Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Delta Homes. Viruses. Slow Computer. Help


  • Please log in to reply
27 replies to this topic

#1 ~ JJ ~

~ JJ ~

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:UK
  • Local time:12:05 PM

Posted 02 November 2015 - 03:09 PM

Hi. 

 

My boyfriend has given me the task of 'fixing' his laptop, but there's probably so much on there that I'm posting here for help to find and remove. 

 

On Chrome he has the Delta Homes browser hijacker and it makes using the Internet impossible. He's had no anti-virus protection on his laptop and has downloaded games and such like. I don't even know how many other malware things he's got on it. 

 

Toshiba Laptop 

Windows 7 Home Premium 

Service pack 1 

64- bit OS 

 

All I have done so far is to download malware-bytes and I'm running a scan of that at the moment. 

 

Thank you for any help. 



BC AdBot (Login to Remove)

 


#2 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,630 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:05 AM

Posted 02 November 2015 - 03:14 PM

Hi ~ JJ ~ :)

My name is Aura and I'll be assisting you with your issue. Once you're done with the Malwarebytes scan, can you post the deletion (not the scan) log here please? Also, follow the instructions below.

3Al62Pm.pngMiniToolBox
  • Download MiniToolBox and move the executable file to your Desktop;
  • Right-click on MiniToolBox.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Check the following options:
    • Flush DNS;
    • Report IE Proxy Settings;
    • Reset IE Proxy Settings;
    • Report FF Proxy Settings;
    • Reset FF Proxy Settings;
    • List content of Hosts;
    • List IP Configuration;
    • List Last 10 Event Viewer Errors;
    • List Installed Programs;
    • List Devices - Only Problems;
    • List Users, Partitions and Memory size;
      B8oLpa3.png
  • Once this is done, click on Go and wait for the scan to complete;
  • Once the scan is complete, a log will open. Please copy/paste the content of the output log in your next reply;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#3 ~ JJ ~

~ JJ ~
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:UK
  • Local time:12:05 PM

Posted 02 November 2015 - 04:22 PM

Hi thank you for your reply and help Aura. Not sure if this is what you wanted off Malwarebytes but I hope so.

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 02/11/2015
Scan Time: 19:31
Logfile: MALWAREBYTES LOG.txt
Administrator: Yes

Version: 2.2.0.1024
Malware Database: v2015.11.02.05
Rootkit Database: v2015.10.28.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: leepylee

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 370061
Time Elapsed: 1 hr, 24 min, 42 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 7
PUP.Optional.Spigot, C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe, 1648, Delete-on-Reboot, [26175326a1eac57141e2dd4ecd34da26]
PUP.Optional.XTab, C:\Program Files (x86)\XTab\ProtectService.exe, 1632, Delete-on-Reboot, [74c90b6e553653e34fad5fcc7c854db3]
PUP.Optional.Giner, C:\Program Files (x86)\XTab\CmdShell.exe, 1944, Delete-on-Reboot, [0835c8b1aae1270f5cc0d38d3dc74cb4]
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe, 3232, Delete-on-Reboot, [bb821b5e2269d561dd914fdabd446e92]
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe, 2512, Delete-on-Reboot, [2b12adcc63281b1bdfd5d8a2738f728e]
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe, 1540, Delete-on-Reboot, [0c31f38655366ec88f26c9b109f9b64a]
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\BackupStack.exe, 2004, Delete-on-Reboot, [1c210178cbc043f367704e279f64cf31]

Modules: 4
PUP.Optional.XTab, C:\Program Files (x86)\XTab\msvcp110.dll, Delete-on-Reboot, [c875b3c68cff0f273cffa6eb4bb8ec14],
PUP.Optional.XTab, C:\Program Files (x86)\XTab\msvcp110.dll, Delete-on-Reboot, [c875b3c68cff0f273cffa6eb4bb8ec14],
PUP.Optional.XTab, C:\Program Files (x86)\XTab\msvcr110.dll, Delete-on-Reboot, [c875b3c68cff0f273cffa6eb4bb8ec14],
PUP.Optional.XTab, C:\Program Files (x86)\XTab\msvcr110.dll, Delete-on-Reboot, [c875b3c68cff0f273cffa6eb4bb8ec14],

Registry Keys: 135
PUP.Optional.Spigot, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Application Updater, Quarantined, [26175326a1eac57141e2dd4ecd34da26],
PUP.Optional.XTab, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IHProtect Service, Quarantined, [74c90b6e553653e34fad5fcc7c854db3],
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\APPID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}, Quarantined, [cf6e9cdddeadc86eb8334dd53bc76a96],
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}, Quarantined, [cf6e9cdddeadc86eb8334dd53bc76a96],
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}, Quarantined, [cf6e9cdddeadc86eb8334dd53bc76a96],
PUP.Optional.PriceGong, HKLM\SOFTWARE\CLASSES\APPID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}, Quarantined, [60dd17621a712b0bb6efb276857d8080],
PUP.Optional.PriceGong, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}, Quarantined, [60dd17621a712b0bb6efb276857d8080],
PUP.Optional.PriceGong, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}, Quarantined, [60dd17621a712b0bb6efb276857d8080],
PUP.Optional.SupTab, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Quarantined, [8bb24e2b5635ed493f0cfd2d7c866c94],
PUP.Optional.SupTab, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Quarantined, [8bb24e2b5635ed493f0cfd2d7c866c94],
PUP.Optional.SupTab, HKLM\SOFTWARE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, Quarantined, [8bb24e2b5635ed493f0cfd2d7c866c94],
PUP.Optional.SupTab, HKLM\SOFTWARE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, Quarantined, [8bb24e2b5635ed493f0cfd2d7c866c94],
PUP.Optional.SupTab, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, Quarantined, [8bb24e2b5635ed493f0cfd2d7c866c94],
PUP.Optional.SupTab, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, Quarantined, [8bb24e2b5635ed493f0cfd2d7c866c94],
PUP.Optional.SupTab, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, Quarantined, [8bb24e2b5635ed493f0cfd2d7c866c94],
PUP.Optional.SupTab, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, Quarantined, [8bb24e2b5635ed493f0cfd2d7c866c94],
PUP.Optional.SupTab, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Quarantined, [8bb24e2b5635ed493f0cfd2d7c866c94],
PUP.Optional.SecureWeb, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D3C24E2B-C820-4492-9B69-11BF7163F998}, Quarantined, [de5fbfba5239fa3c592644e513efda26],
PUP.Optional.SecureWeb, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{D3C24E2B-C820-4492-9B69-11BF7163F998}, Quarantined, [de5fbfba5239fa3c592644e513efda26],
PUP.Optional.SecureWeb, HKLM\SOFTWARE\CLASSES\TYPELIB\{2F137995-4D26-44AD-9C4E-91055090A817}, Quarantined, [de5fbfba5239fa3c592644e513efda26],
PUP.Optional.SecureWeb, HKLM\SOFTWARE\CLASSES\INTERFACE\{A1E7709A-3AFB-49B8-8719-CCBF3F73CCB1}, Quarantined, [de5fbfba5239fa3c592644e513efda26],
PUP.Optional.SecureWeb, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A1E7709A-3AFB-49B8-8719-CCBF3F73CCB1}, Quarantined, [de5fbfba5239fa3c592644e513efda26],
PUP.Optional.SecureWeb, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{A1E7709A-3AFB-49B8-8719-CCBF3F73CCB1}, Quarantined, [de5fbfba5239fa3c592644e513efda26],
PUP.Optional.SecureWeb, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{2F137995-4D26-44AD-9C4E-91055090A817}, Quarantined, [de5fbfba5239fa3c592644e513efda26],
PUP.Optional.SecureWeb, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{2F137995-4D26-44AD-9C4E-91055090A817}, Quarantined, [de5fbfba5239fa3c592644e513efda26],
PUP.Optional.SecureWeb, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{D3C24E2B-C820-4492-9B69-11BF7163F998}, Quarantined, [de5fbfba5239fa3c592644e513efda26],
PUP.Optional.SecureWeb, HKU\S-1-5-21-2144891622-77169984-1251611374-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D3C24E2B-C820-4492-9B69-11BF7163F998}, Quarantined, [de5fbfba5239fa3c592644e513efda26],
PUP.Optional.SecureWeb, HKU\S-1-5-21-2144891622-77169984-1251611374-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D3C24E2B-C820-4492-9B69-11BF7163F998}, Quarantined, [de5fbfba5239fa3c592644e513efda26],
PUP.Optional.GoSearchMe, HKU\S-1-5-21-2144891622-77169984-1251611374-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{20B9D1AE-AD1A-38B4-87FE-AF278DA9861D}, Quarantined, [ab9275046c1f9d99bf661f06ad5558a8],
PUP.Optional.GoSearchMe, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{20B9D1AE-AD1A-38B4-87FE-AF278DA9861D}, Quarantined, [ab9275046c1f9d99bf661f06ad5558a8],
PUP.Optional.BrowserWarden, HKU\S-1-5-21-2144891622-77169984-1251611374-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{2C09954F-CDA8-4BD1-8794-1D543E050378}, Quarantined, [c37a017872199d99047f36edc43ee31d],
PUP.Optional.DataMngr, HKU\S-1-5-21-2144891622-77169984-1251611374-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}, Quarantined, [ac91e2977912c175e5384adab34f9d63],
Adware.GamePlayLab, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{65bcd620-07dd-012f-819f-073cf1b8f7c6}, Quarantined, [be7fed8c8cffec4aa070b4583ec4e21e],
Adware.GamePlayLab, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110011221158}, Quarantined, [94a9f485afdcff37ca42f21acd353bc5],
Adware.GamePlayLab, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{11111111-1111-1111-1111-110011221158}, Quarantined, [94a9f485afdcff37ca42f21acd353bc5],
PUP.Optional.DealPly, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}, Quarantined, [152864151b70b482a09be93b2fd3a45c],
Adware.GamePlayLab, HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550055225558}, Quarantined, [1c2115646229a5918c83b7553bc753ad],
Adware.GamePlayLab, HKLM\SOFTWARE\CLASSES\TypeLib\{44444444-4444-4444-4444-440044224458}, Quarantined, [94a992e74249fb3b848bbe4ea85a7d83],
Adware.GamePlayLab, HKLM\SOFTWARE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660066226658}, Quarantined, [94a992e74249fb3b848bbe4ea85a7d83],
Adware.GamePlayLab, HKLM\SOFTWARE\CLASSES\INTERFACE\{77777777-7777-7777-7777-770077227758}, Quarantined, [94a992e74249fb3b848bbe4ea85a7d83],
PUP.Optional.SearchApp, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\aaaaaiabcopkplhgaedhbloeejhhankf, Quarantined, [8eaf2554197285b10e6bbdc3ed16fa06],
PUP.Optional.Bandoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}, Quarantined, [44f9dd9c4b407abc8c58badcd0331ae6],
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32LDR  , Quarantined, [97a6fa7f72198caa570cd7b4de25d828],
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}, Quarantined, [bc8135449cefb581313478c730d34fb1],
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}, Quarantined, [0a33b9c0315a3bfbc4a0c9763dc6d828],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BITGUARD.EXE, Quarantined, [dd605d1c92f938fe65dbb5b58281718f],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BPROTECT.EXE, Quarantined, [6bd2f7827f0cd2647ac70169887bb848],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BPSVC.EXE, Quarantined, [41fc01786f1cf1452d152347778cb749],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSERDEFENDER.EXE, Quarantined, [47f632477318c472cb793d2d6b9835cb],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSERPROTECT.EXE, Quarantined, [a09d83f6c8c304322d193832a3601be5],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSERSAFEGUARD.EXE, Quarantined, [a39a2e4b9af102347ec9175306fd629e],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DPROTECTSVC.EXE, Quarantined, [6cd169106d1ece681c3967036f94d030],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\JUMPFLIP, Quarantined, [51ec36430a8171c50969f07ac83b59a7],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\PROTECTEDSEARCH.EXE, Quarantined, [90ad37424c3f55e1552326440ff45aa6],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SEARCHINSTALLER.EXE, Quarantined, [95a8d8a1a2e995a105778bdfb74cc43c],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SEARCHPROTECTION.EXE, Quarantined, [9ca1a2d74348a096b6c7d7938380847c],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SEARCHPROTECTOR.EXE, Quarantined, [dc615f1aacdf73c37509ed7d7b88fb05],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SEARCHSETTINGS.EXE, Quarantined, [74c95821810acc6a344b2248b350f10f],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SEARCHSETTINGS64.EXE, Quarantined, [dc61a6d34d3e01354838a6c417ec3bc5],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SNAPDO.EXE, Quarantined, [5be2691038537abc3c4791d952b105fb],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\STINST32.EXE, Quarantined, [1429abceb7d4fb3bc4c34327bc4757a9],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\STINST64.EXE, Quarantined, [76c7e990f992171fa3e51258e51e0af6],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\UMBRELLA.EXE, Quarantined, [85b812677b103bfbc6cd1852cc3717e9],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\UTILJUMPFLIP.EXE, Quarantined, [93aa3643454622148f05333754afe21e],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\VOLARO, Quarantined, [50ed5e1b612a83b3266f7ceebd469868],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\VONTEERA, Quarantined, [d9647108612aff37afe79bcf956e58a8],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\WEBSTEROIDS.EXE, Quarantined, [4df06019bfccd462a4f36604c14224dc],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\WEBSTEROIDSSERVICE.EXE, Quarantined, [c677364391fa23138c0cef7bfa09817f],
PUP.Optional.DealPly, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\DealPly, Delete-on-Reboot, [a19ca0d9503be254adeb332b897abb45],
PUP.Optional.DealPly, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\DealPlyUpdate, Delete-on-Reboot, [40fdc9b044470a2cf0a8d5893dc650b0],
PUP.Optional.GetPrivate, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\GPUpdateCheck, Delete-on-Reboot, [c07ddc9d1a719a9c293de28420e3ab55],
PUP.Optional.SecureWeb, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Jelbrus Secure Web Task, Delete-on-Reboot, [a69766137813ab8b09b985fc1ee5e41c],
PUP.Optional.AdvertisingSupport, HKLM\SOFTWARE\WOW6432NODE\AdvertisingSupport, Quarantined, [3c010178f8931f17c8b078d713f0857b],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\AskPartnerNetwork, Quarantined, [63da770291fa2a0c6a496d0d1de526da],
PUP.Optional.BrowserWarden, HKLM\SOFTWARE\WOW6432NODE\Browser Warden, Quarantined, [ce6ff4852962eb4b1832b5a09a697987],
PUP.Optional.Delta.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\delta-homesSoftware, Quarantined, [221bf089f2997db9427e4246be44817f],
PUP.Optional.IHProtect, HKLM\SOFTWARE\WOW6432NODE\IHProtect, Quarantined, [cd70017835562115abfc2941ac5711ef],
PUP.Optional.SearchApp, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\aaaaaiabcopkplhgaedhbloeejhhankf, Quarantined, [b786f584dcaff6407aff245cb94a8080],
PUP.Optional.PriceGong, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\bkomkajifikmkfnjgphkjcfeepbnojok, Quarantined, [62dbd1a82665b87e049c651663a0f30d],
PUP.Optional.DealPly, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\gaiilaahiahdejapggenmdmafpmbipje, Quarantined, [c9746a0fbfcc88ae494a1b439b68b14f],
PUP.Optional.Bandoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}, Quarantined, [9ba2691007842e08f5ef385ec241a759],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BITGUARD.EXE, Quarantined, [04393c3d751657df09370e5c57ac629e],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BPROTECT.EXE, Quarantined, [ba83caafc2c942f4231e7befe71c45bb],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BPSVC.EXE, Quarantined, [2b126118ff8c93a34ef46dfd15eeb14f],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSERDEFENDER.EXE, Quarantined, [9ca181f8622990a6dd6762086e953cc4],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSERPROTECT.EXE, Quarantined, [80bd07723754fe38c97d511950b3cc34],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSERSAFEGUARD.EXE, Quarantined, [b489a8d19dee4aec083f5a10f11210f0],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DPROTECTSVC.EXE, Quarantined, [95a8abce1f6c95a1db7a0c5e17ec1be5],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\JUMPFLIP, Quarantined, [172681f8c9c22d090a6887e31be837c9],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\PROTECTEDSEARCH.EXE, Quarantined, [50eddf9a503b3ef8dc9cb7b308fbcc34],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SEARCHINSTALLER.EXE, Quarantined, [f14cfe7b315a60d6720a0a60a85b0bf5],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SEARCHPROTECTION.EXE, Quarantined, [3b023841f39879bde59894d610f308f8],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SEARCHPROTECTOR.EXE, Quarantined, [c974c7b26823f244d8a60e5c14ef659b],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SEARCHSETTINGS.EXE, Quarantined, [75c81d5c33580234dda2e48650b354ac],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SEARCHSETTINGS64.EXE, Quarantined, [74c9bfba216aaf87a0e0b0ba2ed5c33d],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SNAPDO.EXE, Quarantined, [162762179af165d1107380eade257e82],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\STINST32.EXE, Quarantined, [e15cef8ac7c43afcafd8ff6bdd2608f8],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\STINST64.EXE, Quarantined, [96a73247197244f2fa8ea4c60af90ff1],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\UMBRELLA.EXE, Quarantined, [bd8046338b00ae88355e501ad033ae52],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\UTILJUMPFLIP.EXE, Quarantined, [3ffebfba147765d113811a5054af728e],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\VOLARO, Quarantined, [bb82c2b7ff8c6fc7ff9667031ee5d62a],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\VONTEERA, Quarantined, [73ca01780f7c9b9be6b002689f6403fd],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\WEBSTEROIDS.EXE, Quarantined, [df5e5227b3d844f2e2b55812cd3607f9],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\WEBSTEROIDSSERVICE.EXE, Quarantined, [89b4a6d305862214e3b5650511f240c0],
PUP.Optional.ASK.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4F524A2D-5350-4500-76A7-A758B70C1200}, Quarantined, [5edfa0d9eaa182b4287d3b5a4eb553ad],
PUP.Optional.SearchProtect, HKLM\SOFTWARE\WOW6432NODE\SEARCHPROTECT, Quarantined, [fe3f7dfc791203337cb2a0e148bb2ed2],
PUP.Optional.SearchProtect, HKLM\SOFTWARE\WOW6432NODE\SPPDCOM, Quarantined, [3b0299e0e1aa51e5270896eb26dd6a96],
PUP.Optional.SupTab, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, Quarantined, [1429ec8dc7c496a098480e7920e30cf4],
PUP.Optional.V9.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\V9SOFTWARE\v9hp, Quarantined, [7dc0eb8ec6c5cc6a0b858d053ac8b050],
PUP.Optional.APNToolBar.Gen, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\APNMCP, Quarantined, [0c31f38655366ec88f26c9b109f9b64a],
PUP.Optional.MyPCBackup, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\BACKUPSTACK, Quarantined, [1c210178cbc043f367704e279f64cf31],
PUP.Optional.IEPluginServices, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\IePluginServices, Quarantined, [b786fb7ef8939d992a102545e41fd22e],
PUP.Optional.SearchProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPPD, Quarantined, [a99492e7543740f6be1de7a10df5d62a],
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-18\SOFTWARE\AskPartnerNetwork, Quarantined, [5de03b3eb6d579bd32804d2db64cb050],
PUP.Optional.Spigot, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\Search Settings, Quarantined, [a19c3247afdc5ed8d7312f5751b2926e],
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-21-2144891622-77169984-1251611374-1000\SOFTWARE\AskPartnerNetwork, Quarantined, [310caecbadde11258d25df9b6e94649c],
PUP.Optional.BabylonToolBar, HKU\S-1-5-21-2144891622-77169984-1251611374-1000\SOFTWARE\BabylonToolbar, Quarantined, [d16cdb9e513a1422949ea1b0e71c2bd5],
PUP.Optional.DealPly, HKU\S-1-5-21-2144891622-77169984-1251611374-1000\SOFTWARE\DealPly, Quarantined, [58e58fead2b97abc27667ae438cb649c],
PUP.Optional.InstallCore, HKU\S-1-5-21-2144891622-77169984-1251611374-1000\SOFTWARE\InstallCore, Quarantined, [f449f1882368bc7a368e98d3c83b50b0],
PUP.Optional.BlockAndSurf, HKU\S-1-5-21-2144891622-77169984-1251611374-1000\SOFTWARE\APPDATALOW\SOFTWARE\BlockAndSurf, Quarantined, [99a47207f497b482ae0cee642dd6ac54],
PUP.Optional.IWantThis, HKU\S-1-5-21-2144891622-77169984-1251611374-1000\SOFTWARE\APPDATALOW\SOFTWARE\I Want This, Quarantined, [59e43148cac1fb3b9eaeb0bca063ff01],
PUP.Optional.PriceGong, HKU\S-1-5-21-2144891622-77169984-1251611374-1000\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong, Quarantined, [45f891e88506ef47435ae09b4db66898],
PUP.Optional.CrossRider, HKU\S-1-5-21-2144891622-77169984-1251611374-1000\SOFTWARE\CR_INSTALLER\2258, Quarantined, [3ffe6811a4e768ce357da5b7649f7b85],
PUP.Optional.DealPly, HKU\S-1-5-21-2144891622-77169984-1251611374-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\gaiilaahiahdejapggenmdmafpmbipje, Quarantined, [e855b7c27f0c40f6a7e82737699a738d],
PUP.Optional.DoSearch.ShrtCln, HKU\S-1-5-21-2144891622-77169984-1251611374-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Quarantined, [44f9671297f437ff80e33f3c61a13fc1],
PUP.Optional.DoSearch.ShrtCln, HKU\S-1-5-21-2144891622-77169984-1251611374-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{14FD374D-BDFB-48C3-AC19-AB58C4C6138B}, Quarantined, [3ffe354474175bdb422168132bd7ea16],
PUP.Optional.DoSearch.ShrtCln, HKU\S-1-5-21-2144891622-77169984-1251611374-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}, Quarantined, [e8550a6f642738fec49faad1d032a35d],
PUP.Optional.Delta.ShrtCln, HKU\S-1-5-21-2144891622-77169984-1251611374-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Quarantined, [46f7e49517746ec8b1b69be02ed4847c],
PUP.Optional.DoSearch.ShrtCln, HKU\S-1-5-21-2144891622-77169984-1251611374-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}, Quarantined, [63daf188f09b81b57ee57209a45e30d0],
PUP.Optional.DoSearch.ShrtCln, HKU\S-1-5-21-2144891622-77169984-1251611374-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E733165D-CBCF-4FDA-883E-ADEF965B476C}, Quarantined, [db62b4c5167556e073f0d3a82bd7d52b],
PUP.Optional.DealPly, HKU\S-1-5-21-2144891622-77169984-1251611374-1000\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\gaiilaahiahdejapggenmdmafpmbipje, Quarantined, [fa4380f9bccffd39e9a646184db6df21],
PUP.Optional.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PrivoxyService, Quarantined, [a19c483193f8ac8a9db0f45472903dc3],
PUP.Optional.MyPCBackup, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\MyPC Backup, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110011221158}, Quarantined, [122b5722e2a973c3e979192ae51f9769],
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{11111111-1111-1111-1111-110011221158}, Quarantined, [122b5722e2a973c3e979192ae51f9769],

Registry Values: 79
PUP.Optional.SpeedTray, HKU\S-1-5-21-2144891622-77169984-1251611374-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SpeedTray, C:\Users\leepylee\AppData\Roaming\SpeedTray\speedtray.exe, Quarantined, [e05d4831434841f59553265f946f649c]
PUP.Optional.ASKPartnerNetwork, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\aaaaaiabcopkplhgaedhbloeejhhankf|path, C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx, Quarantined, [3d00adcc7615d462178ff4a163a0659b]
PUP.Optional.Bandoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}|URL, http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=209&systemid=488&v=a12834-392&apn_uid=0400765830674492&apn_dtid=TCH001&o=APN11459&apn_ptnrs=AG1&q={searchTerms}, Quarantined, [44f9dd9c4b407abc8c58badcd0331ae6]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\chrome.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130637593347232308, Quarantined, [1825b9c059322c0a00625f2cb94a6b95]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\explorer.xxx|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130637593347232308, Quarantined, [6ad395e423687cba253d82090af98977]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\firefox.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130637593347232308, Quarantined, [b38a1f5a503bc076a6bc2368f90a7a86]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\iexplore.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130637593347232308, Quarantined, [d469a7d27f0c52e4ca98bccf46bd9e62]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_removal_tool.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130637593347232308, Quarantined, [e5589adf7b10f04666fcf69528db956b]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_reporter_tool.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130637593347232308, Quarantined, [9ba27306c3c81224530f92f9af5402fe]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32Ldr  |{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130637593347232308, Quarantined, [97a6fa7f72198caa570cd7b4de25d828]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BITGUARD.EXE|debugger, tasklist.exe, Quarantined, [dd605d1c92f938fe65dbb5b58281718f]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BPROTECT.EXE|debugger, tasklist.exe, Quarantined, [6bd2f7827f0cd2647ac70169887bb848]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BPSVC.EXE|debugger, tasklist.exe, Quarantined, [41fc01786f1cf1452d152347778cb749]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSERDEFENDER.EXE|debugger, tasklist.exe, Quarantined, [47f632477318c472cb793d2d6b9835cb]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSERPROTECT.EXE|debugger, tasklist.exe, Quarantined, [a09d83f6c8c304322d193832a3601be5]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSERSAFEGUARD.EXE|debugger, tasklist.exe, Quarantined, [a39a2e4b9af102347ec9175306fd629e]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DPROTECTSVC.EXE|debugger, tasklist.exe, Quarantined, [6cd169106d1ece681c3967036f94d030]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\JUMPFLIP|debugger, tasklist.exe, Quarantined, [51ec36430a8171c50969f07ac83b59a7]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\PROTECTEDSEARCH.EXE|debugger, tasklist.exe, Quarantined, [90ad37424c3f55e1552326440ff45aa6]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SEARCHINSTALLER.EXE|debugger, tasklist.exe, Quarantined, [95a8d8a1a2e995a105778bdfb74cc43c]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SEARCHPROTECTION.EXE|debugger, tasklist.exe, Quarantined, [9ca1a2d74348a096b6c7d7938380847c]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SEARCHPROTECTOR.EXE|debugger, tasklist.exe, Quarantined, [dc615f1aacdf73c37509ed7d7b88fb05]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SEARCHSETTINGS.EXE|debugger, tasklist.exe, Quarantined, [74c95821810acc6a344b2248b350f10f]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SEARCHSETTINGS64.EXE|debugger, tasklist.exe, Quarantined, [dc61a6d34d3e01354838a6c417ec3bc5]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SNAPDO.EXE|debugger, tasklist.exe, Quarantined, [5be2691038537abc3c4791d952b105fb]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\STINST32.EXE|debugger, tasklist.exe, Quarantined, [1429abceb7d4fb3bc4c34327bc4757a9]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\STINST64.EXE|debugger, tasklist.exe, Quarantined, [76c7e990f992171fa3e51258e51e0af6]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\UMBRELLA.EXE|debugger, tasklist.exe, Quarantined, [85b812677b103bfbc6cd1852cc3717e9]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\UTILJUMPFLIP.EXE|debugger, tasklist.exe, Quarantined, [93aa3643454622148f05333754afe21e]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\VOLARO|debugger, tasklist.exe, Quarantined, [50ed5e1b612a83b3266f7ceebd469868]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\VONTEERA|debugger, tasklist.exe, Quarantined, [d9647108612aff37afe79bcf956e58a8]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\WEBSTEROIDS.EXE|debugger, tasklist.exe, Quarantined, [4df06019bfccd462a4f36604c14224dc]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\WEBSTEROIDSSERVICE.EXE|debugger, tasklist.exe, Quarantined, [c677364391fa23138c0cef7bfa09817f]
PUP.Optional.ASKPartnerNetwork, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\aaaaaiabcopkplhgaedhbloeejhhankf|path, C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx, Quarantined, [320b7dfcdab151e5c0e6fd98857edb25]
PUP.Optional.ProtectedIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{20B9D1AE-AD1A-38B4-87FE-AF278DA9861D}|URL, https://search.protectedio.com/search.php/?q={searchTerms}&u=7a8a32ab-3d19-be84-a645-ce50f9fcdf76&c=p1&s=srch&inst=1435316231, Quarantined, [cd705b1e2269bd79e464c0d249ba5ca4]
PUP.Optional.Bandoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}|URL, http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=209&systemid=488&v=a12834-392&apn_uid=0400765830674492&apn_dtid=TCH001&o=APN11459&apn_ptnrs=AG1&q={searchTerms}, Quarantined, [9ba2691007842e08f5ef385ec241a759]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BITGUARD.EXE|debugger, tasklist.exe, Quarantined, [04393c3d751657df09370e5c57ac629e]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BPROTECT.EXE|debugger, tasklist.exe, Quarantined, [ba83caafc2c942f4231e7befe71c45bb]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BPSVC.EXE|debugger, tasklist.exe, Quarantined, [2b126118ff8c93a34ef46dfd15eeb14f]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSERDEFENDER.EXE|debugger, tasklist.exe, Quarantined, [9ca181f8622990a6dd6762086e953cc4]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSERPROTECT.EXE|debugger, tasklist.exe, Quarantined, [80bd07723754fe38c97d511950b3cc34]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSERSAFEGUARD.EXE|debugger, tasklist.exe, Quarantined, [b489a8d19dee4aec083f5a10f11210f0]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DPROTECTSVC.EXE|debugger, tasklist.exe, Quarantined, [95a8abce1f6c95a1db7a0c5e17ec1be5]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\JUMPFLIP|debugger, tasklist.exe, Quarantined, [172681f8c9c22d090a6887e31be837c9]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\PROTECTEDSEARCH.EXE|debugger, tasklist.exe, Quarantined, [50eddf9a503b3ef8dc9cb7b308fbcc34]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SEARCHINSTALLER.EXE|debugger, tasklist.exe, Quarantined, [f14cfe7b315a60d6720a0a60a85b0bf5]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SEARCHPROTECTION.EXE|debugger, tasklist.exe, Quarantined, [3b023841f39879bde59894d610f308f8]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SEARCHPROTECTOR.EXE|debugger, tasklist.exe, Quarantined, [c974c7b26823f244d8a60e5c14ef659b]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SEARCHSETTINGS.EXE|debugger, tasklist.exe, Quarantined, [75c81d5c33580234dda2e48650b354ac]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SEARCHSETTINGS64.EXE|debugger, tasklist.exe, Quarantined, [74c9bfba216aaf87a0e0b0ba2ed5c33d]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SNAPDO.EXE|debugger, tasklist.exe, Quarantined, [162762179af165d1107380eade257e82]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\STINST32.EXE|debugger, tasklist.exe, Quarantined, [e15cef8ac7c43afcafd8ff6bdd2608f8]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\STINST64.EXE|debugger, tasklist.exe, Quarantined, [96a73247197244f2fa8ea4c60af90ff1]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\UMBRELLA.EXE|debugger, tasklist.exe, Quarantined, [bd8046338b00ae88355e501ad033ae52]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\UTILJUMPFLIP.EXE|debugger, tasklist.exe, Quarantined, [3ffebfba147765d113811a5054af728e]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\VOLARO|debugger, tasklist.exe, Quarantined, [bb82c2b7ff8c6fc7ff9667031ee5d62a]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\VONTEERA|debugger, tasklist.exe, Quarantined, [73ca01780f7c9b9be6b002689f6403fd]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\WEBSTEROIDS.EXE|debugger, tasklist.exe, Quarantined, [df5e5227b3d844f2e2b55812cd3607f9]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\WEBSTEROIDSSERVICE.EXE|debugger, tasklist.exe, Quarantined, [89b4a6d305862214e3b5650511f240c0]
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|ApnTBMon, "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe", Quarantined, [2b12adcc63281b1bdfd5d8a2738f728e]
PUP.Optional.ASK.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4F524A2D-5350-4500-76A7-A758B70C1200}|InstallSource, C:\ProgramData\APN\APN-Stub\ORJ-SPE\, Quarantined, [5edfa0d9eaa182b4287d3b5a4eb553ad]
PUP.Optional.SearchProtect, HKLM\SOFTWARE\WOW6432NODE\SEARCHPROTECT|InstallDir, C:\PROGRA~2\SearchProtect, Quarantined, [fe3f7dfc791203337cb2a0e148bb2ed2]
PUP.Optional.SearchProtect, HKLM\SOFTWARE\WOW6432NODE\SPPDCOM|TS, 1, Quarantined, [3b0299e0e1aa51e5270896eb26dd6a96]
PUP.Optional.SupTab, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, ient04280, Quarantined, [1429ec8dc7c496a098480e7920e30cf4]
PUP.Optional.MyPCBackup, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\BACKUPSTACK|ImagePath, C:\Program Files (x86)\MyPC Backup\BackupStack.exe, Quarantined, [1c210178cbc043f367704e279f64cf31]
PUP.Optional.SearchProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPPD|ImagePath, \??\C:\Windows\system32\drivers\SPPD.sys, Quarantined, [a99492e7543740f6be1de7a10df5d62a]
PUP.Optional.DoSearch.ShrtCln, HKU\S-1-5-21-2144891622-77169984-1251611374-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}, Quarantined, [44f9671297f437ff80e33f3c61a13fc1]
PUP.Optional.DoSearch.ShrtCln, HKU\S-1-5-21-2144891622-77169984-1251611374-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{14FD374D-BDFB-48C3-AC19-AB58C4C6138B}|URL, http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}, Quarantined, [3ffe354474175bdb422168132bd7ea16]
PUP.Optional.DoSearch.ShrtCln, HKU\S-1-5-21-2144891622-77169984-1251611374-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|URL, http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}, Quarantined, [e8550a6f642738fec49faad1d032a35d]
PUP.Optional.DoSearch.ShrtCln, HKU\S-1-5-21-2144891622-77169984-1251611374-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|FaviconURL, http://do-search.com//favicon.ico, Quarantined, [310c0e6be6a5f83e9bc8601bcb3720e0]
PUP.Optional.ProtectedIO, HKU\S-1-5-21-2144891622-77169984-1251611374-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{20B9D1AE-AD1A-38B4-87FE-AF278DA9861D}|URL, https://search.protectedio.com/search.php/?q={searchTerms}&u=7a8a32ab-3d19-be84-a645-ce50f9fcdf76&c=p1&s=srch&inst=1435316231, Quarantined, [ec5172072c5f6dc996b1147e5aa91ce4]
PUP.Optional.GoSearch, HKU\S-1-5-21-2144891622-77169984-1251611374-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{20B9D1AE-AD1A-38B4-87FE-AF278DA9861D}|TopResultURL, https://gosearch.me/?q={searchTerms}&u=fea041e28324c566e12e1ac949109ff9&c=up1&src=srch&inst=1428442767, Quarantined, [cc717efb1279cc6a4f165a0d08fba759]
PUP.Optional.Delta.ShrtCln, HKU\S-1-5-21-2144891622-77169984-1251611374-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|DisplayName, delta-homes, Quarantined, [46f7e49517746ec8b1b69be02ed4847c]
PUP.Optional.DoSearch.ShrtCln, HKU\S-1-5-21-2144891622-77169984-1251611374-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}, Quarantined, [221bb6c3602b2a0cef74abd01ee45fa1]
PUP.Optional.Delta.ShrtCln, HKU\S-1-5-21-2144891622-77169984-1251611374-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|TopResultURL, http://search.delta-homes.com/web/?type=ds&ts=1430218887&from=ient04280&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS&q={searchTerms}, Quarantined, [73ca44353c4f56e03037611a49b9bc44]
PUP.Optional.DoSearch.ShrtCln, HKU\S-1-5-21-2144891622-77169984-1251611374-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}|URL, http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}, Quarantined, [63daf188f09b81b57ee57209a45e30d0]
PUP.Optional.DoSearch.ShrtCln, HKU\S-1-5-21-2144891622-77169984-1251611374-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E733165D-CBCF-4FDA-883E-ADEF965B476C}|URL, http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}, Quarantined, [db62b4c5167556e073f0d3a82bd7d52b]
PUM.Optional.ProxyHijacker, HKU\S-1-5-21-2144891622-77169984-1251611374-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|ProxyServer, 127.0.0.1:8118, Quarantined, [eb528aef820993a3f29e4e682dd632ce]
PUP.Optional.PriceGong, HKU\S-1-5-21-2144891622-77169984-1251611374-1000\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}, C:\Program Files (x86)\PriceGong\2.6.4\FF, Quarantined, [fb425d1ce9a2181e415d22596b98a957]

Registry Data: 18
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC64LO~1.DLL , Good: (), Bad: (C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC64LO~1.DLL),Replaced,[d8651069bad1ec4a2f79ad7d0ef38d73]
PUP.Optional.SearchProtect, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll, Good: (), Bad: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll),Replaced,[28150475c4c790a6ddcb1b0f23de9769]
PUP.Optional.Delta.ShrtCln, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\GOOGLE CHROME\SHELL\OPEN\COMMAND, "C:\Users\leepylee\AppData\Local\Google\Chrome\Application\chrome.exe" http://www.delta-homes.com/?type=sc&ts=1430218887&from=ient04280&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS, Good: (Chrome.exe), Bad: ("C:\Users\leepylee\AppData\Local\Google\Chrome\Application\chrome.exe" http://www.delta-homes.com/?type=sc&ts=1430218887&from=ient04280&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS),Replaced,[cd70f2876f1cae88e18054e97f85956b]
PUP.Optional.Delta.ShrtCln, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://www.delta-homes.com/?type=sc&ts=1430218887&from=ient04280&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS, Good: (iexplore.exe), Bad: (C:\Program Files\Internet Explorer\iexplore.exe http://www.delta-homes.com/?type=sc&ts=1430218887&from=ient04280&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS),Replaced,[d766ccad612a41f564fb9e9f23e10ef2]
PUP.Optional.V9.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://search.v9.com/web/?type=ds&ts=1403811207&from=irs&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS&i=psd&t=344bc974d&q={searchTerms}, Good: (www.google.com), Bad: (http://search.v9.com/web/?type=ds&ts=1403811207&from=irs&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS&i=psd&t=344bc974d&q={searchTerms}),Replaced,[e15cd8a1187303339e19b77f8183619f]
PUP.Optional.Delta.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.delta-homes.com/?type=hp&ts=1430218887&from=ient04280&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS, Good: (www.google.com), Bad: (http://www.delta-homes.com/?type=hp&ts=1430218887&from=ient04280&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS),Replaced,[1627f2871576e254c29897a60bf98977]
PUP.Optional.Delta.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.delta-homes.com/?type=hp&ts=1430218887&from=ient04280&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS, Good: (www.google.com), Bad: (http://www.delta-homes.com/?type=hp&ts=1430218887&from=ient04280&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS),Replaced,[4eefc0b92467b581d88217269b69669a]
PUP.Optional.V9.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://search.v9.com/web/?type=ds&ts=1403811207&from=irs&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS&i=psd&t=344bc974d&q={searchTerms}, Good: (www.google.com), Bad: (http://search.v9.com/web/?type=ds&ts=1403811207&from=irs&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS&i=psd&t=344bc974d&q={searchTerms}),Replaced,[e4594336b8d3f442882f0333cd37ac54]
PUP.Optional.Delta.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\GOOGLE CHROME\SHELL\OPEN\COMMAND, "C:\Users\leepylee\AppData\Local\Google\Chrome\Application\chrome.exe" http://www.delta-homes.com/?type=sc&ts=1430218887&from=ient04280&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS, Good: (Chrome.exe), Bad: ("C:\Users\leepylee\AppData\Local\Google\Chrome\Application\chrome.exe" http://www.delta-homes.com/?type=sc&ts=1430218887&from=ient04280&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS),Replaced,[211cf2870e7d9f975e035fdef014867a]
PUP.Optional.Delta.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://www.delta-homes.com/?type=sc&ts=1430218887&from=ient04280&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS, Good: (iexplore.exe), Bad: (C:\Program Files\Internet Explorer\iexplore.exe http://www.delta-homes.com/?type=sc&ts=1430218887&from=ient04280&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS),Replaced,[e05d6e0bee9d270fc7981429c63e51af]
PUP.Optional.V9.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://search.v9.com/web/?type=ds&ts=1403811207&from=irs&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS&i=psd&t=344bc974d&q={searchTerms}, Good: (www.google.com), Bad: (http://search.v9.com/web/?type=ds&ts=1403811207&from=irs&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS&i=psd&t=344bc974d&q={searchTerms}),Replaced,[91ace19896f54de92592eb4b23e144bc]
PUP.Optional.Delta.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.delta-homes.com/?type=hp&ts=1430218887&from=ient04280&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS, Good: (www.google.com), Bad: (http://www.delta-homes.com/?type=hp&ts=1430218887&from=ient04280&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS),Replaced,[63da7aff1f6c3df937235ae3778d8779]
PUP.Optional.Delta.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.delta-homes.com/?type=hp&ts=1430218887&from=ient04280&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS, Good: (www.google.com), Bad: (http://www.delta-homes.com/?type=hp&ts=1430218887&from=ient04280&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS),Replaced,[52eb26533e4de6503e1c71ccdd27f808]
PUP.Optional.V9.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://search.v9.com/web/?type=ds&ts=1403811207&from=irs&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS&i=psd&t=344bc974d&q={searchTerms}, Good: (www.google.com), Bad: (http://search.v9.com/web/?type=ds&ts=1403811207&from=irs&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS&i=psd&t=344bc974d&q={searchTerms}),Replaced,[45f8c0b9a5e60e28f3c420164db7916f]
PUP.Optional.Delta.ShrtCln, HKU\S-1-5-21-2144891622-77169984-1251611374-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://search.delta-homes.com/web/?type=ds&ts=1430218887&from=ient04280&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS&q={searchTerms}, Good: (www.google.com), Bad: (http://search.delta-homes.com/web/?type=ds&ts=1430218887&from=ient04280&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS&q={searchTerms}),Replaced,[2914f68383087fb7e5769aa338ccac54]
PUP.Optional.ProtectedIO, HKU\S-1-5-21-2144891622-77169984-1251611374-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, https://search.protectedio.com/?u=7a8a32ab-3d19-be84-a645-ce50f9fcdf76&c=p1&s=hp&inst=1435316231, Good: (http://www.google.com), Bad: (https://search.protectedio.com/?u=7a8a32ab-3d19-be84-a645-ce50f9fcdf76&c=p1&s=hp&inst=1435316231),Replaced,[e657176244478ea83971cf6e73913fc1]
PUP.Optional.Delta.ShrtCln, HKU\S-1-5-21-2144891622-77169984-1251611374-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.delta-homes.com/?type=hp&ts=1430218887&from=ient04280&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS, Good: (www.google.com), Bad: (http://www.delta-homes.com/?type=hp&ts=1430218887&from=ient04280&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS),Replaced,[3b020e6b305be25492c94cf17e8646ba]
PUP.Optional.Delta.ShrtCln, HKU\S-1-5-21-2144891622-77169984-1251611374-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://search.delta-homes.com/web/?type=ds&ts=1430218887&from=ient04280&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS&q={searchTerms}, Good: (www.google.com), Bad: (http://search.delta-homes.com/web/?type=ds&ts=1430218887&from=ient04280&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS&q={searchTerms}),Replaced,[e35a8bee4546f2440457c875fc08a957]

Folders: 61
PUP.Optional.MyPCBackup, C:\Users\leepylee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup, Quarantined, [5de083f639526cca923f8aeb50b37e82],
PUP.Optional.SpeedTray, C:\Users\leepylee\AppData\Roaming\SpeedTray, Quarantined, [e05d4831434841f59553265f946f649c],
PUP.Optional.XTab, C:\Program Files (x86)\XTab, Delete-on-Reboot, [c875b3c68cff0f273cffa6eb4bb8ec14],
PUP.Optional.XTab, C:\Program Files (x86)\XTab\web, Quarantined, [c875b3c68cff0f273cffa6eb4bb8ec14],
PUP.Optional.XTab, C:\Program Files (x86)\XTab\web\img, Quarantined, [c875b3c68cff0f273cffa6eb4bb8ec14],
PUP.Optional.XTab, C:\Program Files (x86)\XTab\web\js, Quarantined, [c875b3c68cff0f273cffa6eb4bb8ec14],
PUP.Optional.PrxySvrRST, C:\Program Files (x86)\Jelbrus Secure Web, Quarantined, [a19c483193f8ac8a9db0f45472903dc3],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub, Quarantined, [88b522570685da5ceb73c385956dcf31],
PUP.Optional.APNToolBar.Gen, C:\Users\leepylee\AppData\Local\AskPartnerNetwork, Quarantined, [7cc1e8911b706dc9233d8abeac56936d],
PUP.Optional.APNToolBar.Gen, C:\Users\leepylee\AppData\Local\AskPartnerNetwork\Toolbar, Quarantined, [7cc1e8911b706dc9233d8abeac56936d],
PUP.Optional.APNToolBar.Gen, C:\Users\leepylee\AppData\Local\AskPartnerNetwork\Toolbar\Updater, Quarantined, [7cc1e8911b706dc9233d8abeac56936d],
PUP.Optional.APNToolBar.Gen, C:\Users\leepylee\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC, Quarantined, [7cc1e8911b706dc9233d8abeac56936d],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork, Delete-on-Reboot, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\ChromeUtils, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar, Delete-on-Reboot, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\ChromeUtils, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\Updater, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\Updater\IDC, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID}, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\VNT, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater, Delete-on-Reboot, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\IDC, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.DataMngr, C:\Users\leepylee\AppData\LocalLow\DataMngr, Quarantined, [48f51b5e2368ed495d4cc295010114ec],
PUP.Optional.IEPluginServices, C:\ProgramData\IePluginServices, Quarantined, [2d108fea84077abc46103e2049b97e82],
PUP.Optional.IEPluginServices, C:\ProgramData\IePluginServices\update, Quarantined, [2d108fea84077abc46103e2049b97e82],
PUP.Optional.IHProtectUpDate, C:\ProgramData\IHProtectUpDate, Quarantined, [a39acbae583355e1fd63b2aca45e6a96],
PUP.Optional.IHProtectUpDate, C:\ProgramData\IHProtectUpDate\update, Quarantined, [a39acbae583355e1fd63b2aca45e6a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup, Delete-on-Reboot, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\Config, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\Database, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\log, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\Resources, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\Resources\cache, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\x64, Delete-on-Reboot, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\x86, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.PriceGong, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong, Quarantined, [81bc96e30e7deb4b14c8f96dfd05eb15],
PUP.Optional.SearchProtect, C:\Program Files (x86)\SearchProtect\Main, Quarantined, [f14cabcea2e92412dd16ef7aa75b0000],
PUP.Optional.SearchProtect, C:\Program Files (x86)\SearchProtect\Main\bin, Quarantined, [f14cabcea2e92412dd16ef7aa75b0000],
PUP.Optional.SearchProtect, C:\Program Files (x86)\SearchProtect\SearchProtect\bin, Quarantined, [8db086f3642747ef30c44425fc0629d7],
PUP.Optional.SearchProtect, C:\Program Files (x86)\SearchProtect\UI\bin, Quarantined, [64d976039cef7db96d8874f56f93728e],
PUP.Optional.SearchProtect, C:\Windows\SysWOW64\config\systemprofile\AppData\Local\SearchProtect, Quarantined, [f548afcaa6e502348e682d3cf50d12ee],
PUP.Optional.SearchProtect, C:\Windows\SysWOW64\config\systemprofile\AppData\Local\SearchProtect\SearchProtect, Quarantined, [f548afcaa6e502348e682d3cf50d12ee],
PUP.Optional.SearchProtect, C:\Windows\SysWOW64\config\systemprofile\AppData\Local\SearchProtect\SearchProtect\rep, Quarantined, [f548afcaa6e502348e682d3cf50d12ee],
PUP.Optional.Spigot, C:\Program Files (x86)\Common Files\Spigot, Quarantined, [ca731663ccbf3afc1bab77f5b34f60a0],
PUP.Optional.Spigot, C:\Program Files (x86)\Common Files\Spigot\Search Settings, Quarantined, [ca731663ccbf3afc1bab77f5b34f60a0],
PUP.Optional.Spigot, C:\Program Files (x86)\Common Files\Spigot\Search Settings\Lang, Quarantined, [ca731663ccbf3afc1bab77f5b34f60a0],
PUP.Optional.ASK, C:\Program Files (x86)\Browser Tab Search by Ask, Quarantined, [201d8eebf19a280e03c6680a0df529d7],
PUP.Optional.ASK, C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut, Quarantined, [201d8eebf19a280e03c6680a0df529d7],
PUP.Optional.ASK, C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\BrowserTabSearch, Quarantined, [201d8eebf19a280e03c6680a0df529d7],
PUP.Optional.ASK, C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\x64, Quarantined, [201d8eebf19a280e03c6680a0df529d7],
PUP.Optional.WindowsProtectManager, C:\ProgramData\tWMiniProt, Quarantined, [043918612b60f343504b0c6a28da14ec],
PUP.Optional.WindowsProtectManager, C:\ProgramData\tWMiniProt\mitest, Quarantined, [043918612b60f343504b0c6a28da14ec],
PUP.Optional.Gomita, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\2fd07214b658fa9c5cd227b7780090f9, Quarantined, [c9741663147762d4f86a0264c93b6c94],
PUP.Optional.Gomita, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\2fd07214b658fa9c5cd227b7780090f9\content, Quarantined, [c9741663147762d4f86a0264c93b6c94],
PUP.Optional.Gomita, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\fea041e28324c566e12e1ac949109ff9, Quarantined, [08351f5abecd6bcbafb377ef72929c64],
PUP.Optional.Gomita, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\fea041e28324c566e12e1ac949109ff9\content, Quarantined, [08351f5abecd6bcbafb377ef72929c64],

Files: 200
PUP.Optional.Spigot, C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe, Delete-on-Reboot, [26175326a1eac57141e2dd4ecd34da26],
PUP.Optional.XTab, C:\Program Files (x86)\XTab\ProtectService.exe, Delete-on-Reboot, [74c90b6e553653e34fad5fcc7c854db3],
PUP.Optional.Giner, C:\Program Files (x86)\XTab\CmdShell.exe, Delete-on-Reboot, [0835c8b1aae1270f5cc0d38d3dc74cb4],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe, Delete-on-Reboot, [bb821b5e2269d561dd914fdabd446e92],
PUP.Optional.SearchProtect, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll, Quarantined, [d8651069bad1ec4a2f79ad7d0ef38d73],
PUP.Optional.SearchProtect, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll, Quarantined, [28150475c4c790a6ddcb1b0f23de9769],
PUP.Optional.SupTab, C:\Program Files (x86)\XTab\SupTab.dll, Quarantined, [8bb24e2b5635ed493f0cfd2d7c866c94],
PUP.Optional.SecureWeb, C:\Program Files (x86)\Jelbrus Secure Web\jsie.dll, Quarantined, [de5fbfba5239fa3c592644e513efda26],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\Service Start.exe, Quarantined, [0835d2a7325953e3c9a5f732e0212ed2],
PUP.Optional.BrowserWatch, C:\Program Files (x86)\XTab\BrowerWatchCH.dll, Quarantined, [310c3445404ba78fc8c337e58d739b65],
PUP.Optional.BrowserWatch, C:\Program Files (x86)\XTab\BrowerWatchFF.dll, Quarantined, [ac91a6d3aae1cb6bf29937e5ec1436ca],
PUP.Optional.SearchProtect, C:\Program Files (x86)\XTab\BrowserAction.dll, Quarantined, [8cb1245591fa5fd7cb5123c9fe0222de],
PUP.Optional.Elex, C:\Program Files (x86)\XTab\HPNotify.exe, Quarantined, [0b327405aae1de58d31a55cd50b18a76],
PUP.Optional.SearchProtect, C:\Program Files (x86)\XTab\IeWatchDog.dll, Quarantined, [122bd1a8e1aaae889cce7b8a8d7714ec],
PUP.Optional.Spigot, C:\Program Files (x86)\IObit Toolbar\WidgiHelper.exe, Quarantined, [a69769109eed9e984fd5f43752af3bc5],
PUP.Optional.Jelbrus, C:\Program Files (x86)\Jelbrus Secure Web\jswff.exe, Quarantined, [211c8eeb15769f97e764164b0cf80ef2],
PUP.Optional.Conduit, C:\Windows\SysWOW64\uniiprct.exe, Quarantined, [de5ff584dead8bab4c7f962f30d0da26],
PUP.Optional.InstallCore, C:\Users\leepylee\Downloads\PDFCreatorSetup.exe, Quarantined, [67d6d4a5494292a4a0d3a9c417ea619f],
PUP.Optional.SearchProtect, C:\Windows\AppPatch\AppPatch64\VCLdr64.dll, Quarantined, [84b982f70d7efc3a4a5e60ca6f92d729],
PUP.Optional.SearchProtect, C:\Windows\AppPatch\nbin\VC32Loader.dll, Quarantined, [5be24237d2b9fb3b505830fafb06a65a],
PUP.Optional.Spigot, C:\Windows\Installer\21fcb.msi, Quarantined, [46f7bdbc573445f10027fc2fcc355fa1],
PUP.Optional.SearchProtect, C:\Windows\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb, Quarantined, [e25b82f7d1ba4ee86601a09ffd06629e],
PUP.Optional.DealPly, C:\Windows\System32\Tasks\DealPly, Quarantined, [7ac31168e1aaf541bfc996c86d960df3],
PUP.Optional.DealPly, C:\Windows\System32\Tasks\DealPlyUpdate, Quarantined, [2f0ec0b998f331050b7d7ee0e61dea16],
PUP.Optional.DealPly, C:\Windows\Tasks\Dealply.job, Quarantined, [d766f9802c5f6fc77217fb63d42f2fd1],
PUP.Optional.GetPrivate, C:\Windows\System32\Tasks\GPUpdateCheck, Quarantined, [0439abce1d6e49edcc9770f616ed817f],
PUP.Optional.MyPCBackup, C:\Users\leepylee\Desktop\MyPC Backup.lnk, Quarantined, [b4891f5aa8e346f011bd1f567b888b75],
PUP.Optional.MyPCBackup, C:\Users\leepylee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup\MyPC Backup.lnk, Quarantined, [5de083f639526cca923f8aeb50b37e82],
PUP.Optional.MyPCBackup, C:\Users\leepylee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup\Uninstall.lnk, Quarantined, [5de083f639526cca923f8aeb50b37e82],
PUP.Optional.MyPCBackup, C:\Users\leepylee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk, Quarantined, [ac911e5b8ffcef479240fb7afe057090],
PUP.Optional.Proxy, C:\Users\leepylee\AppData\Local\proxy.log, Quarantined, [c37a20598b00ba7c8c11f38955ae40c0],
PUP.Optional.SearchProtect, C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, Quarantined, [ef4e31480883181ed24b6c151ae957a9],
PUP.Optional.SecureWeb, C:\Windows\System32\Tasks\Jelbrus Secure Web Task, Quarantined, [85b8fb7ed7b462d44c72b6cb0003867a],
PUP.Optional.SpeedTray, C:\Users\leepylee\AppData\Roaming\SpeedTray\speedtray.exe, Quarantined, [e05d4831434841f59553265f946f649c],
PUP.Optional.XTab, C:\Program Files (x86)\XTab\uninstall.exe, Quarantined, [c875b3c68cff0f273cffa6eb4bb8ec14],
PUP.Optional.XTab, C:\Program Files (x86)\XTab\conf, Quarantined, [c875b3c68cff0f273cffa6eb4bb8ec14],
PUP.Optional.XTab, C:\Program Files (x86)\XTab\install.data, Quarantined, [c875b3c68cff0f273cffa6eb4bb8ec14],
PUP.Optional.XTab, C:\Program Files (x86)\XTab\msvcp110.dll, Delete-on-Reboot, [c875b3c68cff0f273cffa6eb4bb8ec14],
PUP.Optional.XTab, C:\Program Files (x86)\XTab\msvcr110.dll, Delete-on-Reboot, [c875b3c68cff0f273cffa6eb4bb8ec14],
PUP.Optional.XTab, C:\Program Files (x86)\XTab\web\img\logo32.ico, Quarantined, [c875b3c68cff0f273cffa6eb4bb8ec14],
PUP.Optional.XTab, C:\Program Files (x86)\XTab\web\js\common.js, Quarantined, [c875b3c68cff0f273cffa6eb4bb8ec14],
PUP.Optional.XTab, C:\Program Files (x86)\XTab\web\js\ga.js, Quarantined, [c875b3c68cff0f273cffa6eb4bb8ec14],
PUP.Optional.XTab, C:\Program Files (x86)\XTab\web\js\jquery-1.11.0.min.js, Quarantined, [c875b3c68cff0f273cffa6eb4bb8ec14],
PUP.Optional.XTab, C:\Program Files (x86)\XTab\web\js\jquery.autocomplete.js, Quarantined, [c875b3c68cff0f273cffa6eb4bb8ec14],
PUP.Optional.XTab, C:\Program Files (x86)\XTab\web\js\js.js, Quarantined, [c875b3c68cff0f273cffa6eb4bb8ec14],
PUP.Optional.XTab, C:\Program Files (x86)\XTab\web\js\library.js, Quarantined, [c875b3c68cff0f273cffa6eb4bb8ec14],
PUP.Optional.XTab, C:\Program Files (x86)\XTab\web\js\xagainit-ie8.js, Quarantined, [c875b3c68cff0f273cffa6eb4bb8ec14],
PUP.Optional.XTab, C:\Program Files (x86)\XTab\web\js\xagainit2.0.js, Quarantined, [c875b3c68cff0f273cffa6eb4bb8ec14],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe, Delete-on-Reboot, [2b12adcc63281b1bdfd5d8a2738f728e],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe, Delete-on-Reboot, [0c31f38655366ec88f26c9b109f9b64a],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\BackupStack.exe, Delete-on-Reboot, [1c210178cbc043f367704e279f64cf31],
PUP.Optional.PrxySvrRST, C:\Program Files (x86)\Jelbrus Secure Web\jswchromium.exe, Quarantined, [a19c483193f8ac8a9db0f45472903dc3],
PUP.Optional.PrxySvrRST, C:\Program Files (x86)\Jelbrus Secure Web\jswchromium64.exe, Quarantined, [a19c483193f8ac8a9db0f45472903dc3],
PUP.Optional.PrxySvrRST, C:\Program Files (x86)\Jelbrus Secure Web\jsweb.dll, Quarantined, [a19c483193f8ac8a9db0f45472903dc3],
PUP.Optional.PrxySvrRST, C:\Program Files (x86)\Jelbrus Secure Web\jsweb64.dll, Quarantined, [a19c483193f8ac8a9db0f45472903dc3],
PUP.Optional.PrxySvrRST, C:\Program Files (x86)\Jelbrus Secure Web\jswtask.exe, Quarantined, [a19c483193f8ac8a9db0f45472903dc3],
PUP.Optional.PrxySvrRST, C:\Program Files (x86)\Jelbrus Secure Web\mgwz.dll, Quarantined, [a19c483193f8ac8a9db0f45472903dc3],
PUP.Optional.PrxySvrRST, C:\Program Files (x86)\Jelbrus Secure Web\privoxy.exe, Quarantined, [a19c483193f8ac8a9db0f45472903dc3],
PUP.Optional.APNToolBar.Gen, C:\Users\leepylee\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe, Quarantined, [7cc1e8911b706dc9233d8abeac56936d],
PUP.Optional.APNToolBar.Gen, C:\Users\leepylee\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr_x64.exe, Quarantined, [7cc1e8911b706dc9233d8abeac56936d],
PUP.Optional.APNToolBar.Gen, C:\Users\leepylee\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrv.dll, Quarantined, [7cc1e8911b706dc9233d8abeac56936d],
PUP.Optional.APNToolBar.Gen, C:\Users\leepylee\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrvStub.dll, Quarantined, [7cc1e8911b706dc9233d8abeac56936d],
PUP.Optional.APNToolBar.Gen, C:\Users\leepylee\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrvStub_x64.dll, Quarantined, [7cc1e8911b706dc9233d8abeac56936d],
PUP.Optional.APNToolBar.Gen, C:\Users\leepylee\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrv_x64.dll, Quarantined, [7cc1e8911b706dc9233d8abeac56936d],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\ChromeUtils\APNNativeMsgHost.exe, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\APNSetup.exe, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\UpdateManager.exe, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\1031.mst, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\1033.mst, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\1034.mst, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\1036.mst, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\1040.mst, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\1041.mst, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\1043.mst, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\1045.mst, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\1049.mst, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\2070.mst, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\AskToolbarInstaller-12.18.0_ORJ-SPE.msi, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\ChromeUtils\APNNativeMsgHost.exe, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\apnmcp.exe, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\searchhook.dll, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\ServiceLocator.exe, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\SO.dll, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\toolbar.dll, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\Toolbar.exe, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\ToolbarPS.dll, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\toolbar_x64.dll, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\UpdateManager.exe, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr_x64.exe, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrv.dll, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrvStub.dll, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrvStub_x64.dll, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrv_x64.dll, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID}\Passport.dll, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID}\Passport_x64.dll, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\VNT\vntldr.exe, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\VNT\vntsrv.dll, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr_x64.exe, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrv.dll, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrvStub.dll, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrvStub_x64.dll, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrv_x64.dll, Quarantined, [b18cfb7e3a5110260b5689bf6a9811ef],
PUP.Optional.IEPluginServices, C:\ProgramData\IePluginServices\update\PluginUpdate.exe, Quarantined, [2d108fea84077abc46103e2049b97e82],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\AlphaFS.dll, Delete-on-Reboot, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\AlphaVSS.51.x86.dll, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\AlphaVSS.52.x64.dll, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\AlphaVSS.52.x86.dll, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\AlphaVSS.60.x64.dll, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\AlphaVSS.60.x86.dll, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\AlphaVSS.Common.dll, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\BackupStackUI.dll, Delete-on-Reboot, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\Configuration Updater.exe, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\GetText.dll, Delete-on-Reboot, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\InstMgr.dll, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\Ionic.Zip.dll, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\LogicNP.EZShellExtensions.dll, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\Microsoft.Win32.TaskScheduler.dll, Delete-on-Reboot, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\MPCBClient.dll, Delete-on-Reboot, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\MPCBContextMenu.dll, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\mypcbackup.ico, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\NativeHashWrapper.dll, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\Newtonsoft.Json.dll, Delete-on-Reboot, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\ObjectListView.dll, Delete-on-Reboot, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\PipeDiff.dll, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\RegisterExtensionDotNet20_x64.exe, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\RegisterExtensionDotNet20_x86.exe, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\RegisterExtensionDotNet40_x64.exe, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\RegisterExtensionDotNet40_x86.exe, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\Shared Stack.dll, Delete-on-Reboot, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\SignupWizard.dll, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\syncicon.ico, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\System.Data.SQLite.DLL, Delete-on-Reboot, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\uninst.exe, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\UnRegisterExtensions.exe, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\Updater.exe, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\Updater_.dll, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\websocket-sharp.dll, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\BplusDotNet.dll, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\Config\api.ts2, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\Database\mpcb_file_cache.db, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\Database\mpcb_settings.db, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\Database\mpcb_version_queue.db, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\log\APPLICATION.log, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\log\AUTH.log, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\log\BACKOFF.log, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\log\CLIENT.log, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\log\GRID_RECOVERY.log, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\log\NETWORK_SHARES.log, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\log\REMOTING.log, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\log\SCHEDULE.log, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\log\SERVICE.log, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\log\UPDATER.log, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\log\UTC_MIGRATION.log, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\log\WAIT_HANDLES.log, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\x64\SQLite.Interop.dll, Delete-on-Reboot, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\x86\SQLite.Interop.dll, Quarantined, [d568ccadf9928ea896d2f173d0326a96],
PUP.Optional.PriceGong, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong\PriceGong Contact Us.lnk, Quarantined, [81bc96e30e7deb4b14c8f96dfd05eb15],
PUP.Optional.PriceGong, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong\PriceGong Help.lnk, Quarantined, [81bc96e30e7deb4b14c8f96dfd05eb15],
PUP.Optional.PriceGong, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong\PriceGong Homepage.lnk, Quarantined, [81bc96e30e7deb4b14c8f96dfd05eb15],
PUP.Optional.SearchProtect, C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe, Quarantined, [f14cabcea2e92412dd16ef7aa75b0000],
PUP.Optional.SearchProtect, C:\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll, Quarantined, [f14cabcea2e92412dd16ef7aa75b0000],
PUP.Optional.SearchProtect, C:\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe, Quarantined, [f14cabcea2e92412dd16ef7aa75b0000],
PUP.Optional.SearchProtect, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe, Quarantined, [8db086f3642747ef30c44425fc0629d7],
PUP.Optional.SearchProtect, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\RN32.dll, Quarantined, [8db086f3642747ef30c44425fc0629d7],
PUP.Optional.SearchProtect, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPtool64.exe, Quarantined, [8db086f3642747ef30c44425fc0629d7],
PUP.Optional.SearchProtect, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32.dll, Quarantined, [8db086f3642747ef30c44425fc0629d7],
PUP.Optional.SearchProtect, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64.dll, Quarantined, [8db086f3642747ef30c44425fc0629d7],
PUP.Optional.SearchProtect, C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe, Quarantined, [64d976039cef7db96d8874f56f93728e],
PUP.Optional.SearchProtect, C:\Windows\SysWOW64\config\systemprofile\AppData\Local\SearchProtect\SearchProtect\rep\UserRepository.dat, Quarantined, [f548afcaa6e502348e682d3cf50d12ee],
PUP.Optional.Spigot, C:\Program Files (x86)\Common Files\Spigot\Search Settings\config.ini, Quarantined, [ca731663ccbf3afc1bab77f5b34f60a0],
PUP.Optional.Spigot, C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe, Quarantined, [ca731663ccbf3afc1bab77f5b34f60a0],
PUP.Optional.Spigot, C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings64.exe, Quarantined, [ca731663ccbf3afc1bab77f5b34f60a0],
PUP.Optional.Spigot, C:\Program Files (x86)\Common Files\Spigot\Search Settings\wth175.dll, Quarantined, [ca731663ccbf3afc1bab77f5b34f60a0],
PUP.Optional.Spigot, C:\Program Files (x86)\Common Files\Spigot\Search Settings\wthx175.dll, Quarantined, [ca731663ccbf3afc1bab77f5b34f60a0],
PUP.Optional.Spigot, C:\Program Files (x86)\Common Files\Spigot\Search Settings\Lang\res1031.ini, Quarantined, [ca731663ccbf3afc1bab77f5b34f60a0],
PUP.Optional.Spigot, C:\Program Files (x86)\Common Files\Spigot\Search Settings\Lang\res1033.ini, Quarantined, [ca731663ccbf3afc1bab77f5b34f60a0],
PUP.Optional.Spigot, C:\Program Files (x86)\Common Files\Spigot\Search Settings\Lang\res1034.ini, Quarantined, [ca731663ccbf3afc1bab77f5b34f60a0],
PUP.Optional.Spigot, C:\Program Files (x86)\Common Files\Spigot\Search Settings\Lang\res1036.ini, Quarantined, [ca731663ccbf3afc1bab77f5b34f60a0],
PUP.Optional.Spigot, C:\Program Files (x86)\Common Files\Spigot\Search Settings\Lang\res1040.ini, Quarantined, [ca731663ccbf3afc1bab77f5b34f60a0],
PUP.Optional.ASK, C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\del_DM_LL_nseA529.dll, Quarantined, [201d8eebf19a280e03c6680a0df529d7],
PUP.Optional.ASK, C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\del_DM_LL_nsu284D.dll, Quarantined, [201d8eebf19a280e03c6680a0df529d7],
PUP.Optional.ASK, C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\BrowserTabSearch\BrowserTabSearchUninstall.exe, Quarantined, [201d8eebf19a280e03c6680a0df529d7],
PUP.Optional.ASK, C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\BrowserTabSearch\msb.dll, Quarantined, [201d8eebf19a280e03c6680a0df529d7],
PUP.Optional.ASK, C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\BrowserTabSearch\msb64.dll, Quarantined, [201d8eebf19a280e03c6680a0df529d7],
PUP.Optional.ASK, C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\BrowserTabSearch\msbloader.exe, Quarantined, [201d8eebf19a280e03c6680a0df529d7],
PUP.Optional.ASK, C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\BrowserTabSearch\msbloader64.exe, Quarantined, [201d8eebf19a280e03c6680a0df529d7],
PUP.Optional.ASK, C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\x64\del_DM_LL_nseA529.dll, Quarantined, [201d8eebf19a280e03c6680a0df529d7],
PUP.Optional.ASK, C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\x64\del_DM_LL_nsu284D.dll, Quarantined, [201d8eebf19a280e03c6680a0df529d7],
PUP.Optional.Gomita, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\2fd07214b658fa9c5cd227b7780090f9\install.rdf, Quarantined, [c9741663147762d4f86a0264c93b6c94],
PUP.Optional.Gomita, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\2fd07214b658fa9c5cd227b7780090f9\chrome.manifest, Quarantined, [c9741663147762d4f86a0264c93b6c94],
PUP.Optional.Gomita, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\2fd07214b658fa9c5cd227b7780090f9\content\main.js, Quarantined, [c9741663147762d4f86a0264c93b6c94],
PUP.Optional.Gomita, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\2fd07214b658fa9c5cd227b7780090f9\content\overlay.xul, Quarantined, [c9741663147762d4f86a0264c93b6c94],
PUP.Optional.Gomita, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\fea041e28324c566e12e1ac949109ff9\install.rdf, Quarantined, [08351f5abecd6bcbafb377ef72929c64],
PUP.Optional.Gomita, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\fea041e28324c566e12e1ac949109ff9\chrome.manifest, Quarantined, [08351f5abecd6bcbafb377ef72929c64],
PUP.Optional.Gomita, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\fea041e28324c566e12e1ac949109ff9\content\load.js, Quarantined, [08351f5abecd6bcbafb377ef72929c64],
PUP.Optional.Gomita, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\fea041e28324c566e12e1ac949109ff9\content\overlay.xul, Quarantined, [08351f5abecd6bcbafb377ef72929c64],

Physical Sectors: 0
(No malicious items detected)

(end)

 

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

MiniToolBox by Farbar  Version: 02-11-2015
Ran by leepylee (administrator) on 02-11-2015 at 21:16:48
Running from "C:\Users\leepylee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YALWF84L"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: Satellite C650D Manufacturer: TOSHIBA
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
0.0.0.0         .psf
0.0.0.0         psf
========================= IP Configuration: ================================

Atheros AR9285 Wireless Network Adapter = Wireless Network Connection (Connected)
Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled

popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : leepyleeslaptop
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : Home

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : Home
   Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
   Physical Address. . . . . . . . . : 00-16-44-66-4F-45
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : fda6:1762:6681:0:e50b:c915:6b88:2050(Preferred)
   Temporary IPv6 Address. . . . . . : fda6:1762:6681:0:4531:467e:c50a:eabc(Preferred)
   Link-local IPv6 Address . . . . . : fe80::e50b:c915:6b88:2050%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.12(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 02 November 2015 19:04:00
   Lease Expires . . . . . . . . . . : 03 November 2015 19:19:38
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 234886724
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-AC-3F-FA-00-26-6C-57-32-61
   DNS Servers . . . . . . . . . . . : fda6:1762:6681:0:c23e:fff:fea7:c2d4
                                       192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : borderscollege.ac.uk
   Description . . . . . . . . . . . : Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.20)
   Physical Address. . . . . . . . . : 00-26-6C-57-32-61
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.Home:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  fda6:1762:6681:0:c23e:fff:fea7:c2d4

Name:    google.com
Addresses:  2a00:1450:4009:801::200e
   216.58.209.238

Pinging google.com [216.58.209.238] with 32 bytes of data:
Reply from 216.58.209.238: bytes=32 time=19ms TTL=58
Reply from 216.58.209.238: bytes=32 time=18ms TTL=58

Ping statistics for 216.58.209.238:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 18ms, Maximum = 19ms, Average = 18ms
Server:  UnKnown
Address:  fda6:1762:6681:0:c23e:fff:fea7:c2d4

Name:    yahoo.com
Addresses:  2001:4998:58:c02::a9
   2001:4998:c:a06::2:4008
   2001:4998:44:204::a7
   98.138.253.109
   98.139.183.24
   206.190.36.45

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=105ms TTL=50
Reply from 98.139.183.24: bytes=32 time=105ms TTL=50

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 105ms, Maximum = 105ms, Average = 105ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 11...00 16 44 66 4f 45 ......Atheros AR9285 Wireless Network Adapter
 10...00 26 6c 57 32 61 ......Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.20)
  1...........................Software Loopback Interface 1
 17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1     192.168.0.12     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link      192.168.0.12    281
     192.168.0.12  255.255.255.255         On-link      192.168.0.12    281
    192.168.0.255  255.255.255.255         On-link      192.168.0.12    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.0.12    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.0.12    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 11     33 fda6:1762:6681::/64      On-link
 11    281 fda6:1762:6681:0:4531:467e:c50a:eabc/128
                                    On-link
 11    281 fda6:1762:6681:0:e50b:c915:6b88:2050/128
                                    On-link
 11    281 fe80::/64                On-link
 11    281 fe80::e50b:c915:6b88:2050/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/02/2015 07:01:52 PM) (Source: Application Error) (User: )
Description: Faulting application name: speedtray.exe, version: 0.0.0.0, time stamp: 0x548a3236
Faulting module name: ntdll.dll, version: 6.1.7601.18798, time stamp: 0x5507b3e0
Exception code: 0xc0000005
Fault offset: 0x0002fb6c
Faulting process id: 0x924
Faulting application start time: 0xspeedtray.exe0
Faulting application path: speedtray.exe1
Faulting module path: speedtray.exe2
Report Id: speedtray.exe3

Error: (11/02/2015 06:33:07 PM) (Source: System Restore) (User: )
Description: An unspecified error occurred during System Restore: (BRL ). Additional information: 0xc0000022.

Error: (11/02/2015 04:41:57 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8337645

Error: (11/02/2015 04:41:57 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8337645

Error: (11/02/2015 04:41:57 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/02/2015 04:41:56 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8336631

Error: (11/02/2015 04:41:56 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8336631

Error: (11/02/2015 04:41:56 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/02/2015 04:41:54 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8335523

Error: (11/02/2015 04:41:54 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8335523

System errors:
=============
Error: (11/02/2015 07:45:42 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800b0100: Security Update for Windows 7 for x64-based Systems (KB3033929).

Error: (11/02/2015 06:55:03 PM) (Source: Service Control Manager) (User: )
Description: The Privoxy (PrivoxyService) service terminated with service-specific error %%1067.

Error: (11/02/2015 06:44:26 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the RapportMgmtService service.

Error: (11/02/2015 06:35:03 PM) (Source: Service Control Manager) (User: )
Description: The Computer Backup (MyPC Backup) service terminated unexpectedly.  It has done this 1 time(s).

Error: (11/02/2015 06:30:23 PM) (Source: Service Control Manager) (User: )
Description: The Privoxy (PrivoxyService) service terminated with service-specific error %%1067.

Error: (11/02/2015 06:04:41 PM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
%%1056

Error: (11/02/2015 06:04:16 PM) (Source: Service Control Manager) (User: )
Description: The ConfigFree Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (11/02/2015 06:04:16 PM) (Source: Service Control Manager) (User: )
Description: The ConfigFree WiMAX Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (11/02/2015 06:04:16 PM) (Source: Service Control Manager) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (11/02/2015 06:04:15 PM) (Source: Service Control Manager) (User: )
Description: The Windows Modules Installer service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

Microsoft Office Sessions:
=========================
Error: (07/18/2014 02:53:36 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 136 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (12/18/2011 06:44:12 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (03/23/2011 06:44:44 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 11 seconds with 0 seconds of active time.  This session ended with a crash.

CodeIntegrity Errors:
===================================
  Date: 2010-10-21 20:32:05.546
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Trusteer\Rapport\store\exts\RapportMS\19514\RapportIaso.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2010-10-21 20:32:05.530
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Trusteer\Rapport\store\exts\RapportMS\19514\RapportIaso.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

=========================== Installed Programs ============================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34944 - BitTorrent Inc.)
ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.4.402.287 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.8.612 - Adobe Systems, Inc.)
Advertising Center (HKLM-x32\...\{B2EC4A38-B545-4A00-8214-13FE0E915E6D}) (Version: 0.0.0.2 - Nero AG) Hidden
Amazon.co.uk (HKLM-x32\...\{A74F16FA-1D5B-405B-8D8D-1BC6F9DAED8B}) (Version:  - Amazon EU S.a.r.L.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.27 - Atheros Communications Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 5.2 - Atheros)
Automotive Technician Training version 2013i (HKLM-x32\...\{381FA75B-A73E-4322-AD7C-8D752D91E299}_is1) (Version: 2013i - ATT Training Ltd/LLC)
Bejeweled 2 Deluxe (HKLM-x32\...\WT083929) (Version: 2.2.0.82 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
ccc-core-static (HKLM-x32\...\{219B4856-468A-F0BB-8249-E630AD4E86C2}) (Version: 2010.0315.1050.17562 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.18 - Piriform)
Chuzzle Deluxe (HKLM-x32\...\WT083877) (Version: 2.2.0.82 - WildTangent) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.111.0.64 - Conexant)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (HKLM-x32\...\WT083916) (Version: 2.2.0.82 - WildTangent) Hidden
Eakona Updater (HKLM-x32\...\Eakona) (Version: 1.3 - Eakona Corp)
eBay (HKLM-x32\...\{FDE58148-57E7-43BF-879A-29CCE818C078}) (Version: 1.1.9 - eBay Inc.)
Epson Easy Photo Print 2 (HKLM-x32\...\{87C2248A-C7DD-49ED-9BCD-B312A9D0819E}) (Version: 2.1.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.01 - SEIKO EPSON Corporation)
Epson Printer Software Downloader (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF4434001}) (Version: 2.0.0 - SEIKO EPSON CORPORATION) Hidden
Epson Printer Software Downloader (HKLM-x32\...\Epson Printer Software Downloader) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
Epson Stylus SX210_SX410_TX210_TX410 Manual (HKLM-x32\...\Epson Stylus SX210_SX410_TX210_TX410 User’s Guide) (Version:  - )
EPSON SX210 Series Printer Uninstall (HKLM\...\EPSON SX210 Series) (Version:  - SEIKO EPSON Corporation)
FATE (HKLM-x32\...\WT083945) (Version: 2.2.0.82 - WildTangent) Hidden
Google Chrome (HKCU\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
HP ENVY 4500 series Basic Device Software (HKLM\...\{6915424E-704F-4F5D-9057-9C7B406B36DB}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP ENVY 4500 series Help (HKLM-x32\...\{95BECC50-22B4-4FCA-8A2E-BF77713E6D3A}) (Version: 30.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
iCloud (HKLM\...\{2AAF09D5-4B3F-4975-B6A9-ECE2631FC942}) (Version: 4.0.5.20 - Apple Inc.)
ImagXpress (HKLM-x32\...\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}) (Version: 7.0.74.0 - Nero AG) Hidden
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Jewel Quest II (HKLM-x32\...\WT083910) (Version: 2.2.0.82 - WildTangent) Hidden
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{50816F92-1652-4A7C-B9BC-48F682742C4B}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}) (Version: 3.1.8.0 - Apple Inc.)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Essentials (HKLM-x32\...\{7f46069a-ca3a-4ea8-9396-42502dcba590}) (Version:  - Nero AG)
Nero BackItUp (HKLM-x32\...\{0420F95C-11FF-4E02-B967-6CC22B188F9F}) (Version: 5.2.21001 - Nero AG)
Nero BackItUp and Burn (HKLM-x32\...\{E08CC458-41FB-4BB5-9B08-2C83DB55A5B9}) (Version: 1.2.0030 - Nero AG)
Nero BurnRights (HKLM-x32\...\{397516AE-7DFE-4F90-84E0-BD616D559434}) (Version: 3.6.26001 - Nero AG)
Nero Express (HKLM-x32\...\{6C3CF7AC-5AB0-42D9-93C0-68166A57AFB6}) (Version: 9.6.16000 - Nero AG)
Nero RescueAgent (HKLM-x32\...\{51E2F9B3-A972-4F58-B4EF-4D9676D9F5D1}) (Version: 2.6.25002 - Nero AG)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Penguins! (HKLM-x32\...\WT083958) (Version: 2.2.0.82 - WildTangent) Hidden
Photo Service - powered by myphotobook (HKLM-x32\...\eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1) (Version: 1.0.7-279 - myphotobook GmbH)
Plants vs. Zombies (HKLM-x32\...\WT083925) (Version: 2.2.0.82 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Polar Bowler (HKLM-x32\...\WT083959) (Version: 2.2.0.82 - WildTangent) Hidden
PriceGong 2.6.4 (HKLM-x32\...\PriceGong) (Version: 2.6.4 - PriceGong)
Product Improvement Study for HP ENVY 4500 series (HKLM\...\{58139103-BACF-4BDC-B71C-955F9164ADA6}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Rapport (HKLM\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1205.15 - Trusteer) Hidden
Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1412.176 - Trusteer) Hidden
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30111 - Realtek Semiconductor Corp.)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Skype Toolbars (HKLM-x32\...\{981029E0-7FC9-4CF3-AB39-6F133621921A}) (Version: 1.0.4051 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.8.1 - Synaptics Incorporated)
Theme Hospital (HKLM-x32\...\Theme Hospital_is1) (Version:  - GOG.com)
Toshiba Assist (HKLM-x32\...\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}) (Version: 3.00.11 - TOSHIBA CORPORATION)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}) (Version: 1.6.07.64 - TOSHIBA Corporation)
TOSHIBA ConfigFree (HKLM-x32\...\{607BE7BF-7C28-4ADB-A4A0-385962B901C3}) (Version: 8.0.28 - TOSHIBA Corporation)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 for x64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\{8E9CEA3B-EBD1-439C-A01D-830CB39613C6}) (Version: 2.00.06 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation)
Toshiba Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.01 - TOSHIBA)
TOSHIBA Media Controller (HKLM-x32\...\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}) (Version: 1.0.80.3.64 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.4.9 - TOSHIBA CORPORATION)
TOSHIBA Online Product Information (HKLM-x32\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 2.09.0001 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 x64 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator Reminder (HKLM-x32\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0019 - TOSHIBA)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}) (Version: 1.6.06.64 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.40 - TOSHIBA)
TOSHIBA Supervisor Password (HKLM-x32\...\{073B89C3-BA88-41B5-965F-B35A88EAE838}) (Version: 2.00.03 - TOSHIBA Corporation)
Toshiba TEMPRO (HKLM-x32\...\{2B000B80-A3FA-4B92-A5FF-D9AD402B6701}) (Version: 3.30 - Toshiba Europe GmbH)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.3.64 - TOSHIBA Corporation)
TRORMCLauncher (HKLM\...\{E65C7D8E-186D-484B-BEA8-DEF0331CE600}) (Version: 1.0.0.9 - TOSHIBA) Hidden
TRORMCLauncher (HKLM-x32\...\InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}) (Version:  - )
Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1412.176 - Trusteer)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for DealPly (HKCU\...\DealPly) (Version:  - Update for DealPly)
WestwoodChat (HKLM-x32\...\{7CAE6A67-AF7B-4A6A-8705-8AFACA45BB60}) (Version: 1.0.0.0 - WestwoodChat)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
WildTangent Games (HKLM-x32\...\WildTangent toshiba Master Uninstall) (Version: 1.0.0.80 - WildTangent)
WildTangent ORB Game Console (HKLM-x32\...\TOSHIBA Game Console) (Version:  - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Zuma Deluxe (HKLM-x32\...\WT083890) (Version: 2.2.0.82 - WildTangent) Hidden

========================= Devices: ================================

========================= Memory info: ===================================

Percentage of memory in use: 60%
Total physical RAM: 2810.9 MB
Available physical RAM: 1123.73 MB
Total Virtual: 5619.99 MB
Available Virtual: 3171.73 MB

========================= Partitions: =====================================

1 Drive c: (WINDOWS) (Fixed) (Total:148.89 GB) (Free:56.71 GB) NTFS
2 Drive d: (Data) (Fixed) (Total:148.81 GB) (Free:141.33 GB) NTFS
3 Drive e: (PTDVD8002) (CDROM) (Total:5.73 GB) (Free:0 GB) UDF

========================= Users: ========================================

User accounts for \\LEEPYLEESLAPTOP

Administrator            Guest                    leepylee                

**** End of log ****



#4 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,630 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:05 AM

Posted 02 November 2015 - 05:27 PM

Wow that's a lot of detections. Let's start by getting rid of a few programs. Uninstall the following please:
  • Eakona Updater;
  • Java 7 Update 60 - Oudated and vulnerable;
  • PriceGong 2.6.4;
  • Safari - The Windows version was discontinued years ago;
  • Update for DealPly;
Let me know once it's done :)

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#5 ~ JJ ~

~ JJ ~
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:UK
  • Local time:12:05 PM

Posted 02 November 2015 - 06:19 PM

uninstalled everything suggested but cant find pricegong  



#6 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,630 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:05 AM

Posted 02 November 2015 - 07:06 PM

All good :) Alright, follow the instructions below please.

zcMPezJ.pngAdwCleaner - Scan Mode
  • Download AdwCleaner and move it to your Desktop;
  • Right-click on AdwCleaner.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Accept the EULA (I accept), let the database update, then click on Scan;
  • Let the scan complete. Once it's done, click on the Logfile button to open the scan log;
    I9NO2Hi.png
  • Please copy/paste the content of the log that will open in your next reply;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#7 ~ JJ ~

~ JJ ~
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:UK
  • Local time:12:05 PM

Posted 03 November 2015 - 06:46 AM

Thank you, here are the scan results:

 

# AdwCleaner v5.016 - Logfile created 02/11/2015 at 17:34:01
# Updated 01/11/2015 by Xplode
# Database : 2015-11-01.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : leepylee - LEEPYLEESLAPTOP
# Running from : C:\Users\leepylee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YBHR3TI7\AdwCleaner.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****

Service Found : APNMCP
Service Found : Application Updater
Service Found : BackupStack
Service Found : IHProtect Service
Service Found : PrivoxyService
Service Found : SPPD

***** [ Folders ] *****

Folder Found : C:\Program Files (x86)\Application Updater
Folder Found : C:\Program Files (x86)\AskPartnerNetwork
Folder Found : C:\Program Files (x86)\Browser Tab Search by Ask
Folder Found : C:\Program Files (x86)\GetPrivate
Folder Found : C:\Program Files (x86)\IObit Toolbar
Folder Found : C:\Program Files (x86)\MyPC Backup
Folder Found : C:\Program Files (x86)\SearchProtect
Folder Found : C:\Program Files (x86)\XTab
Folder Found : C:\Program Files (x86)\Jelbrus Secure Web
Folder Found : C:\Program Files (x86)\Common Files\Spigot
Folder Found : C:\ProgramData\apn
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\AskPartnerNetwork
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\IePluginServices
Folder Found : C:\ProgramData\EnergoTech
Folder Found : C:\ProgramData\IHProtectUpDate
Folder Found : C:\ProgramData\Eakona
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong
Folder Found : C:\Users\leepylee\AppData\Local\apn
Folder Found : C:\Users\leepylee\AppData\Local\AskPartnerNetwork
Folder Found : C:\Users\leepylee\AppData\Local\Babylon
Folder Found : C:\Users\leepylee\AppData\Local\I Want This
Folder Found : C:\Users\leepylee\AppData\Local\SearchProtect
Folder Found : C:\Users\leepylee\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf
Folder Found : C:\Users\leepylee\AppData\Local\Temp\apn
Folder Found : C:\Users\leepylee\AppData\LocalLow\BabylonToolbar
Folder Found : C:\Users\leepylee\AppData\LocalLow\Funmoods
Folder Found : C:\Users\leepylee\AppData\LocalLow\Search Settings
Folder Found : C:\Users\leepylee\AppData\Roaming\Babylon
Folder Found : C:\Users\leepylee\AppData\Roaming\GetPrivate
Folder Found : C:\Users\leepylee\AppData\Roaming\SpeedTray
Folder Found : C:\Users\leepylee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Folder Found : C:\Windows\SysNative\Tasks\DealPly
Folder Found : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\SearchProtect

***** [ Files ] *****

File Found : C:\Users\leepylee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
File Found : C:\Users\leepylee\Desktop\MyPC Backup.lnk
File Found : C:\Users\leepylee\Desktop\Sync Folder.lnk
File Found : C:\Windows\apppatch\apppatch64\vcldr64.dll
File Found : C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
File Found : C:\Windows\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb
File Found : C:\Windows\AppPatch\nbin\VC32Loader.dll

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

Task Found : Dealply
Task Found : DealPlyUpdate
Task Found : GPUpdate
Task Found : Jelbrus Secure Web Task
Task Found : LaunchSignup
Task Found : Eakona Update

***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SpeedTray]
Key Found : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.apn.native_messaging_host_aaaaaiabcopkplhgaedhbloeejhhankf
Value Found : HKCU\Software\Mozilla\Firefox\Extensions [{8A9386B4-E958-4C4C-ADF4-8F26DB3E4829}]
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
Key Found : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf
Key Found : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Found : HKLM\SOFTWARE\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D3C24E2B-C820-4492-9B69-11BF7163F998}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2F137995-4D26-44AD-9C4E-91055090A817}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{69A72A8A-84ED-4A75-8CE7-263DBEF3E5D3}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C1E58A84-95B3-4630-B8C2-D06B77B7A0FC}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C900B400-CDFE-11D3-976A-00E02913A9E0}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{F9765480-72D1-11D4-A75A-004F49045A87}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0CB66BA8-5E1F-4963-93D1-E1D6B78FE9A2}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{FC87A650-207D-4392-A6A1-82ADBC56FA64}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{E99D4D0C-EB54-46AF-B62A-3AA1F31D53E5}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3C24E2B-C820-4492-9B69-11BF7163F998}
Key Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}
Key Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3C24E2B-C820-4492-9B69-11BF7163F998}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2C09954F-CDA8-4BD1-8794-1D543E050378}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D3C24E2B-C820-4492-9B69-11BF7163F998}
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{2C09954F-CDA8-4BD1-8794-1D543E050378}]
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65BCD620-07DD-012F-819F-073CF1B8F7C6}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}
Key Found : HKU\.DEFAULT\Software\AskPartnerNetwork
Key Found : HKU\.DEFAULT\Software\AppDataLow\Software\Search Settings
Key Found : HKCU\Software\AskPartnerNetwork
Key Found : HKCU\Software\BabylonToolbar
Key Found : HKCU\Software\Cr_Installer
Key Found : HKCU\Software\DealPly
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\powerpack
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKCU\Software\SpeedTray
Key Found : HKCU\Software\AppDataLow\Software\BlockAndSurf
Key Found : HKCU\Software\AppDataLow\Software\I Want This
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKLM\SOFTWARE\AdvertisingSupport
Key Found : HKLM\SOFTWARE\Application Updater
Key Found : HKLM\SOFTWARE\AskPartnerNetwork
Key Found : HKLM\SOFTWARE\Babylon
Key Found : HKLM\SOFTWARE\delta-homesSoftware
Key Found : HKLM\SOFTWARE\SearchProtect
Key Found : HKLM\SOFTWARE\SupDp
Key Found : HKLM\SOFTWARE\SupTab
Key Found : HKLM\SOFTWARE\V9Software
Key Found : HKLM\SOFTWARE\Wpm
Key Found : HKLM\SOFTWARE\Browser Warden
Key Found : HKLM\SOFTWARE\IHProtect
Key Found : HKLM\SOFTWARE\SPPDCOM
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PriceGong
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4F524A2D-5350-4500-76A7-A758B70C1200}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Eakona
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Key Found : HKU\.DEFAULT\Software\AppDataLow\Software\Search Settings
Key Found : HKU\S-1-5-21-2144891622-77169984-1251611374-1000\Software\AppDataLow\Software\BlockAndSurf
Key Found : HKU\S-1-5-21-2144891622-77169984-1251611374-1000\Software\AppDataLow\Software\I Want This
Key Found : HKU\S-1-5-21-2144891622-77169984-1251611374-1000\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2144891622-77169984-1251611374-1000\Software\BabylonToolbar
Key Found : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2144891622-77169984-1251611374-1000\Software\Funmoods
Key Found : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2144891622-77169984-1251611374-1000\Software\Wajam
Key Found : HKU\S-1-5-18\Software\AppDataLow\Software\Search Settings
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89EA4F1B8FBCDEF47AE328E455E28AA0
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97ECFF59EE08D4F47BB1464DEC37DA87
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8CB937199A57E748B6AC433DA453EE2
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4E78E12704AFCE408C7FBE501F1AA0A
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F0390A76D28822743A68D7F1AB22E6D0
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0A5AC497E6BBC8D45BE8AD6619DA8217
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Data Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://search.delta-homes.com/web/?type=ds&ts=1430218887&from=ient04280&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS&q={searchTerms}
Data Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.delta-homes.com/?type=hp&ts=1430218887&from=ient04280&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS
Data Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://search.delta-homes.com/web/?type=ds&ts=1430218887&from=ient04280&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS&q={searchTerms}
Data Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://search.v9.com/web/?type=ds&ts=1403811207&from=irs&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS&i=psd&t=344bc974d&q={searchTerms}
Data Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.delta-homes.com/?type=hp&ts=1430218887&from=ient04280&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS
Data Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.delta-homes.com/?type=hp&ts=1430218887&from=ient04280&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS
Data Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://search.v9.com/web/?type=ds&ts=1403811207&from=irs&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS&i=psd&t=344bc974d&q={searchTerms}
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://search.v9.com/web/?type=ds&ts=1403811207&from=irs&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS&i=psd&t=344bc974d&q={searchTerms}
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.delta-homes.com/?type=hp&ts=1430218887&from=ient04280&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.delta-homes.com/?type=hp&ts=1430218887&from=ient04280&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://search.v9.com/web/?type=ds&ts=1403811207&from=irs&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS&i=psd&t=344bc974d&q={searchTerms}
Data Found : HKU\S-1-5-21-2144891622-77169984-1251611374-1000\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://search.delta-homes.com/web/?type=ds&ts=1430218887&from=ient04280&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS&q={searchTerms}
Data Found : HKU\S-1-5-21-2144891622-77169984-1251611374-1000\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.delta-homes.com/?type=hp&ts=1430218887&from=ient04280&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS
Data Found : HKU\S-1-5-21-2144891622-77169984-1251611374-1000\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://search.delta-homes.com/web/?type=ds&ts=1430218887&from=ient04280&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS&q={searchTerms}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{14FD374D-BDFB-48C3-AC19-AB58C4C6138B}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{20B9D1AE-AD1A-38B4-87FE-AF278DA9861D}
Data Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {20B9D1AE-AD1A-38B4-87FE-AF278DA9861D}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}
Key Found : HKU\S-1-5-21-2144891622-77169984-1251611374-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKU\S-1-5-21-2144891622-77169984-1251611374-1000\Software\Microsoft\Internet Explorer\SearchScopes\{14FD374D-BDFB-48C3-AC19-AB58C4C6138B}
Key Found : HKU\S-1-5-21-2144891622-77169984-1251611374-1000\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Key Found : HKU\S-1-5-21-2144891622-77169984-1251611374-1000\Software\Microsoft\Internet Explorer\SearchScopes\{20B9D1AE-AD1A-38B4-87FE-AF278DA9861D}
Data Found : HKU\S-1-5-21-2144891622-77169984-1251611374-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {20B9D1AE-AD1A-38B4-87FE-AF278DA9861D}
Key Found : HKU\S-1-5-21-2144891622-77169984-1251611374-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKU\S-1-5-21-2144891622-77169984-1251611374-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}
Key Found : HKU\S-1-5-21-2144891622-77169984-1251611374-1000\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Data Found : HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.delta-homes.com/?type=sc&ts=1430218887&from=ient04280&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS
Data Found : HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command [] - "C:\Users\leepylee\AppData\Local\Google\Chrome\Application\chrome.exe" hxxp://www.delta-homes.com/?type=sc&ts=1430218887&from=ient04280&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS
Data Found : HKLM\SOFTWARE\Clients\StartMenuInternet\SAFARI.EXE\shell\open\command [] - "C:\Program Files (x86)\Safari\Safari.exe" hxxp://www.delta-homes.com/?type=sc&ts=1430218887&from=ient04280&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS
Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC64LO~1.DLL

***** [ Web browsers ] *****

[C:\Users\leepylee\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : uk.ask.com
[C:\Users\leepylee\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : delta-homes
[C:\Users\leepylee\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Found : hxxp://www.delta-homes.com/?type=hp&ts=1430218887&from=ient04280&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS
[C:\Users\leepylee\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] Found : hxxp://search.delta-homes.com/webfavicon.ico
[C:\Users\leepylee\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Found : hxxp://search.delta-homes.com/web/?type=ds&ts=1430218887&from=ient04280&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS&q={searchTerms}
[C:\Users\leepylee\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : aaaaaiabcopkplhgaedhbloeejhhankf
[C:\Users\leepylee\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : aaaaojmikegpiepcfdkkjaplodkpfmlo
[C:\Users\leepylee\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : booedmolknjekdopkepjjeckmjkdpfgl
[C:\Users\leepylee\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : bopakagnckmlgajfccecajhnimjiiedh
[C:\Users\leepylee\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : flpcjncodpafbgdpnkljologafpionhb
[C:\Users\leepylee\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : gaiilaahiahdejapggenmdmafpmbipje
[C:\Users\leepylee\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : jpmbfleldcgkldadpdinhjjopdfpjfjp
[C:\Users\leepylee\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Found : hxxp://www.delta-homes.com/?type=hp&ts=1430218887&from=ient04280&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [29130 bytes] ##########
# AdwCleaner v5.016 - Logfile created 03/11/2015 at 11:40:36
# Updated 01/11/2015 by Xplode
# Database : 2015-11-01.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : leepylee - LEEPYLEESLAPTOP
# Running from : C:\Users\leepylee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5K5G87J\AdwCleaner.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****

Service Found : APNMCP
Service Found : Application Updater
Service Found : BackupStack
Service Found : IHProtect Service
Service Found : PrivoxyService
Service Found : SPPD

***** [ Folders ] *****

Folder Found : C:\Program Files (x86)\Application Updater
Folder Found : C:\Program Files (x86)\AskPartnerNetwork
Folder Found : C:\Program Files (x86)\GetPrivate
Folder Found : C:\Program Files (x86)\IObit Toolbar
Folder Found : C:\Program Files (x86)\MyPC Backup
Folder Found : C:\Program Files (x86)\SearchProtect
Folder Found : C:\Program Files (x86)\XTab
Folder Found : C:\Program Files (x86)\SFK
Folder Found : C:\ProgramData\apn
Folder Found : C:\ProgramData\MailUpdate
Folder Found : C:\Users\leepylee\AppData\Local\Babylon
Folder Found : C:\Users\leepylee\AppData\Local\Temp\apn
Folder Found : C:\Users\leepylee\AppData\Roaming\GetPrivate
Folder Found : C:\Users\leepylee\AppData\Roaming\MailUpdate
Folder Found : C:\Users\leepylee\AppData\Roaming\TSv

***** [ Files ] *****

File Found : C:\Users\leepylee\Desktop\Sync Folder.lnk

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

Task Found : DealPlyUpdate
Task Found : GPUpdate
Task Found : Jelbrus Secure Web Task
Task Found : LaunchSignup

***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Key Found : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.apn.native_messaging_host_aaaaaiabcopkplhgaedhbloeejhhankf
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{69A72A8A-84ED-4A75-8CE7-263DBEF3E5D3}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C1E58A84-95B3-4630-B8C2-D06B77B7A0FC}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C900B400-CDFE-11D3-976A-00E02913A9E0}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{F9765480-72D1-11D4-A75A-004F49045A87}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0CB66BA8-5E1F-4963-93D1-E1D6B78FE9A2}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{FC87A650-207D-4392-A6A1-82ADBC56FA64}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{E99D4D0C-EB54-46AF-B62A-3AA1F31D53E5}
Key Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}
Key Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{2C09954F-CDA8-4BD1-8794-1D543E050378}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}
Key Found : HKCU\Software\Cr_Installer
Key Found : HKCU\Software\powerpack
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKCU\Software\SpeedTray
Key Found : HKLM\SOFTWARE\Application Updater
Key Found : HKLM\SOFTWARE\Babylon
Key Found : HKLM\SOFTWARE\SupDp
Key Found : HKLM\SOFTWARE\V9Software
Key Found : HKLM\SOFTWARE\Wpm
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PriceGong
Key Found : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2144891622-77169984-1251611374-1000\Software\BabylonToolbar
Key Found : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2144891622-77169984-1251611374-1000\Software\Funmoods
Key Found : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2144891622-77169984-1251611374-1000\Software\Wajam
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89EA4F1B8FBCDEF47AE328E455E28AA0
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97ECFF59EE08D4F47BB1464DEC37DA87
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8CB937199A57E748B6AC433DA453EE2
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4E78E12704AFCE408C7FBE501F1AA0A
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F0390A76D28822743A68D7F1AB22E6D0
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0A5AC497E6BBC8D45BE8AD6619DA8217
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
Data Found : HKLM\SOFTWARE\Clients\StartMenuInternet\SAFARI.EXE\shell\open\command [] - "C:\Program Files (x86)\Safari\Safari.exe" hxxp://www.delta-homes.com/?type=sc&ts=1430218887&from=ient04280&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS

***** [ Web browsers ] *****

[C:\Users\leepylee\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : uk.ask.com
[C:\Users\leepylee\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : delta-homes
[C:\Users\leepylee\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Found : hxxp://www.delta-homes.com/?type=hp&ts=1446489295&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ient07031&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS
[C:\Users\leepylee\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] Found : hxxp://search.delta-homes.com/webfavicon.ico
[C:\Users\leepylee\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Found : hxxp://search.delta-homes.com/web/?type=ds&ts=1446489295&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ient07031&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS&q={searchTerms}
[C:\Users\leepylee\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Found : hxxp://www.delta-homes.com/?type=hp&ts=1446489295&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ient07031&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [43287 bytes] ##########



#8 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,630 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:05 AM

Posted 03 November 2015 - 07:42 AM

Alright, time to clean all this up using JRT and AdwCleaner :) Follow the instructions below please.

lv0mVRW.pngJunkware Removal Tool (JRT)
  • Download Junkware Removal Tool (JRT) and move it to your Desktop;
  • Right-click on JRT.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Press on any key to launch the scan and let it complete;
    tLsXbWy.png
    Credits : BleepingComputer.com
  • Once the scan is complete, a log will open. Please copy/paste the content of the output log in your next reply;
lv0mVRW.pngJunkware Removal Tool (JRT)
  • Download Junkware Removal Tool (JRT) and move it to your Desktop;
  • Right-click on JRT.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Press on any key to launch the scan and let it complete;
    tLsXbWy.png
    Credits : BleepingComputer.com
  • Once the scan is complete, a log will open. Please copy/paste the content of the output log in your next reply;
Your next reply(ies) should therefore contain:
  • Copy/pasted JRT log;
  • Copy/pasted AdwCleaner clean log;

Edited by Aura, 03 November 2015 - 07:42 AM.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#9 ~ JJ ~

~ JJ ~
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:UK
  • Local time:12:05 PM

Posted 03 November 2015 - 08:30 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 7 Home Premium x64
Ran by leepylee on 03/11/2015 at 12:56:14.51
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Tasks

Successfully deleted: [Task] C:\Windows\system32\tasks\LaunchSignup
Successfully deleted: [Task] C:\Windows\system32\tasks\SmartDefrag_Startup

 

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC}

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F}

 

~~~ Files

Successfully deleted: [File] C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Successfully deleted: [File] C:\Users\leepylee\desktop\sync folder.lnk

 

~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{157819D6-548F-487C-B032-4DA9A9233C79}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{1C9A09E8-7E4F-4E88-8DF1-9E6373A3CD9D}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{1D59CB54-5D8F-4F26-A2D2-31005B7007EB}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{1F35C7B7-897E-4783-945F-B9AD9E62D2E0}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{21C8F660-6D45-4D0C-99B3-00E1707A297A}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{25154EF4-19DF-43AC-A27A-EC2C5F0902E8}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{26B10385-0ECC-4CFD-9B61-C7DBE6D3CD62}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{2FD3691B-C2E9-42DA-AC1A-F842FED090B6}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{358EEAE5-4B27-4050-9725-CB07B1B94F6C}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{369A54EA-AC9F-4CDA-8C01-20E56624B2C3}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{370952EC-5BF0-4CA9-B89B-30504744321F}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{3AC2431F-E518-4B55-BF66-CDA1937DE6BC}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{41EAD036-0CC3-405E-B884-D3F6F9E7FC3C}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{41F389FD-1DDE-46FF-97B3-CF3DA0C8993D}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{46BC5E84-8B4F-4625-8816-04C39762739A}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{502E7BFF-7694-4882-B323-3B3D3E266A3F}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{59CC0F31-D036-4F65-92AB-27D7FBD822C8}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{62A251DB-289A-4B18-9807-A3E222BD73CB}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{65E23FB1-8313-407D-82D7-42031D6293F5}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{70698501-3126-4550-AE5C-1047FA675D95}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{74DE544D-F66F-4D81-8FE3-A87FAC5DDDEB}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{786A8F15-9AFF-4DA6-94BA-9ADE62DC22D9}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{7AF4926B-C643-4627-9570-E9C891FF0FB4}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{7CCD768E-3551-4DCC-B6A6-E5B5BA3B2093}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{7D90E8EE-71D3-4800-A2E6-7FE46343A73F}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{8501F6B3-F534-49F4-A392-162A8AB44686}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{8D6E0B83-B2E1-4141-AA30-30C7D664D3DD}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{94535A68-37C8-4243-A6EF-1A20DD3E0727}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{957DB09B-2CFD-4EE1-8703-DC0722D68BC2}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{97951DBC-E0C3-42BD-82F1-F9CAABA86FFE}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{989653F5-C636-4870-AF9B-5DB1868FD4B1}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{996739C6-D4B1-4972-A918-F35E37175574}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{9B25D33C-B0A1-423F-A958-C9F4BD40A8DA}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{9C9F0EBB-69DA-416B-A92A-7A1DADE405CD}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{9EEBE46E-B521-4A83-BCDE-CA260F41F194}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{A00F212A-A418-446C-90CD-6C3D45146459}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{A1D6AC76-08DC-4450-BD16-D2D9B3EEB740}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{AC19EC2F-0DA2-4D67-B154-7D4AFF85101B}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{B7B1FBE9-0EDD-4896-8113-D2B36E6AA578}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{BA11CA7C-3F27-4467-823D-4F0C67DCE868}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{C36ABA5F-FCBC-4F4D-B7A6-BE19D3CBFA92}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{C47A1024-CCA3-43E3-915E-8D5CF224FCF1}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{C5038622-223B-4E1A-8C2A-21420A390751}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{C54B958A-674C-4ACD-A17A-C8CEA7B8C99B}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{C8EE7338-A425-4D72-BC27-3C7D2FC29364}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{C9EF1F3B-7A39-4156-9812-AF290B198148}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{D5D0170E-EC94-4F2C-BDFC-970DF1485C42}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{D61451B1-8E28-493E-A908-21903D816430}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{DEBB6CB3-CAE3-487A-9E8A-70ACBE35CB7D}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{E0A4C414-71A0-44D7-B9F5-C90A2A42B50A}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{E3F703B2-D108-41B1-A078-A8CECE966E46}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{EA3E751F-0F14-47B2-9D37-F12D2676ED8D}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{F165301E-5017-45D2-BCC7-4EBBC8F449A5}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{F609853D-530E-41FD-941B-7CBC3A1C4BA8}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{FA51C2EE-C9DA-4E12-8A9E-B000980EED96}
Successfully deleted: [Empty Folder] C:\Users\leepylee\Appdata\Local\{FF06D18B-BC2A-499B-8320-6A21BE7C2DED}
Successfully deleted: [Folder] C:\Program Files (x86)\application updater
Successfully deleted: [Folder] C:\Program Files (x86)\askpartnernetwork
Successfully deleted: [Folder] C:\Program Files (x86)\getprivate
Successfully deleted: [Folder] C:\Program Files (x86)\iobit\driver booster
Successfully deleted: [Folder] C:\Program Files (x86)\mypc backup
Successfully deleted: [Folder] C:\Program Files (x86)\searchprotect
Successfully deleted: [Folder] C:\Program Files (x86)\xtab
Successfully deleted: [Folder] C:\ProgramData\apn
Successfully deleted: [Folder] C:\ProgramData\mailupdate
Successfully deleted: [Folder] C:\ProgramData\productdata
Successfully deleted: [Folder] C:\Users\leepylee\Appdata\Local\babylon
Successfully deleted: [Folder] C:\Users\leepylee\AppData\Roaming\getprivate
Successfully deleted: [Folder] C:\Users\leepylee\AppData\Roaming\mailupdate
Successfully deleted: [Folder] C:\Users\leepylee\AppData\Roaming\productdata

 

~~~ Chrome

[C:\Users\leepylee\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\leepylee\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\leepylee\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\leepylee\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03/11/2015 at 13:08:40.27
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

And the scan done again from Adwcleaner:

 

 

 

 

# AdwCleaner v5.016 - Logfile created 03/11/2015 at 13:24:17
# Updated 01/11/2015 by Xplode
# Database : 2015-11-01.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : leepylee - LEEPYLEESLAPTOP
# Running from : C:\Users\leepylee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NCQWLTUT\AdwCleaner.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****

Service Found : APNMCP
Service Found : Application Updater
Service Found : BackupStack
Service Found : IHProtect Service
Service Found : PrivoxyService
Service Found : SPPD

***** [ Folders ] *****

Folder Found : C:\Program Files (x86)\IObit Toolbar
Folder Found : C:\Program Files (x86)\SFK
Folder Found : C:\Users\leepylee\AppData\Local\Temp\apn
Folder Found : C:\Users\leepylee\AppData\Roaming\TSv

***** [ Files ] *****

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

Task Found : DealPlyUpdate
Task Found : GPUpdate
Task Found : Jelbrus Secure Web Task

***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Key Found : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.apn.native_messaging_host_aaaaaiabcopkplhgaedhbloeejhhankf
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{69A72A8A-84ED-4A75-8CE7-263DBEF3E5D3}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C1E58A84-95B3-4630-B8C2-D06B77B7A0FC}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C900B400-CDFE-11D3-976A-00E02913A9E0}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{F9765480-72D1-11D4-A75A-004F49045A87}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0CB66BA8-5E1F-4963-93D1-E1D6B78FE9A2}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{FC87A650-207D-4392-A6A1-82ADBC56FA64}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{E99D4D0C-EB54-46AF-B62A-3AA1F31D53E5}
Key Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}
Key Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{2C09954F-CDA8-4BD1-8794-1D543E050378}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}
Key Found : HKCU\Software\Cr_Installer
Key Found : HKCU\Software\powerpack
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKCU\Software\SpeedTray
Key Found : HKLM\SOFTWARE\Application Updater
Key Found : HKLM\SOFTWARE\Babylon
Key Found : HKLM\SOFTWARE\SupDp
Key Found : HKLM\SOFTWARE\V9Software
Key Found : HKLM\SOFTWARE\Wpm
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PriceGong
Key Found : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2144891622-77169984-1251611374-1000\Software\BabylonToolbar
Key Found : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2144891622-77169984-1251611374-1000\Software\Funmoods
Key Found : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2144891622-77169984-1251611374-1000\Software\Wajam
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89EA4F1B8FBCDEF47AE328E455E28AA0
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97ECFF59EE08D4F47BB1464DEC37DA87
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8CB937199A57E748B6AC433DA453EE2
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4E78E12704AFCE408C7FBE501F1AA0A
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F0390A76D28822743A68D7F1AB22E6D0
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0A5AC497E6BBC8D45BE8AD6619DA8217
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF

***** [ Web browsers ] *****

[C:\Users\leepylee\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : uk.ask.com
[C:\Users\leepylee\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : delta-homes
[C:\Users\leepylee\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Found : hxxp://www.delta-homes.com/?type=hp&ts=1446489295&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ient07031&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS
[C:\Users\leepylee\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] Found : hxxp://search.delta-homes.com/webfavicon.ico
[C:\Users\leepylee\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Found : hxxp://www.delta-homes.com/?type=hp&ts=1446489295&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ient07031&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [12283 bytes] ##########

 

 



#10 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,630 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:05 AM

Posted 03 November 2015 - 08:32 AM

Awesome :) Now, you can launch AdwCleaner again, and click on the Uninstall button. This will delete the C:\AdwCleaner folder and the executable.

Since there was a lot of detections, we'll use ESET Online Scanner to make sure that there's no remnants left, and Emsisoft Emergency Kit as well. We'll start with ESET.

cvMlKv6.pngESET Online Scanner
Note : If you use Internet Explorer to get the ESET Online Scanner, you won't have to download, nor install the tool, as everything will be ran in a contextual (pop-up) window of Internet Explorer. However, for every other browsers, you will have to download and install ESET Online Scanner. In this set of instruction, I'll use Google Chrome to download it and run it (since a lot of people will do it), however, except for the download and installation procedure, the same instructions applies if you use Internet Explorer. Please note that two or three prompts will appear if you use Internet Explorer asking you to reload the page, authorize the application, execute it, etc. Accept all of them in order to run ESET Online Scanner.
  • Download and execute ESET Online Scanner (on this window, click on ESET Smart Installer to trigger the download). People accessing this URL via Internet Explorer will start the integration process of ESET Online Scanner in their browser;
  • Once the installation is done (it requires Admin Rights), check the following settings (two of them are under Advanced Settings, click on it to display them) :
    • Enable detection of potentially unwanted applications;
    • Scan archives;
    • Scan for potentially unsafe applications;
    • Optional : If you want to scan more drives, click on Change... and select the drives you want to include in the scan;
  • After you're done checking these options, click on "Start" and ESET Online Scanner will download it's virus signature database before starting the scan;
  • Once done, the scan will start automatically. Detections will appear at the bottom of the window. ESET Online Scanner can have an extremely long scan time that can last between 2 or 3 hours. So if you start the scan, do not interrupt it, let it complete until the end;
  • After the scan is finished, a summary window will appear to give you the information about the scan. Then you'll have to the option to see what threads were found and to manage the threats that were quarantined;
  • Click on List of found threats, it'll display every threat identified during that scan, their type and what action was taken against them. Click on Copy to clipboard to copy these results on our clipboard and post them in your next reply;
  • Once you're done, click on the Back button;
  • Check both checkboxes at the bottom: Uninstall application on close and Delete quarantined files before clicking on the Finish button;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#11 ~ JJ ~

~ JJ ~
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:UK
  • Local time:12:05 PM

Posted 03 November 2015 - 12:52 PM

The scan just finished, here are the results for you:

 

C:\Users\All Users\IObit\ASCDownloader\Driver Booster.exe a variant of Win32/OpenCandy.A potentially unsafe application 
C:\Automotive Technician Training\Support\Programs\PDFCreator-1_3_2_setup.exe Win32/OpenCandy potentially unsafe application deleted - quarantined
C:\Program Files (x86)\FoxTabPDFCreator\message.exe a variant of Win32/SweetIM.B potentially unwanted application cleaned by deleting - quarantined
C:\Program Files (x86)\IObit Toolbar\IE\8.5\iobitToolbarIE.dll a variant of Win32/Toolbar.Widgi potentially unwanted application cleaned by deleting - quarantined
C:\Program Files (x86)\IObit Toolbar\IE\8.5\iobitToolbarIE64.dll Win64/Toolbar.Widgi.B potentially unwanted application cleaned by deleting - quarantined
C:\ProgramData\IObit\ASCDownloader\Driver Booster.exe a variant of Win32/OpenCandy.A potentially unsafe application deleted - quarantined
C:\Users\leepylee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\24GVRZ0Z\search[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\leepylee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RLHTY46\adwcleaner[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\leepylee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RLHTY46\RS=nVCncGchThqTZV5KzZX[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\leepylee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7FLAABQK\click[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\leepylee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7FLAABQK\geotager[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\leepylee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HO8OE78K\delta-homes-removal[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\leepylee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HO8OE78K\idle[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\leepylee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HO8OE78K\universal[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\leepylee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M9AW2E9S\2-adwcleaner[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\leepylee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M9AW2E9S\d99fda27-2044-4c84-95dc-24a7229a02d0[2].htm HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\leepylee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M9AW2E9S\sh.ffb539525be53bf07820b48d[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\leepylee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M9AW2E9S\skinedEmpty[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\leepylee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M9AW2E9S\splat[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\leepylee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5K5G87J\RS=OY2GcrNcZTvh2rUVnti80qUfT10-[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\leepylee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5K5G87J\universal[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\leepylee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UMVZJ277\windows[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\leepylee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UMVZJ277\xdirect[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\leepylee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YALWF84L\how-to-remove-delta-search-home-page-ie-firefox-chrome[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\leepylee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YALWF84L\RS=vvDsqx_NbtLkFA6VWLUk_VZ1t_4-[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\leepylee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YBHR3TI7\favicon[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\leepylee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YBHR3TI7\MyEpsonPortalInvitationBanner[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\leepylee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z41FR7HD\RS=L4EmZONrx0AnCRoKJV0LXfmthMU-[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\leepylee\AppData\Roaming\uTorrent\updates\3.4.2_32080.exe a variant of Win32/AdkDLLWrapper.A potentially unwanted application cleaned by deleting - quarantined
C:\Users\leepylee\Downloads\ARO2011_mt.exe a variant of Win32/Systweak potentially unwanted application deleted - quarantined
C:\Users\leepylee\Downloads\defragsetup (1).exe a variant of Win32/Toolbar.Widgi potentially unwanted application deleted - quarantined
C:\Users\leepylee\Downloads\defragsetup.exe a variant of Win32/Toolbar.Widgi potentially unwanted application deleted - quarantined
C:\Users\leepylee\Downloads\gimp-setup.exe Win32/DownloadAdmin.G potentially unwanted application deleted - quarantined
C:\Users\leepylee\Downloads\IObit-Malware-Fighter-Setup.exe a variant of Win32/Toolbar.Widgi.N potentially unwanted application deleted - quarantined
C:\Users\leepylee\Downloads\uTorrent (1).exe a variant of Win32/AdkDLLWrapper.A potentially unwanted application cleaned by deleting - quarantined
C:\Windows\Installer\941b2.msi a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application deleted - quarantined
C:\Windows\Installer\MSI7EF0.tmp a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application cleaned by deleting - quarantined
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-ORJ[1].7z a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application deleted - quarantined
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-ORJ[2].7z a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application deleted - quarantined
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\wajam_update[1].exe a variant of Win32/Wajam.G potentially unwanted application deleted - quarantined
 



#12 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,630 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:05 AM

Posted 03 November 2015 - 12:55 PM

You can delete the following folders:
C:\Program Files (x86)\IObit Toolbar
C:\ProgramData\IObit
C:\Users\All Users\IObit
You might have to enable the hidden files, and system files in the Folder Options in order to see them.

http://www.howtogeek.com/howto/windows-vista/show-hidden-files-and-folders-in-windows-vista/ - To view system files, simply uncheck Hide protected operating system files (recommended).

Once done, we'll run a scan using EEK :)

DAzejbj.pngEmsisoft Emergency Kit
Follow the instructions below to run a scan using the Emsisoft Emergency Kit.
  • Download the Emsisoft Emergency Kit and execute it. From there, click on the Extract button to extract the program in the EEK folder;
  • A shortcut called Start Emsisoft Emergency Kit will appear on your desktop, right-click on it and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Accept to run the online update when opening the program (click on Yes), then wait for the update to complete and click on Back
  • From there, click on the Scan button. A prompt will ask you if you want to enable the PUP detection, click on Yes
  • Click on the Smart Scan (Recommended) to launch the scan, and wait for it to complete;
  • Once the scan is complete, make sure that every item in the list is checked, and click on Quarantine selected;
  • If it asks you for a reboot to delete some items, click on Ok to reboot automatically;
  • After the restart, click on the Start Emsisoft Emergency Kit icon again on your desktop to open it;
  • This time, click on Logs;
  • From there, go under the Quarantine Log tab, and click on the Export button;
  • Save the log on your desktop, then open it, and copy/paste its content in your next reply;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#13 ~ JJ ~

~ JJ ~
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:UK
  • Local time:12:05 PM

Posted 03 November 2015 - 01:53 PM

Thank you. Scan just done, couldn't see the Smart scan though so did the Malware Scan here are the results.

 

Emsisoft Emergency Kit - Version 10.0
Quarantine log

Date Source Event Detection 
11/3/2015 6:50:41 PM C:\Users\leepylee\AppData\Local\Temp\apn Moved to quarantine Application.Win32.WebToolbar (A) 
11/3/2015 6:50:40 PM Key: HKEY_USERS\S-1-5-21-2144891622-77169984-1251611374-1000\SOFTWARE\YAHOOPARTNERTOOLBAR Moved to quarantine Application.Win32.YTool (A) 
11/3/2015 6:50:40 PM Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\PROD.CAP Moved to quarantine Application.AdReg (A) 
11/3/2015 6:50:40 PM Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\AU__RASAPI32 Moved to quarantine Application.Win32.InstallExt (A) 
11/3/2015 6:50:39 PM Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\AU__RASMANCS Moved to quarantine Application.Win32.InstallExt (A) 
11/3/2015 6:50:39 PM Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\MYBABYLONTB_RASAPI32 Moved to quarantine Application.Win32.InstallExt (A) 
11/3/2015 6:50:39 PM Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\MYBABYLONTB_RASMANCS Moved to quarantine Application.Win32.InstallExt (A) 
11/3/2015 6:50:39 PM Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\TASKSCHEDULER_RASAPI32 Moved to quarantine Application.Win32.InstallExt (A) 
11/3/2015 6:50:38 PM Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\TASKSCHEDULER_RASMANCS Moved to quarantine Application.Win32.InstallExt (A) 
11/3/2015 6:50:38 PM Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{6C434537-053E-486D-B62A-160059D9D456} Moved to quarantine Application.AdReg (A) 
11/3/2015 6:50:37 PM Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Moved to quarantine Application.AdReg (A) 
11/3/2015 6:50:37 PM Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\APPLICATION UPDATER Moved to quarantine Application.InstallAd (A) 
11/3/2015 6:50:37 PM Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\BABYLON Moved to quarantine Application.InstallAd (A) 
11/3/2015 6:50:37 PM Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\PRICEGONG Moved to quarantine Application.InstallAd (A) 
11/3/2015 6:50:36 PM Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\APPID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Moved to quarantine Application.InstallMood (A) 
11/3/2015 6:50:36 PM Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\WPM Moved to quarantine Application.AdShort (A) 
11/3/2015 6:50:36 PM Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\SUPDP Moved to quarantine Application.InstallTab (A) 



#14 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,630 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:05 AM

Posted 03 November 2015 - 01:55 PM

Good :) I just realized (thanks to Jo) that I posted the wrong set of instructions for AdwCleaner, and only made you "scan" with it, not "clean". Sorry about that, here's the good set of instructions.

zcMPezJ.pngAdwCleaner - Fix Mode
  • Download AdwCleaner and move it to your Desktop;
  • Right-click on AdwCleaner.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Accept the EULA (I accept), let the database update, then click on Scan;
  • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Cleaning button. This will kill all the active processes;
    CfdTLN1.png
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it;
  • After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#15 ~ JJ ~

~ JJ ~
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:UK
  • Local time:12:05 PM

Posted 03 November 2015 - 02:40 PM

Thank you and no need to be sorry, I'm very grateful for your help. :)

 

Here is the log:

 

# AdwCleaner v5.017 - Logfile created 03/11/2015 at 19:15:19
# Updated 03/11/2015 by Xplode
# Database : 2015-11-03.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : leepylee - LEEPYLEESLAPTOP
# Running from : C:\Users\leepylee\Downloads\AdwCleaner.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : APNMCP
[-] Service Deleted : Application Updater
[-] Service Deleted : BackupStack
[-] Service Deleted : IHProtect Service
[-] Service Deleted : PrivoxyService
[-] Service Deleted : SPPD

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\SFK
[-] Folder Deleted : C:\Users\leepylee\AppData\Roaming\TSv

***** [ Files ] *****

[-] File Deleted : C:\Users\leepylee\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.delta-homes.com_0.localstorage
[-] File Deleted : C:\Users\leepylee\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.delta-homes.com_0.localstorage-journal

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

[-] Task Deleted : DealPlyUpdate
[-] Task Deleted : GPUpdate
[-] Task Deleted : Jelbrus Secure Web Task

***** [ Registry ] *****

[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.apn.native_messaging_host_aaaaaiabcopkplhgaedhbloeejhhankf
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{69A72A8A-84ED-4A75-8CE7-263DBEF3E5D3}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C1E58A84-95B3-4630-B8C2-D06B77B7A0FC}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C900B400-CDFE-11D3-976A-00E02913A9E0}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{F9765480-72D1-11D4-A75A-004F49045A87}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0CB66BA8-5E1F-4963-93D1-E1D6B78FE9A2}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{FC87A650-207D-4392-A6A1-82ADBC56FA64}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{E99D4D0C-EB54-46AF-B62A-3AA1F31D53E5}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{2C09954F-CDA8-4BD1-8794-1D543E050378}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Key Deleted : HKCU\Software\Cr_Installer
[-] Key Deleted : HKCU\Software\powerpack
[-] Key Deleted : HKCU\Software\SpeedTray
[-] Key Deleted : HKLM\SOFTWARE\V9Software
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89EA4F1B8FBCDEF47AE328E455E28AA0
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97ECFF59EE08D4F47BB1464DEC37DA87
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8CB937199A57E748B6AC433DA453EE2
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4E78E12704AFCE408C7FBE501F1AA0A
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F0390A76D28822743A68D7F1AB22E6D0
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0A5AC497E6BBC8D45BE8AD6619DA8217
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF

***** [ Web browsers ] *****

[-] [C:\Users\leepylee\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : uk.ask.com
[-] [C:\Users\leepylee\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : delta-homes
[-] [C:\Users\leepylee\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www.delta-homes.com/?type=hp&ts=1446489295&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ient07031&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS
[-] [C:\Users\leepylee\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] Deleted : hxxp://search.delta-homes.com/webfavicon.ico
[-] [C:\Users\leepylee\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : hxxp://www.delta-homes.com/?type=hp&ts=1446489295&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ient07031&uid=TOSHIBAXMK3263GSXN_30T8F42CSXX30T8F42CS

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [12017 bytes] ##########






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users