe" /silent
Yes Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes Task EPSON XP-410 Series Invitation {ABEC2040-F52F-4AFE-B84D-F1420FE934ED} SEIKO EPSON CORPORATION C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLAE.EXE /EXE:"{ABEC2040-F52F-4AFE-B84D-F1420FE934ED}" /F:"Invitation"
Yes Task EPSON XP-410 Series Update {ABEC2040-F52F-4AFE-B84D-F1420FE934ED} SEIKO EPSON CORPORATION C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLAE.EXE /EXE:"{ABEC2040-F52F-4AFE-B84D-F1420FE934ED}" /F:"Update"
Yes Task HP Health Check Hewlett-Packard "c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" /Scan
 



#8 KeepinUp

KeepinUp
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:27 AM

Posted 07 August 2015 - 11:38 AM

I forgot to mention that neither Chrome nor Chromium showed up on Revo Uninstaller.  MBAM scan did not turn anything up.



#9 buddy215

buddy215

  • Moderator
  • 13,411 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:27 AM

Posted 07 August 2015 - 12:43 PM

Disable these Windows Startups: (Use CCleaner by clicking on each item to highlight and then choosing on the right to Disable, Remove or Uninstall)

Yes HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
Yes HKCU:Run ehTray.exe Microsoft Corporation C:\Windows\ehome\ehTray.exe
Yes HKCU:Run EPLTarget\P0000000000000000 SEIKO EPSON CORPORATION C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILAE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-410 Series"
Yes HKCU:Run EPSON Stylus CX7800 Series (Copy 1)  C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIAFA.EXE /FU "C:\Windows\TEMP\E_SEBCD.tmp" /EF "HKCU"
Yes HKCU:Run HPAdvisor Hewlett-Packard C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
Yes HKCU:Run Sidebar Microsoft Corporation C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
Yes HKCU:Run WMPNSCFG Microsoft Corporation C:\Program Files\Windows Media Player\WMPNSCFG.exe
Yes HKLM:Run ArcSoft Connection Service ArcSoft Inc. C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
Yes HKLM:Run DT ACR Portrait Displays, Inc. C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe -ACR
Yes HKLM:Run EEventManager SEIKO EPSON CORPORATION "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
Yes HKLM:Run HP Health Check Scheduler Hewlett-Packard c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
Yes HKLM:Run HP Software Update Hewlett-Packard C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
Yes HKLM:Run hpsysdrv Hewlett-Packard Company c:\hp\support\hpsysdrv.exe

Yes HKLM:Run mcui_exe  "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey (Remove...not just disable)

Yes HKLM:Run QuickTime Task Apple Inc. "C:\Program Files\QuickTime\QTTask.exe" -atboottime

Yes HKLM:Run SunJavaUpdateSched Oracle Corporation "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

 

Unistall these programs:

Java 8 Update 45  3/4/2011

McAfee Virtual Technician McAfee, Inc. 7/20/2011 6.34 MB 6.0.0.0

My HP Games WildTangent 3/4/2011 797 MB HPCMPQ1701 (Unless you actually play them)

OpenOffice.org 3.3 OpenOffice.org 3/12/2011 372 MB 3.3.9567

QuickTime Apple Inc. 10/14/2012 73.2 MB 7.72.80.56

Windows Media Player Firefox Plugin Microsoft Corp 8/6/2011 296 KB 1.0.0.8

 

Disable These Tasks:

Yes Task Adobe Acrobat Update Task Adobe Systems Incorporated C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Yes Task Adobe Flash Player Updater Adobe Systems Incorporated C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Yes Task Carbonite Upgrade Check  "C:\ProgramData\Carbonite\Carbonite Backup\CarboniteUpgrade.exe" /silent
Yes Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes Task EPSON XP-410 Series Invitation {ABEC2040-F52F-4AFE-B84D-F1420FE934ED} SEIKO EPSON CORPORATION C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLAE.EXE /EXE:"{ABEC2040-F52F-4AFE-B84D-F1420FE934ED}" /F:"Invitation"
Yes Task EPSON XP-410 Series Update {ABEC2040-F52F-4AFE-B84D-F1420FE934ED} SEIKO EPSON CORPORATION C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLAE.EXE /EXE:"{ABEC2040-F52F-4AFE-B84D-F1420FE934ED}" /F:"Update"
Yes Task HP Health Check Hewlett-Packard "c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" /Scan
 

 

Suggest you install Firefox Browser.....Firefox for Windows

Then follow the directions for using Eset Online Scanner:

  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps) (Firefox is an alternate browser)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

Edited by buddy215, 07 August 2015 - 01:03 PM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#10 KeepinUp

KeepinUp
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:27 AM

Posted 07 August 2015 - 03:54 PM

Before I uninstall QuickTime Apple, I wanted to ask if this is needed for iTunes, which we plan to install. Also, from your requests, I am wondering if there is a reason that you like Firefox over Chrome. I have always heard that Chrome should be chosen over Firefox.

 

Here is the scan from ESET. I also disabled and uninstalled everything except QuickTime because I had a question about it.

 

 

 

 

 

C:\AdwCleaner\Quarantine\C\ProgramData\Conduit\Multi\CT3287802\UninstallerUI.exe.vir a variant of Win32/Toolbar.Conduit.AJ potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Scott\AppData\Local\Conduit\Chrome\CT3287802\CHUninstaller.exe.vir a variant of Win32/Conduit.SearchProtect.N potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Scott\AppData\Local\Conduit\Chrome\CT3287802\UninstallerUI.exe.vir a variant of Win32/Toolbar.Conduit.AJ potentially unwanted application deleted - quarantined
C:\Users\Scott\Downloads\switchsetup.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted - quarantined
 



#11 buddy215

buddy215

  • Moderator
  • 13,411 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:27 AM

Posted 07 August 2015 - 04:35 PM

That's an old Quick Time. ITunes will install the latest version when you decide to install ITunes.

 

You can try installing Chrome....hopefully all goes well. If it doesn't....uninstall using Revo. Actually, installing and then using Revo should remove the old profile

that still exists. Then reinstall Chrome.

 

Eset found only one item not quarantined by AdwCleaner....

 

Is the computer now performing up to par or is there still a problem with adware, search redirects, etc.?


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#12 KeepinUp

KeepinUp
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:27 AM

Posted 07 August 2015 - 04:49 PM

It actually seems to be working quite well.  Do you recommend McAfee?  Is there anything I should install for protection?  I will uninstall Quick Time, although i am used to Firefox, so if it is safe, I will just use that.  There is now a blue box with a couple circles inside to the top right of IE and Firefox.  Is this a concern?  I don't remember seeing it before.



#13 buddy215

buddy215

  • Moderator
  • 13,411 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:27 AM

Posted 07 August 2015 - 04:55 PM

If you plan to purchase an antivirus then I would suggest Eset. If you want to try a free one, then I suggest Avast.

 

I don't know what you are seeing....what happens when you left click or right click on it or mouse over? I'm not using a Windows OS....my Firefox may appear different because of

that and many custom changes.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#14 KeepinUp

KeepinUp
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:27 AM

Posted 07 August 2015 - 06:01 PM

Regarding the blue box:  If I left click, a very fast box pops up that I don't have time to read, then a box pops up that lists various options such as Uninstall, Stop auto starting, kill process, kill and delete process, open containing folder, search at Google for,,, properties, CANCEL.  When I select Properties another box pops up Iexploreproperites.  Tabs at top are General, Compatibility, Digital Signitures, Security, Details.  If I right click, another box with other items listed pops up:  Open Main window, Auto start with windows,  drag and drop mode, Hunter Mode (this is checked), Window Size, Transparency, Help, Exit. 



#15 KeepinUp

KeepinUp
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:27 AM

Posted 07 August 2015 - 06:06 PM

Is is actually on my desktop now, and when I open IE and Firefox, it remains over the pages.  Looks like a box from Revo Uninstaller.  When I click the Help button, a Revo Uninstaller User Guide pops up. 


Edited by KeepinUp, 07 August 2015 - 06:09 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users