Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93084 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

infected adware (adpeak scorpion saver) [Closed]

Started by pendaless , Oct 20 2014 08:28 PM

  • This topic is locked This topic is locked
10 replies to this topic

#1 pendaless

pendaless

    New Member

  • Authentic Member
  • Pip
  • 6 posts

Posted 20 October 2014 - 08:28 PM

aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-10-20 17:13:42
-----------------------------
17:13:42.259    OS Version: Windows x64 6.1.7601 Service Pack 1
17:13:42.259    Number of processors: 2 586 0x2A07
17:13:42.260    ComputerName: DANGEROUS-PC  UserName: Dangerous
17:13:46.901    Initialze error C000010E - driver not loaded
17:13:47.055    write error "aswCmnB.dll". The process cannot access the file because it is being used by another process.
17:13:49.043    AVAST engine defs: 14102001
17:13:56.432    Scan error: The parameter is incorrect.
17:14:20.503    Scan stopped
17:14:23.202    Scan error: The parameter is incorrect.
17:15:44.384    The log file has been saved successfully to "C:\Users\Dangerous\Documents\aswMBR.txt"
17:15:50.464    Scan stopped
17:16:17.155    Service scanning
17:17:30.382    Modules scanning
17:17:30.382    Disk 0 trace - called modules:
17:17:30.382    
17:17:31.864    AVAST engine scan C:\Users\Dangerous\Desktop
17:17:58.680    Scan stopped
17:18:08.758    Service scanning
17:19:25.905    Modules scanning
17:19:25.905    Disk 0 trace - called modules:
17:19:25.936    
17:19:32.582    AVAST engine scan C:\Windows
17:19:47.236    AVAST engine scan C:\Windows\system32
17:28:56.385    AVAST engine scan C:\Windows\system32\drivers
17:29:26.494    AVAST engine scan C:\Users\Dangerous
18:30:34.008    File: C:\Users\Dangerous\AppData\Local\Temp\airBE50.exe  **INFECTED** Win32:Adware-gen [Adw]
18:30:40.965    File: C:\Users\Dangerous\AppData\Local\Temp\airD6A4.exe  **INFECTED** Win64:Adware-A [Adw]
18:34:02.081    File: C:\Users\Dangerous\AppData\Local\Temp\drv71217.exe  **INFECTED** Win32:Dropper-gen [Drp]
18:36:21.857    File: C:\Users\Dangerous\AppData\Local\Temp\is366025459\4C448614_stp\termtutor-setup-1.9.0.8.exe  **INFECTED** Win32:Adware-gen [Adw]
18:37:49.248    File: C:\Users\Dangerous\AppData\Local\Temp\Upgrader.exe  **INFECTED** Win32:Adware-gen [Adw]
19:07:47.261    File: C:\Users\Dangerous\Downloads\5683.tmp  **INFECTED** Win32:Adware-gen [Adw]
19:07:52.752    File: C:\Users\Dangerous\Downloads\driver restore.exe  **INFECTED** Win32:Adware-gen [Adw]
19:10:35.616    File: C:\Users\Dangerous\FPP_Setup (1).exe  **INFECTED** Win32:Adware-gen [Adw]
19:10:37.067    File: C:\Users\Dangerous\FPP_Setup (2).exe  **INFECTED** Win32:Adware-gen [Adw]
19:10:38.393    File: C:\Users\Dangerous\FPP_Setup.exe  **INFECTED** Win32:Adware-gen [Adw]
19:12:42.211    AVAST engine scan C:\ProgramData
19:15:03.984    Scan finished successfully
19:18:56.200    The log file has been saved successfully to "C:\Users\Dangerous\Desktop\aswMBR.txt"
 
happily awaiting helpful input to get this poop off my pc! thx Penny

    Advertisements

Register to Remove

#2 fbfbfb

fbfbfb

    SuperMember

  • Malware Team
  • 1,218 posts

Posted 21 October 2014 - 07:09 AM

Hello and welcome pendaless.

My name is fbfbfb. I will gladly assist you with your concerns.

While working to resolve the issues with your machine, please follow these guidelines:

  • Please be patient. Logs are lengthy and can take time to analyze.
  • Read and follow my directions carefully, in the sequence they are posted.
  • If you are unsure about anything, please ask for clarification before continuing.
  • Use only those tools that you have been directed to use.
  • Do not install or uninstall any applications or run any other scans without being directed to do so.
  • Copy and Paste the log files inside your post. Do not send them as attachments unless otherwise instructed.
  • Stay with me until your machine has been deemed all clear.
  • Please reply within 3 days of each posting to avoid closing this topic. If you need more time to complete tasks, or if you will be away, please let me know in advance.

Thank you for submitting the aswMBR log.  I would like to take a closer look at your system.
 
Please run the following scans
 
1.  Farbar Recovery Scan Tool
 
Please download Farbar Recovery Scan Tool from HERE, and save it to your desktop.
 

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to the disclaimer.
  • Press Scan.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

2.  Security Check

  • Download Security Check from HERE.
  • Save it to your desktop.
  • Double-click SecurityCheck.exe > Follow the onscreen instructions inside the black box.
  • In the event you get the message Unsupported operating system. Aborting now., reboot and try again.
  • A Notepad document should open automatically called checkup.txt.  This may take a few minutes.  Please copy and paste the contents of that document into your next reply.

CHECKLIST : In your next reply, please post the following:

  • FRST.txt
  • Addition.txt
  • checkup.txt

#3 pendaless

pendaless

    New Member

  • Authentic Member
  • Pip
  • 6 posts

Posted 22 October 2014 - 11:44 AM

Thank you so very much!! so for starters heres the first the first portion of what you requested the final half will follow as soon as its done running on my machine!
 
 
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-10-2014
Ran by Dangerous (administrator) on DANGEROUS-PC on 22-10-2014 10:21:50
Running from C:\Users\Dangerous\Downloads
Loaded Profile: Dangerous (Available profiles: Dangerous & QT)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
() C:\Program Files (x86)\Fast Free Converter\FastFreeConverterUpdt.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(Memeo) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe
(Microsoft Corporation) C:\Windows\System32\mqtgsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Google Inc.) C:\Users\Dangerous\AppData\Local\Google\Update\GoogleUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Dropbox, Inc.) C:\Users\Dangerous\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(AVAST Software) C:\Users\Dangerous\Downloads\aswMBR.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\HssWPR\HssSrv.exe
() C:\Program Files (x86)\RCP\RegCleanPro.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\realplay.exe
(Farbar) C:\Users\Dangerous\Downloads\FRST64 (1).exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2886416 2012-03-01] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12452456 2012-02-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-02-08] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1829768 2012-02-07] (Acer Incorporated)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1021056 2012-03-08] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [800896 2012-03-08] (Atheros Commnucations)
HKLM-x32\...\Run: [APSDaemon] => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2013-11-09] (RealNetworks, Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [296984 2012-01-05] (NTI Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-3031197819-1423011399-4028574408-1000\...\Run: [B304A4A847FBC12A95FF4FCAB1D1BAF271A47E44._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [863184 2013-12-03] (Google Inc.)
HKU\S-1-5-21-3031197819-1423011399-4028574408-1000\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1080104 2014-08-04] (Apple Inc.)
HKU\S-1-5-21-3031197819-1423011399-4028574408-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-08-08] (Apple Inc.)
HKU\S-1-5-21-3031197819-1423011399-4028574408-1000\...\Run: [Google Update] => C:\Users\Dangerous\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-05-16] (Google Inc.)
HKU\S-1-5-21-3031197819-1423011399-4028574408-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-08-14] (Apple Inc.)
HKU\S-1-5-21-3031197819-1423011399-4028574408-1000\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272640 2012-09-12] (Microsoft Corporation)
HKU\S-1-5-21-3031197819-1423011399-4028574408-1000\...\Run: [BRS] => C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe [1074688 2014-09-30] ()
HKU\S-1-5-21-3031197819-1423011399-4028574408-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-08-15] (Apple Inc.)
HKU\S-1-5-21-3031197819-1423011399-4028574408-1000\...\MountPoints2: {6f85e951-300d-11e3-85b3-206a8a841640} - E:\SISetup.exe
HKU\S-1-5-21-3031197819-1423011399-4028574408-1000\...\MountPoints2: {a58926fb-4717-11e4-bfab-206a8a841640} - E:\VerizonSWUpgradeAssistantLauncher.exe
HKU\S-1-5-21-3031197819-1423011399-4028574408-1000\...\MountPoints2: {b77f2e5b-4541-11e3-8e3c-206a8a841640} - "E:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
AppInit_DLLs: C:\Users\Dangerous\AppData\Local\Smartbar\Application\Resources\crdlil64.dll => C:\Users\Dangerous\AppData\Local\Smartbar\Application\Resources\crdlil64.dll [77856 2014-09-26] ()
AppInit_DLLs-x32: C:\Users\Dangerous\AppData\Local\Smartbar\Application\Resources\crdlil.dll => C:\Users\Dangerous\AppData\Local\Smartbar\Application\Resources\crdlil.dll [67104 2014-09-21] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftwareUpdater.lnk
ShortcutTarget: SoftwareUpdater.lnk -> C:\Program Files (x86)\Software Updater\SoftwareUpdater.exe (No File)
Startup: C:\Users\Dangerous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Dangerous\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Dangerous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
Startup: C:\Users\Dangerous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://astromenda.co...r=571490522&ir=
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.findwi...C4E04}&serpv=22
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperba...q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.helperba...q={searchTerms}
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = 
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperba...q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperba...q={searchTerms}
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperba...q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperba...q={searchTerms}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = http://search.xfinit...q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = 
SearchScopes: HKCU - {A3ADD537-B8C5-4EA5-99AA-A206D1F0C5B2} URL = https://www.google.c...q={searchTerms}
BHO: LyricsParty-1 -> {11111111-1111-1111-1111-110411181152} ->  No File
BHO: QuickShare WidgetEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120913115545.dll No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: FastFreeConverter -> {F5580E24-8416-4DFD-90B3-078D4EDF4FCB} -> C:\Program Files (x86)\Fast Free Converter\FastFreeConverter_x64.dll (Fast Free Converter)
BHO: Hotspot Shield Class -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll (AnchorFree Inc.)
BHO-x32: LyricsParty-1 -> {11111111-1111-1111-1111-110411181152} ->  No File
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: QuickShare WidgetEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: LinkSwift -> {323420b6-65e5-4657-8106-a27392d4d4aa} ->  No File
BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120913115545.dll No File
BHO-x32: DefaultTab Browser Helper -> {7F6AFBF1-E065-4627-A2FD-810366367D01} ->  No File
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: No Name -> {ae48ed75-5a56-4c5f-bbce-6f1ac3875f66} ->  No File
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: FastFreeConverter -> {F5580E24-8416-4DFD-90B3-078D4EDF4FCB} -> C:\Program Files (x86)\Fast Free Converter\FastFreeConverter.dll (Fast Free Converter)
BHO-x32: Hotspot Shield Class -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
BHO-x32: No Name -> {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} ->  No File
Toolbar: HKLM - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - No Name - {6F002502-B98C-4F3D-9468-E848F4C450C7} -  No File
Toolbar: HKLM-x32 - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - No Name - {6F002502-B98C-4F3D-9468-E848F4C450C7} -  No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
DPF: HKLM-x32 {357A8DEC-0CAC-4D8D-9869-C2C356B844F7} http://173.160.174.222/RSVideoOcx.cab
DPF: HKLM-x32 {3FB84210-0311-49BA-AFF7-A2C50E2D20B6} http://173.10.100.230/web.cab
DPF: HKLM-x32 {556EEC63-31E2-47C3-BF29-DFF799D2FE04} https://secure.logme...?rnd=3773254933
DPF: HKLM-x32 {82E5DF24-51E8-47CD-864A-F4BD5005AA73} https://www.icloud.c...stem/iCloud.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.dpliveupdate.com/DealPlyLive Update;version=3 -> C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.dpliveupdate.com/DealPlyLive Update;version=9 -> C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Dangerous\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Dangerous\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin -> C:\Users\Dangerous\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Dangerous\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Dangerous\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Dangerous\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Dangerous\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Dangerous\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-11-09]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: No Name - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta749\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha172\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha9116\ff [Not Found]
 
Chrome: 
=======
CHR Profile: C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Ask Search) - C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaadgepjkdffhjbkfjgnnffnfcffbg [2014-10-20]
CHR Extension: (QuickShare Widget) - C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl [2014-01-09]
CHR Extension: (Google Docs) - C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-02-12]
CHR Extension: (Google Drive) - C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-02-12]
CHR Extension: (Free Online Tarot Readings) - C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\bllpaelopnfgfampngdhgolbpfdkpdem [2013-06-22]
CHR Extension: (YouTube) - C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-02-12]
CHR Extension: (Tarot cards) - C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\bomnldeokionnkcnmcgakcddnecbpjnj [2013-06-22]
CHR Extension: (Coral Reef) - C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\ceopnaonhcpfbjpmianoabhebgnifjoi [2013-12-22]
CHR Extension: (Spotify - Music for every moment) - C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2013-06-22]
CHR Extension: (Google Search) - C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-02-12]
CHR Extension: (saverr box) - C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\dceokjcpppeplbfpnppmlipkibnpfpce [2014-02-17]
CHR Extension: (My Daily Tarot (FREE)) - C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeocplhpjabcpofmdkdlpcdojdeeilfp [2013-06-22]
CHR Extension: (Email Game) - C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehbobaphhmjpchjknfpcnlhcbkjbclge [2013-06-22]
CHR Extension: (Gmail Offline) - C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2013-06-22]
CHR Extension: (Consumer Input) - C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\faoigfclahgbjjjaopddafnnapmeppnc [2013-12-22]
CHR Extension: (PacMan Original) - C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\flfalpnlognakhehenkddbgibjhgmdff [2013-06-22]
CHR Extension: (ddEalpeak) - C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\fodikpbpngkfnojfdhmcbpionjnmffch [2014-01-29]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2013-06-22]
CHR Extension: (Planetarium) - C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\gheikhdfflhlbemfmhcfpeblehemeklp [2013-06-22]
CHR Extension: (TiltShiftMaker) - C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjjofhgnhekhkccpcnnloagmdpafifeo [2013-11-04]
CHR Extension: (mysms - Text anywhere) - C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnkkehjnlfplmdnallbjjdnokolhblgb [2013-06-22]
CHR Extension: (Daily Nasa Photo) - C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\iccbbicgapglafdhcpehclpffdgfapol [2013-06-22]
CHR Extension: (Pixlr Editor) - C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmaknaampgiegkcjlimdiidlhopknpk [2013-11-04]
CHR Extension: (RealDownloader) - C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-11-09]
CHR Extension: (Timeline Cover Photo Maker) - C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijbipdllnagdjbnamnppcfjionpfiffa [2013-06-22]
CHR Extension: (My Browser Page) - C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\jghfknlgajlcihkhkhnlcoffhbohnlbg [2013-06-22]
CHR Extension: (No Name) - C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp [2013-10-07]
CHR Extension: (Numerology) - C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\kepbbopkchenaknodmbnddfjkjiegmci [2013-06-22]
CHR Extension: (Numerologist) - C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgjjienfdaffpjhhjhcfmncaoolnkkmh [2013-06-22]
CHR Extension: (Pop, Pop, Win!) - C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbghebmoaofincenahdohhpkljnkbbcn [2013-11-04]
CHR Extension: (Fileminx) - C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbmphdinbmonlcogmljkkahppnkannma [2013-06-22]
CHR Extension: (FastestFox for Chrome) - C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm [2013-08-31]
CHR Extension: (Webcam & Image Renderer) - C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\nijolocgpijchhhgppbelbajkoglfmic [2013-09-13]
CHR Extension: (Wikipedia Instant) - C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlnikhpimclelcopmneehjglfppbnojd [2013-06-22]
CHR Extension: (Google Wallet) - C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-13]
CHR Extension: (Current Moon Phase -N.Hemisphere) - C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\oampnkjpomgmmphfoedhihefpbjhjamo [2013-06-22]
CHR Extension: (My Chrome Theme) - C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2013-06-22]
CHR Extension: (Psykopaint) - C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2013-11-04]
CHR Extension: (Gmail) - C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-02-12]
CHR HKLM\...\Chrome\Extension: [aaaaadgepjkdffhjbkfjgnnffnfcffbg] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaadgepjkdffhjbkfjgnnffnfcffbg.crx [2014-09-23]
CHR HKLM-x32\...\Chrome\Extension: [aaaaadgepjkdffhjbkfjgnnffnfcffbg] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaadgepjkdffhjbkfjgnnffnfcffbg.crx [2014-09-23]
CHR HKLM-x32\...\Chrome\Extension: [ajadlheagenmmedmhaoafgkdenfilcme] - C:\Program Files (x86)\BetterSurf\BetterSurfPlusV1\ch\BetterSurfPlusV1.crx [2014-09-23]
CHR HKLM-x32\...\Chrome\Extension: [dedmngkbaffkenlfdcbganndoghblmap] - C:\Program Files (x86)\BetterSurf\ch\Chrome.crx [2014-09-23]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM-x32\...\Chrome\Extension: [kiplfnciaokpcennlkldkdaeaaomamof] - C:\Users\Dangerous\AppData\Local\Torch\Plugins\TorchPlugin.crx [2013-08-14]
CHR HKLM-x32\...\Chrome\Extension: [odpccdgkmiicgocepijnaeihjnjnomca] - C:\Program Files (x86)\LinkSwift\odpccdgkmiicgocepijnaeihjnjnomca.crx [2013-08-14]
CHR HKLM-x32\...\Chrome\Extension: [poheodfamflhhhdcmjfeggbgigeefaco] - C:\Program Files (x86)\Better-Surf\ch\Chrome.crx [2013-08-14]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166296 2014-09-19] () [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
R2 FastFreeConverterUpdt; C:\Program Files (x86)\Fast Free Converter\FastFreeConverterUpdt.exe [252928 2013-12-07] () [File not signed]
R2 ftpsvc; C:\Windows\system32\inetsrv\ftpsvc.dll [350720 2012-05-31] (Microsoft Corporation)
R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [389488 2012-11-14] ()
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-20] (Microsoft Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [127320 2012-03-16] ()
R2 iprip; C:\Windows\System32\iprip.dll [35328 2009-07-13] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [162648 2012-03-16] (Intel Corporation)
R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-13] (Microsoft Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-13] (Microsoft Corporation)
R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [189440 2010-11-20] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256536 2012-01-05] (NTI Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 simptcp; C:\Windows\SysWOW64\tcpsvcs.exe [9216 2009-07-13] (Microsoft Corporation)
R2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-20] (Microsoft Corporation)
R2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-20] (Microsoft Corporation)
S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [81920 2009-07-13] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [116224 2009-10-14] (WDC) [File not signed]
R2 WDSmartWareBackgroundService; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo) [File not signed]
S3 WMSVC; C:\Windows\system32\inetsrv\wmsvc.exe [10752 2009-07-13] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe [76960 2012-02-27] (Atheros) [File not signed]
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [X] <==== ATTENTION
S2 dealplylive; C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe /svc [X]
S3 dealplylivem; C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe /medsvc [X]
S4 DefaultTabUpdate; "C:\Users\Dangerous\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe" [X]
S2 Update LinkSwift; "C:\Program Files (x86)\LinkSwift\updateLinkSwift.exe" [X]
S2 Util LinkSwift; "C:\Program Files (x86)\LinkSwift\bin\utilLinkSwift.exe" [X]
S2 vToolbarUpdater17.0.1; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.1\ToolbarUpdater.exe [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-09-28] (AVG Technologies)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [42248 2012-11-14] (AnchorFree Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-13] (Microsoft Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [23040 2013-07-25] (Apple Inc.) [File not signed]
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [File not signed]
S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog64.sys [X]
S3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]
R1 ttnfd; system32\drivers\ttnfd.sys [X]
U3 aswMBR; \??\C:\Users\DANGER~1\AppData\Local\Temp\aswMBR.sys [X]
U3 aswVmm; \??\C:\Users\DANGER~1\AppData\Local\Temp\aswVmm.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-22 10:21 - 2014-10-22 10:22 - 00036700 _____ () C:\Users\Dangerous\Downloads\FRST.txt
2014-10-22 10:21 - 2014-10-22 10:22 - 00000000 ____D () C:\FRST
2014-10-22 10:20 - 2014-10-22 10:20 - 02110976 _____ (Farbar) C:\Users\Dangerous\Downloads\FRST64 (1).exe
2014-10-20 20:37 - 2014-10-20 20:38 - 02110976 _____ (Farbar) C:\Users\Dangerous\Downloads\FRST64.exe
2014-10-20 19:18 - 2014-10-20 19:18 - 00002673 _____ () C:\Users\Dangerous\Desktop\aswMBR.txt
2014-10-20 17:59 - 2014-10-20 17:59 - 00006384 _____ () C:\Users\Dangerous\Desktop\2.xml
2014-10-20 17:54 - 2014-10-20 17:54 - 00016405 _____ () C:\Users\Dangerous\Desktop\RCPscanlog.xml
2014-10-20 17:13 - 2014-10-20 17:15 - 00001338 _____ () C:\Users\Dangerous\Documents\aswMBR.txt
2014-10-20 17:06 - 2014-10-20 17:06 - 00280192 _____ () C:\Windows\Minidump\102014-35053-01.dmp
2014-10-20 16:59 - 2014-10-20 16:59 - 05185536 _____ (AVAST Software) C:\Users\Dangerous\Downloads\aswMBR.exe
2014-10-20 14:31 - 2014-10-20 14:31 - 00000000 ____D () C:\ProgramData\374311380
2014-10-20 14:28 - 2014-10-20 17:52 - 00003090 _____ () C:\Windows\System32\Tasks\RegClean Pro
2014-10-20 14:13 - 2014-10-20 17:18 - 00003076 _____ () C:\Windows\System32\Tasks\Advanced-System Protector_startup
2014-10-20 14:13 - 2014-10-20 14:13 - 00001049 _____ () C:\Users\Public\Desktop\Advanced-System Protector.lnk
2014-10-20 14:13 - 2014-10-20 14:13 - 00000000 ____D () C:\ProgramData\Systweak
2014-10-20 14:13 - 2014-10-20 14:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced-System Protector
2014-10-20 14:12 - 2014-10-21 15:01 - 00000266 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2014-10-20 14:12 - 2014-10-20 17:06 - 00000274 _____ () C:\Windows\Tasks\RegClean Pro_UPDATES.job
2014-10-20 14:12 - 2014-10-20 14:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
2014-10-20 14:12 - 2014-10-20 14:13 - 00000000 ____D () C:\Users\Dangerous\AppData\Roaming\Systweak
2014-10-20 14:12 - 2014-10-20 14:13 - 00000000 ____D () C:\Program Files (x86)\ASP
2014-10-20 14:12 - 2014-10-20 14:12 - 00003032 _____ () C:\Windows\System32\Tasks\RegClean Pro_UPDATES
2014-10-20 14:12 - 2014-10-20 14:12 - 00002876 _____ () C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
2014-10-20 14:12 - 2014-10-20 14:12 - 00000989 _____ () C:\Users\Public\Desktop\RegClean Pro.lnk
2014-10-20 14:12 - 2014-10-20 14:12 - 00000000 ____D () C:\Program Files (x86)\RCP
2014-10-20 14:12 - 2014-08-29 17:02 - 00020296 _____ () C:\Windows\system32\roboot64.exe
2014-10-20 14:12 - 2012-07-25 12:03 - 00016896 _____ () C:\Windows\system32\sasnative64.exe
2014-10-20 14:04 - 2014-10-20 14:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore
2014-10-16 08:28 - 2014-10-16 08:32 - 00006142 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_71-b14.log
2014-10-16 03:32 - 2014-10-06 19:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 03:32 - 2014-10-06 19:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-16 03:32 - 2014-09-25 15:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 03:32 - 2014-09-25 15:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-16 03:32 - 2014-09-25 15:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-16 03:32 - 2014-09-25 15:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-16 03:32 - 2014-09-25 15:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-16 03:32 - 2014-09-25 15:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-16 03:32 - 2014-09-25 15:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 03:32 - 2014-09-18 19:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 03:32 - 2014-09-18 18:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 03:32 - 2014-09-18 18:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-16 03:32 - 2014-09-18 18:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-16 03:32 - 2014-09-18 18:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 03:32 - 2014-09-18 18:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 03:32 - 2014-09-18 18:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-16 03:32 - 2014-09-18 18:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-16 03:32 - 2014-09-18 18:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-16 03:32 - 2014-09-18 18:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 03:32 - 2014-09-18 18:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 03:32 - 2014-09-18 18:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-16 03:32 - 2014-09-18 18:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 03:32 - 2014-09-18 18:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-16 03:32 - 2014-09-18 18:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-16 03:32 - 2014-09-18 18:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-16 03:32 - 2014-09-18 18:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-16 03:32 - 2014-09-18 18:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-16 03:32 - 2014-09-18 18:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-16 03:32 - 2014-09-18 18:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 03:32 - 2014-09-18 18:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 03:32 - 2014-09-18 18:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-16 03:32 - 2014-09-18 18:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-16 03:32 - 2014-09-18 18:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-16 03:32 - 2014-09-18 18:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-16 03:32 - 2014-09-18 18:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 03:32 - 2014-09-18 17:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-16 03:32 - 2014-09-18 17:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 03:32 - 2014-09-18 17:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-16 03:32 - 2014-09-18 17:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-16 03:32 - 2014-09-18 17:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-16 03:32 - 2014-09-18 17:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-16 03:32 - 2014-09-18 17:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-16 03:32 - 2014-09-18 17:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-16 03:32 - 2014-09-18 17:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 03:32 - 2014-09-18 17:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 03:32 - 2014-09-18 17:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-16 03:32 - 2014-09-18 17:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-16 03:32 - 2014-09-18 17:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 03:32 - 2014-09-18 17:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-16 03:32 - 2014-09-18 17:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-16 03:32 - 2014-09-18 17:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-16 03:32 - 2014-09-18 17:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 03:32 - 2014-09-18 16:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-16 03:32 - 2014-09-18 16:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-16 03:32 - 2014-09-18 16:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-16 03:32 - 2014-09-18 16:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-16 00:51 - 2014-10-16 00:53 - 00000000 ____D () C:\44280a2cda1c67a20f6dd3e79f
2014-10-15 22:39 - 2014-10-15 22:40 - 00000000 ____D () C:\baf08dc9ab3e992cf9b2f5
2014-10-15 19:58 - 2014-07-06 19:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 19:58 - 2014-07-06 19:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 19:58 - 2014-07-06 19:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 19:58 - 2014-07-06 19:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 19:58 - 2014-07-06 19:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 19:58 - 2014-07-06 19:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-15 19:58 - 2014-07-06 18:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-15 19:58 - 2014-07-06 18:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-15 19:58 - 2014-07-06 18:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-15 19:57 - 2014-08-18 20:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-15 19:57 - 2014-08-18 20:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-15 19:57 - 2014-08-18 20:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-15 19:57 - 2014-08-18 20:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 19:57 - 2014-08-18 20:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-15 19:57 - 2014-08-18 20:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-15 19:57 - 2014-08-18 20:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 19:57 - 2014-08-18 20:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 19:57 - 2014-08-18 20:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 19:57 - 2014-08-18 20:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 19:57 - 2014-08-18 19:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-15 19:57 - 2014-08-18 19:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-15 19:57 - 2014-08-18 19:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 19:57 - 2014-07-06 19:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 19:57 - 2014-07-06 19:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 19:57 - 2014-07-06 19:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 19:57 - 2014-07-06 19:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 19:57 - 2014-07-06 19:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 19:57 - 2014-07-06 19:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-15 19:57 - 2014-07-06 19:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 19:57 - 2014-07-06 19:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 19:57 - 2014-07-06 19:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 19:57 - 2014-07-06 19:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-15 19:57 - 2014-07-06 19:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 19:57 - 2014-07-06 19:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 19:57 - 2014-07-06 19:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-15 19:57 - 2014-07-06 19:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-15 19:57 - 2014-07-06 19:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 19:57 - 2014-07-06 19:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 19:57 - 2014-07-06 19:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 19:57 - 2014-07-06 19:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 19:57 - 2014-07-06 19:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 19:57 - 2014-07-06 19:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 19:57 - 2014-07-06 19:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 19:57 - 2014-07-06 19:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 19:57 - 2014-07-06 19:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 19:57 - 2014-07-06 19:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 19:57 - 2014-07-06 19:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-15 19:57 - 2014-07-06 19:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 19:57 - 2014-07-06 18:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 19:57 - 2014-07-06 18:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-15 19:57 - 2014-07-06 18:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-15 19:57 - 2014-07-06 18:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-15 19:57 - 2014-07-06 18:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-15 19:57 - 2014-07-06 18:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-15 19:57 - 2014-07-06 18:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-15 19:57 - 2014-07-06 18:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-15 19:57 - 2014-07-06 18:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-15 19:57 - 2014-07-06 18:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-15 19:57 - 2014-07-06 18:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-15 19:57 - 2014-07-06 18:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-15 19:57 - 2014-07-06 18:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-15 19:57 - 2014-07-06 18:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-15 19:57 - 2014-07-06 18:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-15 19:57 - 2014-07-06 18:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-15 19:57 - 2014-07-06 18:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-15 19:57 - 2014-07-06 18:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-15 19:57 - 2014-07-06 18:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-15 19:57 - 2014-07-06 18:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-15 19:57 - 2014-07-06 18:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-15 19:57 - 2014-07-06 18:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-15 19:57 - 2014-07-06 18:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-15 19:57 - 2014-07-06 18:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-15 19:57 - 2014-07-06 18:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-15 19:57 - 2014-07-06 18:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-15 19:57 - 2014-07-06 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-15 19:57 - 2014-06-27 17:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 19:57 - 2014-06-27 17:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 19:57 - 2014-06-27 17:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-15 13:41 - 2014-10-09 19:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-15 13:41 - 2014-09-28 17:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 13:41 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-10-15 13:41 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-10-15 13:41 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-10-15 13:41 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-10-15 13:41 - 2014-07-08 19:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-10-15 13:41 - 2014-07-08 18:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-10-15 13:41 - 2014-07-08 18:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-10-15 13:41 - 2014-07-08 18:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-10-15 13:41 - 2014-07-08 18:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-10-15 13:41 - 2014-07-08 18:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-10-15 13:41 - 2014-07-08 15:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-10-15 13:41 - 2014-07-08 15:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-10-15 13:41 - 2014-06-18 15:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 13:41 - 2014-06-18 15:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 13:41 - 2014-06-18 15:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 13:41 - 2014-06-18 15:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 13:41 - 2014-06-18 15:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 13:41 - 2014-06-18 15:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 13:40 - 2014-10-09 19:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-15 13:40 - 2014-10-09 19:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-15 13:40 - 2014-09-17 19:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-15 13:40 - 2014-09-17 18:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-15 13:39 - 2014-08-28 19:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-15 13:38 - 2014-09-03 22:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 13:38 - 2014-09-03 22:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 13:38 - 2014-07-16 19:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 13:38 - 2014-07-16 19:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 13:38 - 2014-07-16 19:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 13:38 - 2014-07-16 19:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 13:38 - 2014-07-16 19:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 13:38 - 2014-07-16 19:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 13:38 - 2014-07-16 18:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 13:38 - 2014-07-16 18:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 13:38 - 2014-07-16 18:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 13:38 - 2014-07-16 18:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 13:38 - 2014-07-16 18:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-15 13:37 - 2014-09-12 18:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 13:37 - 2014-09-12 18:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-15 13:37 - 2014-09-04 19:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 13:37 - 2014-09-04 18:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 13:19 - 2014-10-20 11:03 - 00000000 ___RD () C:\Users\Dangerous\iCloudDrive
2014-10-15 13:19 - 2014-10-15 13:19 - 00000000 ____D () C:\Users\Dangerous\AppData\Local\Apple Inc
2014-10-08 19:45 - 2014-10-08 19:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-10-08 19:44 - 2014-10-08 19:44 - 00000000 ____D () C:\Users\Dangerous\Documents\OneNote Notebooks
2014-10-08 19:39 - 2014-10-20 14:54 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-10-08 19:39 - 2014-10-20 14:54 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-10-08 19:39 - 2014-10-20 14:50 - 00000000 ____D () C:\Program Files\iTunes
2014-10-08 19:39 - 2014-10-20 14:50 - 00000000 ____D () C:\Program Files\iPod
2014-10-04 19:08 - 2014-09-24 19:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-04 19:08 - 2014-09-24 18:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-10-04 18:46 - 2014-10-04 18:46 - 00000000 ____D () C:\Users\Dangerous\AppData\Roaming\Astromenda
2014-10-01 01:45 - 2014-10-01 01:45 - 00000000 ____D () C:\Users\Dangerous\AppData\Local\Astromenda
2014-09-30 22:47 - 2014-10-20 14:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Support
2014-09-30 22:46 - 2014-09-30 22:46 - 00000000 ____D () C:\Program Files (x86)\Driver Support
2014-09-30 22:45 - 2014-10-22 09:48 - 00000306 _____ () C:\Windows\Tasks\WSE_Astromenda.job
2014-09-30 22:45 - 2014-09-30 22:45 - 00003262 _____ () C:\Windows\System32\Tasks\WSE_Astromenda
2014-09-30 22:44 - 2014-10-20 14:31 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-09-30 22:44 - 2014-09-30 22:45 - 00000000 ____D () C:\Users\Dangerous\AppData\Roaming\WSE_Astromenda
2014-09-30 22:44 - 2014-09-30 22:45 - 00000000 ____D () C:\Program Files (x86)\WSE_Astromenda
2014-09-29 17:10 - 2014-09-29 17:10 - 00000000 ____D () C:\Users\Dangerous\AppData\Local\VNT
2014-09-29 17:10 - 2014-09-29 17:10 - 00000000 ____D () C:\Users\Dangerous\AppData\Local\AskPartnerNetwork
2014-09-29 17:10 - 2014-09-29 17:10 - 00000000 ____D () C:\ProgramData\AskPartnerNetwork
2014-09-29 17:10 - 2014-09-29 17:10 - 00000000 ____D () C:\Program Files (x86)\AskPartnerNetwork
2014-09-29 16:56 - 2014-09-29 16:56 - 00000000 ____D () C:\ProgramData\APN
2014-09-29 16:55 - 2014-09-29 16:56 - 00000000 ____D () C:\Program Files (x86)\Free Ultimate File Opener
2014-09-29 16:55 - 2014-09-29 16:55 - 00001199 _____ () C:\Users\Dangerous\Desktop\Free Ultimate File Opener.lnk
2014-09-29 16:55 - 2014-09-29 16:55 - 00000000 ____D () C:\Users\QT\AppData\Local\Free Ultimate File Opener
2014-09-29 16:55 - 2014-09-29 16:55 - 00000000 ____D () C:\Users\Dangerous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Ultimate File Opener
2014-09-29 16:55 - 2014-09-29 16:55 - 00000000 ____D () C:\Users\Dangerous\AppData\Local\Free Ultimate File Opener
2014-09-29 16:55 - 2014-06-13 14:37 - 00543640 _____ (Ask Partner Network) C:\Users\Dangerous\Documents\APNSetup.exe
2014-09-28 04:54 - 2014-09-28 04:54 - 00000000 ____D () C:\Program Files (x86)\Pngg2ImaGe
2014-09-28 04:13 - 2014-09-28 04:13 - 00000687 _____ () C:\awhEB19.tmp
2014-09-28 01:02 - 2014-09-28 01:02 - 00111104 _____ () C:\Windows\SysWOW64\installd.exe
2014-09-27 08:56 - 2014-09-27 08:56 - 00000687 _____ () C:\awhD087.tmp
2014-09-27 03:04 - 2014-06-26 19:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-27 03:04 - 2014-06-26 18:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-26 21:16 - 2014-09-26 21:16 - 00000687 _____ () C:\awhA1D.tmp
2014-09-26 17:19 - 2014-08-01 04:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-26 17:19 - 2014-08-01 04:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-26 17:18 - 2014-09-09 15:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-26 17:18 - 2014-09-09 14:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-26 17:18 - 2014-06-23 20:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-26 17:18 - 2014-06-23 19:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-26 17:16 - 2014-07-06 19:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-26 17:16 - 2014-07-06 18:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-26 17:15 - 2014-07-06 19:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-26 17:15 - 2014-07-06 18:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-26 17:15 - 2014-07-06 18:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-26 17:00 - 2014-09-26 17:00 - 00000687 _____ () C:\awhE35C.tmp
2014-09-26 16:15 - 2014-09-26 16:15 - 00000687 _____ () C:\awh7CFB.tmp
2014-09-26 16:05 - 2014-09-26 16:05 - 00280192 _____ () C:\Windows\Minidump\092614-26332-01.dmp
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-22 09:57 - 2013-06-20 14:17 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3031197819-1423011399-4028574408-1000UA.job
2014-10-22 09:57 - 2013-02-12 12:15 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-22 09:56 - 2013-10-20 04:51 - 00000912 _____ () C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
2014-10-22 09:51 - 2013-10-20 04:51 - 00000304 _____ () C:\Windows\Tasks\Dealply.job
2014-10-22 09:19 - 2013-06-06 05:09 - 00003958 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{EDF917B5-AD9C-49E3-B00B-E30EA897BFF5}
2014-10-22 08:19 - 2013-09-27 08:19 - 00001310 _____ () C:\Windows\Tasks\LyricsParty-1-updater.job
2014-10-22 08:19 - 2013-09-27 08:19 - 00001114 _____ () C:\Windows\Tasks\LyricsParty-1-enabler.job
2014-10-22 08:18 - 2013-09-27 08:18 - 00001924 _____ () C:\Windows\Tasks\LyricsParty-1-chromeinstaller.job
2014-10-22 08:18 - 2013-09-27 08:18 - 00001214 _____ () C:\Windows\Tasks\LyricsParty-1-codedownloader.job
2014-10-22 07:20 - 2012-05-12 13:33 - 01783395 _____ () C:\Windows\WindowsUpdate.log
2014-10-22 04:56 - 2013-10-20 04:51 - 00000908 _____ () C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
2014-10-21 15:57 - 2013-06-20 14:17 - 00000872 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3031197819-1423011399-4028574408-1000Core.job
2014-10-21 15:57 - 2013-02-12 12:15 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-21 06:45 - 2013-12-22 17:51 - 00000153 _____ () C:\Users\Dangerous\AppData\Roaming\WB.CFG
2014-10-20 20:44 - 2013-03-16 05:59 - 00000000 ____D () C:\Users\Dangerous\Downloads\Mobile Uploads_files
2014-10-20 20:32 - 2012-12-21 21:25 - 00000000 ____D () C:\Users\Dangerous\Desktop\beats
2014-10-20 19:57 - 2013-02-01 06:28 - 00000000 ____D () C:\Users\Dangerous\Desktop\P Lies
2014-10-20 19:49 - 2009-07-13 22:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-10-20 17:17 - 2009-07-13 21:45 - 00031472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-20 17:17 - 2009-07-13 21:45 - 00031472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-20 17:10 - 2013-06-10 10:59 - 00000000 ___RD () C:\Users\Dangerous\Dropbox
2014-10-20 17:09 - 2013-06-10 10:55 - 00000000 ____D () C:\Users\Dangerous\AppData\Roaming\Dropbox
2014-10-20 17:09 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\inetsrv
2014-10-20 17:08 - 2012-09-29 21:06 - 00000000 ____D () C:\Users\Dangerous\Tracing
2014-10-20 17:06 - 2012-10-13 23:12 - 694541978 _____ () C:\Windows\MEMORY.DMP
2014-10-20 17:06 - 2012-10-13 23:12 - 00000000 ____D () C:\Windows\Minidump
2014-10-20 17:06 - 2010-11-20 20:47 - 00218608 _____ () C:\Windows\PFRO.log
2014-10-20 17:06 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-20 17:06 - 2009-07-13 21:51 - 00104332 _____ () C:\Windows\setupact.log
2014-10-20 14:58 - 2012-09-13 11:44 - 00000000 ____D () C:\Program Files (x86)\Barnes & Noble
2014-10-20 14:55 - 2013-09-03 07:33 - 00000000 ____D () C:\Program Files\Bonjour
2014-10-20 14:55 - 2013-09-03 07:33 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-10-20 14:45 - 2013-09-03 07:36 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-10-20 08:39 - 2013-11-27 10:29 - 00000000 ____D () C:\Users\temp
2014-10-17 09:06 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2014-10-16 08:32 - 2013-06-22 00:59 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-16 06:23 - 2009-07-13 21:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-10-16 03:40 - 2009-07-13 21:45 - 00437984 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-16 03:37 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-16 03:37 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-16 03:05 - 2014-05-12 03:56 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-15 23:40 - 2009-07-13 22:13 - 00910406 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-15 23:31 - 2014-01-29 02:21 - 00000000 ____D () C:\ProgramData\ddEalpeak
2014-10-15 23:08 - 2013-08-31 23:20 - 00000000 ____D () C:\Users\Dangerous\AppData\Local\DefineExt
2014-10-15 23:07 - 2014-01-29 02:20 - 00000000 ____D () C:\ProgramData\39c9a19e2eee0123
2014-10-15 22:40 - 2013-08-19 20:22 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-15 22:40 - 2012-09-15 18:36 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-15 20:36 - 2014-08-21 03:18 - 00000000 ____D () C:\Users\Dangerous\AppData\Local\1595A4BD-9471-4820-BF75-BBD90A366EAD.aplzod
2014-10-15 20:35 - 2012-09-15 06:01 - 00000000 ____D () C:\Users\Dangerous\AppData\Local\Apple Computer
2014-10-15 13:19 - 2012-09-15 06:01 - 00000000 ____D () C:\Users\Dangerous\AppData\Roaming\Apple Computer
2014-10-15 13:19 - 2012-09-13 11:42 - 00000000 ____D () C:\Users\Dangerous
2014-10-11 20:26 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-08 07:15 - 2012-09-13 18:34 - 00000000 ____D () C:\Users\Dangerous\AppData\Local\CrashDumps
2014-10-01 02:16 - 2012-03-28 18:52 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-01 02:16 - 2012-03-28 18:52 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-01 01:57 - 2013-06-10 10:57 - 00000000 ____D () C:\Users\Dangerous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-29 10:18 - 2012-09-29 20:53 - 00000000 ____D () C:\Users\Dangerous\AppData\Local\Windows Live
2014-09-28 22:49 - 2013-09-24 11:20 - 00000000 ____D () C:\Windows\pss
2014-09-28 22:42 - 2014-02-17 08:19 - 00007599 _____ () C:\Users\Dangerous\AppData\Local\Resmon.ResmonCfg
2014-09-28 06:59 - 2014-02-17 02:39 - 00000000 ____D () C:\ProgramData\saverr box
2014-09-28 06:59 - 2014-01-31 07:28 - 00000000 ____D () C:\ProgramData\Pngg2ImaGe
2014-09-28 06:59 - 2014-01-29 02:20 - 00000000 ____D () C:\ProgramData\SaaverPro
2014-09-28 04:51 - 2014-08-30 06:16 - 00000000 ____D () C:\Users\Dangerous\AppData\Roaming\ID Vault
2014-09-27 03:48 - 2012-12-21 09:59 - 00903020 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-27 03:43 - 2013-08-19 20:02 - 00002155 _____ () C:\Windows\epplauncher.mif
2014-09-27 03:41 - 2013-08-19 20:01 - 00002121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-09-27 03:40 - 2013-08-19 20:01 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-09-27 03:39 - 2013-08-19 20:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-09-26 21:28 - 2014-08-21 03:16 - 00000000 ____D () C:\Users\Dangerous\Documents\Outlook Files
2014-09-26 17:29 - 2013-11-03 05:36 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-26 16:16 - 2014-08-30 06:18 - 00000000 ____D () C:\Users\Dangerous\AppData\Local\ID Vault
 
Files to move or delete:
====================
C:\Users\Dangerous\FPP_Setup (1).exe
C:\Users\Dangerous\FPP_Setup (2).exe
C:\Users\Dangerous\FPP_Setup.exe
C:\Users\Dangerous\iCloudSetup.exe
C:\Users\Dangerous\iTunes64Setup.exe
 
 
Some content of TEMP:
====================
C:\Users\Dangerous\AppData\Local\Temp\-jqt6yq5.dll
C:\Users\Dangerous\AppData\Local\Temp\-q4uogjs.dll
C:\Users\Dangerous\AppData\Local\Temp\1y-daaf7.dll
C:\Users\Dangerous\AppData\Local\Temp\270F_SoftwareUpdaterSetupC.exe
C:\Users\Dangerous\AppData\Local\Temp\2fd0gmbr.dll
C:\Users\Dangerous\AppData\Local\Temp\5ebrbjkr.dll
C:\Users\Dangerous\AppData\Local\Temp\778lf4hj.dll
C:\Users\Dangerous\AppData\Local\Temp\8lvxxolb.dll
C:\Users\Dangerous\AppData\Local\Temp\air11D.exe
C:\Users\Dangerous\AppData\Local\Temp\air2938.exe
C:\Users\Dangerous\AppData\Local\Temp\air3340.exe
C:\Users\Dangerous\AppData\Local\Temp\air38D2.exe
C:\Users\Dangerous\AppData\Local\Temp\air43D8.exe
C:\Users\Dangerous\AppData\Local\Temp\air4C05.exe
C:\Users\Dangerous\AppData\Local\Temp\air4CCA.exe
C:\Users\Dangerous\AppData\Local\Temp\air60D5.exe
C:\Users\Dangerous\AppData\Local\Temp\air759F.exe
C:\Users\Dangerous\AppData\Local\Temp\airB5AA.exe
C:\Users\Dangerous\AppData\Local\Temp\airBE50.exe
C:\Users\Dangerous\AppData\Local\Temp\airD6A4.exe
C:\Users\Dangerous\AppData\Local\Temp\airFF69.exe
C:\Users\Dangerous\AppData\Local\Temp\anvrehbj.dll
C:\Users\Dangerous\AppData\Local\Temp\APNSetup.exe
C:\Users\Dangerous\AppData\Local\Temp\B5BA_FPPSetup.exe
C:\Users\Dangerous\AppData\Local\Temp\BackupSetup.exe
C:\Users\Dangerous\AppData\Local\Temp\BundleInstaller.exe
C:\Users\Dangerous\AppData\Local\Temp\BundleSweetIMSetup.exe
C:\Users\Dangerous\AppData\Local\Temp\bybeqkmq.dll
C:\Users\Dangerous\AppData\Local\Temp\ConsumerInputSetup.exe
C:\Users\Dangerous\AppData\Local\Temp\djgmejcgdblwff.exe
C:\Users\Dangerous\AppData\Local\Temp\dlLogic.exe
C:\Users\Dangerous\AppData\Local\Temp\DRHelper_installFinish.exe
C:\Users\Dangerous\AppData\Local\Temp\DRHelper_installStart.exe
C:\Users\Dangerous\AppData\Local\Temp\DRHelper_uninstallComplete.exe
C:\Users\Dangerous\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpixvs8e.dll
C:\Users\Dangerous\AppData\Local\Temp\drv71217.exe
C:\Users\Dangerous\AppData\Local\Temp\dxwz30zh.dll
C:\Users\Dangerous\AppData\Local\Temp\ecrzi1t1.dll
C:\Users\Dangerous\AppData\Local\Temp\gj6rsnoz.dll
C:\Users\Dangerous\AppData\Local\Temp\h3_aiwwg.dll
C:\Users\Dangerous\AppData\Local\Temp\haksek9n.dll
C:\Users\Dangerous\AppData\Local\Temp\helper.exe
C:\Users\Dangerous\AppData\Local\Temp\hiwauzmk.dll
C:\Users\Dangerous\AppData\Local\Temp\hrvytgue.dll
C:\Users\Dangerous\AppData\Local\Temp\hsspk.exe
C:\Users\Dangerous\AppData\Local\Temp\IMsetup.exe
C:\Users\Dangerous\AppData\Local\Temp\Installer.exe
C:\Users\Dangerous\AppData\Local\Temp\installhelper.dll
C:\Users\Dangerous\AppData\Local\Temp\iyup72ie.dll
C:\Users\Dangerous\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Dangerous\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Dangerous\AppData\Local\Temp\kgw8t_6a.dll
C:\Users\Dangerous\AppData\Local\Temp\lowproc.exe
C:\Users\Dangerous\AppData\Local\Temp\lxmb_a-d.dll
C:\Users\Dangerous\AppData\Local\Temp\mbssfhpi.dll
C:\Users\Dangerous\AppData\Local\Temp\mgsqlite3.dll
C:\Users\Dangerous\AppData\Local\Temp\MybabylonTB.exe
C:\Users\Dangerous\AppData\Local\Temp\newsetup.exe
C:\Users\Dangerous\AppData\Local\Temp\nllthszn.dll
C:\Users\Dangerous\AppData\Local\Temp\nsc1205.exe
C:\Users\Dangerous\AppData\Local\Temp\nscE4F7.exe
C:\Users\Dangerous\AppData\Local\Temp\nsf97F1.exe
C:\Users\Dangerous\AppData\Local\Temp\nsnF48E.exe
C:\Users\Dangerous\AppData\Local\Temp\nsnF8AB.exe
C:\Users\Dangerous\AppData\Local\Temp\nsr811.exe
C:\Users\Dangerous\AppData\Local\Temp\nsrD221.exe
C:\Users\Dangerous\AppData\Local\Temp\nss27B8.exe
C:\Users\Dangerous\AppData\Local\Temp\nsuBFF7.exe
C:\Users\Dangerous\AppData\Local\Temp\obbadgcn.dll
C:\Users\Dangerous\AppData\Local\Temp\ochelper.exe
C:\Users\Dangerous\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Dangerous\AppData\Local\Temp\oi_{5028B094-59A8-4536-BB81-2B8FF3A3B7CC}.exe
C:\Users\Dangerous\AppData\Local\Temp\Optimizer_Pro.exe
C:\Users\Dangerous\AppData\Local\Temp\optprosetup.exe
C:\Users\Dangerous\AppData\Local\Temp\propsys.dll
C:\Users\Dangerous\AppData\Local\Temp\qoalvufv.dll
C:\Users\Dangerous\AppData\Local\Temp\qrqgsite.dll
C:\Users\Dangerous\AppData\Local\Temp\rcmb-hls.dll
C:\Users\Dangerous\AppData\Local\Temp\Shortcut_IMsetup.exe
C:\Users\Dangerous\AppData\Local\Temp\slaclt10.dll
C:\Users\Dangerous\AppData\Local\Temp\sp.exe
C:\Users\Dangerous\AppData\Local\Temp\SpOrder.dll
C:\Users\Dangerous\AppData\Local\Temp\SPStub.exe
C:\Users\Dangerous\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\Dangerous\AppData\Local\Temp\stubhelper.dll
C:\Users\Dangerous\AppData\Local\Temp\tbWhit.dll
C:\Users\Dangerous\AppData\Local\Temp\The_Weather_Channel_Application.exe
C:\Users\Dangerous\AppData\Local\Temp\unfrl7fl.dll
C:\Users\Dangerous\AppData\Local\Temp\Upgrader.exe
C:\Users\Dangerous\AppData\Local\Temp\uvdsvcyt.dll
C:\Users\Dangerous\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Dangerous\AppData\Local\Temp\WSSetup.exe
C:\Users\Dangerous\AppData\Local\Temp\yas2fnog.dll
C:\Users\Dangerous\AppData\Local\Temp\z1shdgaf.dll
C:\Users\Dangerous\AppData\Local\Temp\zdyy1mjv.dll
C:\Users\Dangerous\AppData\Local\Temp\_co6ti7_.dll
C:\Users\QT\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-10-17 08:57
 
==================== End Of Log ============================

Attached Files


#4 pendaless

pendaless

    New Member

  • Authentic Member
  • Pip
  • 6 posts

Posted 22 October 2014 - 11:52 AM

security check results
 
 
Results of screen317's Security Check version 0.99.89  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Adobe Reader 10.1.7 Adobe Reader out of Date!  
 Google Chrome 31.0.1650.57  
 Google Chrome 31.0.1650.63  
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 1% 
````````````````````End of Log`````````````````````` 
 

#5 fbfbfb

fbfbfb

    SuperMember

  • Malware Team
  • 1,218 posts

Posted 22 October 2014 - 07:56 PM

Hello, pendaless.

 

Thank you for your log submissions.  There is a lot happening inside your system.  Let's begin the cleaning process.

 

Please run the following scans

 

1.  AdwCleaner

 

We will be running this cleaner in 2 parts.  The first time you run it, please scan only and send me the log for review.  We will rerun it again later to clean.

 

Please download AdwCleaner from HERE.

  • Double click on adwcleaner.exe.  Note:  Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

 

2.  Junkware Removal Tool (JRT)

 

Please download Junkware Removal Tool from HERE and save it to your desktop.

  • Shutdown your antivirus to avoid any potential conflicts.
  • Right-mouse click JRT.exe and select Run as Administrator.
  • JRT will begin to backup your registry and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, the log JRT.txt is saved on your desktop and will automatically open.
  • Post the contents of JRT.txt into your next reply.

 

3.  Malwarebytes Anti-Malware (MBAM)

 

Download MBAM from HERE > Save it to your Desktop.

 

Note:

  • Windows XP > Double click on the icon to run it.
  • Windows Vista, Windows 7 and 8 > Right-click and select Run As Administrator.

 

MBAMDashboard_zpsddef9b5f.gif

 

  • On the Dashboard, click Update Now.
  • Click the Settings tab > Click Detection and Protection.
  • Under Non-Malware Protection, make sure that both PUP and PUM are set to show Treat Detections as Malware .
  • Click Advanced Settings > Check mark Automatically Quarantine Detected Items.
  • On the Dashboard, click Scan.
  • Select Threat Scan > Click Scan Now.
  • When the scan is finished and the log pops up, select Copy to Clipboard .
  • Please paste the log into your next reply.
  • Exit Malwarebytes.

 

CHECKLIST : In your next reply, please post the following:

  • AdwCleaner[R0].txt
  • JRT.txt
  • MBAM log

 

 


#6 pendaless

pendaless

    New Member

  • Authentic Member
  • Pip
  • 6 posts

Posted 23 October 2014 - 12:51 AM

thank you, im on this like a fat kid on a cupcake! ya its no wonder it takes FOREVER to do anything or get anywhwere on this thing!

next submission from moi will be requested reports!

you rock!ttyl


#7 pendaless

pendaless

    New Member

  • Authentic Member
  • Pip
  • 6 posts

Posted 23 October 2014 - 01:36 AM

# AdwCleaner v4.001 - Report created 22/10/2014 at 23:49:00
# Updated 20/10/2014 by Xplode
# Database : 2014-10-21.1
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Dangerous - DANGEROUS-PC
# Running from : C:\Users\Dangerous\Downloads\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
Service Found : APNMCP
Service Found : BackupStack
Service Found : dealplylive
Service Found : dealplylivem
Service Found : DefaultTabUpdate
Service Found : FastFreeConverterUpdt
Service Found : HssSrv
Service Found : hsswd
Service Found : SPPD
 
***** [ Files / Folders ] *****
 
File Found : C:\END
File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftwareUpdater.lnk
File Found : C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
File Found : C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal
File Found : C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage
File Found : C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal
File Found : C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Found : C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Found : C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.wajam.com_0.localstorage
File Found : C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.wajam.com_0.localstorage-journal
File Found : C:\Users\Dangerous\AppData\LocalLow\SkwConfig.bin
File Found : C:\Users\Dangerous\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Video Converter.lnk
File Found : C:\Windows\System32\AdpeakProxy.ini
File Found : C:\Windows\System32\AdpeakProxyOff.ini
File Found : C:\Windows\System32\roboot64.exe
File Found : C:\Windows\SysWOW64\AdpeakProxy.ini
File Found : C:\Windows\SysWOW64\AdpeakProxyOff.ini
File Found : C:\Windows\SysWOW64\installd.exe
Folder Found : C:\Program Files (x86)\AskPartnerNetwork
Folder Found : C:\Program Files (x86)\Driver Support
Folder Found : C:\Program Files (x86)\Fast Free Converter
Folder Found : C:\Program Files (x86)\File Type Helper
Folder Found : C:\Program Files (x86)\hotspot shield
Folder Found : C:\Program Files (x86)\Optimizer Pro
Folder Found : C:\Program Files (x86)\Pngg2ImaGe
Folder Found : C:\Program Files (x86)\wse_astromenda
Folder Found : C:\Program Files\Level Quality Watcher
Folder Found : C:\Program Files\ScorpionSaver Services
Folder Found : C:\ProgramData\374311380 
Folder Found : C:\ProgramData\apn
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\AskPartnerNetwork
Folder Found : C:\ProgramData\ddEalpeak
Folder Found : C:\ProgramData\DealPlyLive
Folder Found : C:\ProgramData\hotspot shield
Folder Found : C:\ProgramData\Interenet Optimizer
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Support
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hotspot shield
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Fix Speed
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software Updater
Folder Found : C:\ProgramData\Pngg2ImaGe
Folder Found : C:\ProgramData\SaaverPro
Folder Found : C:\ProgramData\saverr box
Folder Found : C:\Users\DANGER~1\AppData\Local\Temp\AirInstaller
Folder Found : C:\Users\DANGER~1\AppData\Local\Temp\apn
Folder Found : C:\Users\DANGER~1\AppData\Local\Temp\Smartbar
Folder Found : C:\Users\Dangerous\AppData\Local\AskPartnerNetwork
Folder Found : C:\Users\Dangerous\AppData\Local\Astromenda
Folder Found : C:\Users\Dangerous\AppData\Local\AVG SafeGuard toolbar
Folder Found : C:\Users\Dangerous\AppData\Local\DealPlyLive
Folder Found : C:\Users\Dangerous\AppData\Local\DefineExt
Folder Found : C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
Folder Found : C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\dceokjcpppeplbfpnppmlipkibnpfpce
Folder Found : C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\dceokjcpppeplbfpnppmlipkibnpfpce
Folder Found : C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\fodikpbpngkfnojfdhmcbpionjnmffch
Folder Found : C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\fodikpbpngkfnojfdhmcbpionjnmffch
Folder Found : C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Folder Found : C:\Users\Dangerous\AppData\Local\Smartbar
Folder Found : C:\Users\Dangerous\AppData\Local\SwvUpdater
Folder Found : C:\Users\Dangerous\AppData\Local\VNT
Folder Found : C:\Users\Dangerous\AppData\LocalLow\AVG SafeGuard toolbar
Folder Found : C:\Users\Dangerous\AppData\LocalLow\comcasttb
Folder Found : C:\Users\Dangerous\AppData\LocalLow\Conduit
Folder Found : C:\Users\Dangerous\AppData\LocalLow\DataMngr
Folder Found : C:\Users\Dangerous\AppData\LocalLow\PriceGong
Folder Found : C:\Users\Dangerous\AppData\LocalLow\Smartbar
Folder Found : C:\Users\Dangerous\AppData\Roaming\Astromenda
Folder Found : C:\Users\Dangerous\AppData\Roaming\DealPly
Folder Found : C:\Users\Dangerous\AppData\Roaming\hotspot shield
Folder Found : C:\Users\Dangerous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
Folder Found : C:\Users\Dangerous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Folder Found : C:\Users\Dangerous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Converter
Folder Found : C:\Users\Dangerous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
Folder Found : C:\Users\Dangerous\AppData\Roaming\PCFixSpeed
Folder Found : C:\Users\Dangerous\AppData\Roaming\Systweak
Folder Found : C:\Users\Dangerous\AppData\Roaming\wse_astromenda
Folder Found : C:\Users\Dangerous\Documents\Optimizer Pro
Folder Found : C:\Users\QT\AppData\Local\Google\Chrome\User Data\Default\Extensions\dceokjcpppeplbfpnppmlipkibnpfpce
Folder Found : C:\Users\QT\AppData\Local\Google\Chrome\User Data\Default\Extensions\dceokjcpppeplbfpnppmlipkibnpfpce
Folder Found : C:\Users\QT\AppData\Local\Google\Chrome\User Data\Default\Extensions\fodikpbpngkfnojfdhmcbpionjnmffch
Folder Found : C:\Users\QT\AppData\Local\Google\Chrome\User Data\Default\Extensions\fodikpbpngkfnojfdhmcbpionjnmffch
 
***** [ Scheduled Tasks ] *****
 
Task Found : Dealply
Task Found : DealPlyLiveUpdateTaskMachineCore
Task Found : DealPlyLiveUpdateTaskMachineUA
Task Found : WSE_Astromenda
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\intere~1\intere~1.dll
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~3\INTERE~1\INTERE~2.DLL
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\Scorpion Saver
Key Found : HKCU\Software\AppDataLow\Software\ScorpionSaver
Key Found : HKCU\Software\AppDataLow\Software\xfin_portal
Key Found : HKCU\Software\AskPartnerNetwork
Key Found : HKCU\Software\BRS
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKCU\Software\DealPly
Key Found : HKCU\Software\DealPlyLive
Key Found : HKCU\Software\DriverRestore
Key Found : HKCU\Software\eSupport.com
Key Found : HKCU\Software\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
Key Found : HKCU\Software\hotspotshield
Key Found : HKCU\Software\ilivid
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\ImInstaller
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\InstalledBrowserExtensions
Key Found : HKCU\Software\InstalledThirdPartyPrograms
Key Found : HKCU\Software\LinkSwift
Key Found : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\conduit.com
Key Found : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\wajam.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110411181152}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{323420B6-65E5-4657-8106-A27392D4D4AA}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6CB99040-7828-4C37-AC01-F15758F43E4D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE48ED75-5A56-4C5F-BBCE-6F1AC3875F66}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F5580E24-8416-4DFD-90B3-078D4EDF4FCB}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411181152}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{323420B6-65E5-4657-8106-A27392D4D4AA}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6CB99040-7828-4C37-AC01-F15758F43E4D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE48ED75-5A56-4C5F-BBCE-6F1AC3875F66}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DEDAF650-12B8-48F5-A843-BBA100716106}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F5580E24-8416-4DFD-90B3-078D4EDF4FCB}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Video Converter
Key Found : HKCU\Software\Optimizer Pro
Key Found : HKCU\Software\powerpack
Key Found : HKCU\Software\SmartBar
Key Found : HKCU\Software\smartbarbackup
Key Found : HKCU\Software\smartbarlog
Key Found : HKCU\Software\SoftwareUpdater
Key Found : HKCU\Software\SweetIM
Key Found : HKCU\Software\systweak
Key Found : HKCU\Software\torch
Key Found : HKCU\Software\UpdateFiles
Key Found : HKCU\Software\usyndication.com
Key Found : HKCU\Software\WSE_Astromenda
Key Found : [x64] HKCU\Software\AskPartnerNetwork
Key Found : [x64] HKCU\Software\BRS
Key Found : [x64] HKCU\Software\DataMngr_Toolbar
Key Found : [x64] HKCU\Software\DealPly
Key Found : [x64] HKCU\Software\DealPlyLive
Key Found : [x64] HKCU\Software\DriverRestore
Key Found : [x64] HKCU\Software\eSupport.com
Key Found : [x64] HKCU\Software\hotspotshield
Key Found : [x64] HKCU\Software\ilivid
Key Found : [x64] HKCU\Software\IM
Key Found : [x64] HKCU\Software\ImInstaller
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\InstalledBrowserExtensions
Key Found : [x64] HKCU\Software\InstalledThirdPartyPrograms
Key Found : [x64] HKCU\Software\LinkSwift
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : [x64] HKCU\Software\Optimizer Pro
Key Found : [x64] HKCU\Software\powerpack
Key Found : [x64] HKCU\Software\SmartBar
Key Found : [x64] HKCU\Software\smartbarbackup
Key Found : [x64] HKCU\Software\smartbarlog
Key Found : [x64] HKCU\Software\SoftwareUpdater
Key Found : [x64] HKCU\Software\SweetIM
Key Found : [x64] HKCU\Software\systweak
Key Found : [x64] HKCU\Software\torch
Key Found : [x64] HKCU\Software\UpdateFiles
Key Found : [x64] HKCU\Software\usyndication.com
Key Found : [x64] HKCU\Software\WSE_Astromenda
Key Found : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Found : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Found : HKLM\SOFTWARE\Adpeak, Inc.
Key Found : HKLM\SOFTWARE\AskPartnerNetwork
Key Found : HKLM\SOFTWARE\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\BetterSurf
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{38495740-0035-4471-851E-F5BBB86AB085}
Key Found : HKLM\SOFTWARE\Classes\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}
Key Found : HKLM\SOFTWARE\Classes\AppID\{49BC4DD1-0E69-4611-9164-0009538C5E46}
Key Found : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Found : HKLM\SOFTWARE\Classes\AppID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9DC8FA51-B596-4F77-802C-5B295919C205}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Key Found : HKLM\SOFTWARE\Classes\AppID\AdpeakProxy.exe
Key Found : HKLM\SOFTWARE\Classes\AppID\dealplylive.exe
Key Found : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\PricePeep.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{08635077-8829-49E2-B338-C968817EB460}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0D89DE71-3D99-4288-84DC-F18F1047A7D8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411181152}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1E0C9B2A-6447-452C-B012-2314A0C29412}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{20A3F109-F7C1-47B4-8098-8E654B264B1D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422182252}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{323420B6-65E5-4657-8106-A27392D4D4AA}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{34A8CEB6-89BB-49F1-B5E4-0D0D6C21F3B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3A4DBD3A-98CC-41CE-AD21-352D42B6F754}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4F8A50F6-69DE-4BE3-A33A-A1079B9AC0DB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{501CB57A-D4E2-4855-96AD-EDB0A9083395}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6FF2C4DD-77A4-4BB5-BA4C-B42DEFBF9137}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{83ABA270-8390-4CA6-AE48-FC089F55629E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8B218A5F-1A3D-4347-94EF-A79575EB8094}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8C7478AB-3155-463E-936F-55F91F0F10D0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9BDB5E09-4BBA-4422-8C2B-529B281C32B8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9E1B65EE-A131-42B4-94CA-847505E2F611}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C536F080-57B7-46D6-8894-C647553F2889}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CA5D945F-E738-4D0B-A0B5-25AC51C64659}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F5580E24-8416-4DFD-90B3-078D4EDF4FCB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F7698761-4ABA-45C2-A5BB-D2163922C725}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FFCC53E6-2655-47FC-A89B-54E8D7F305D1}
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0041852.BHO
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0041852.BHO.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0041852.Sandbox
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0041852.Sandbox.1
Key Found : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickCtrl.9
Key Found : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine
Key Found : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\DealPlyLive.Update3WebControl.3
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync.1.0
Key Found : HKLM\SOFTWARE\Classes\dealplyliveupdate.coreclass
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreClass.1
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass.1
Key Found : HKLM\SOFTWARE\Classes\dealplyliveupdate.credentialdialogmachine
Key Found : HKLM\SOFTWARE\Classes\dealplyliveupdate.credentialdialogmachine.1.0
Key Found : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachine
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachinefallback
Key Found : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachinefallback.1.0
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassSvc
Key Found : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclasssvc.1.0
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher.1.0
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService.1.0
Key Found : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachine
Key Found : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachine.1.0
Key Found : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachinefallback
Key Found : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachinefallback.1.0
Key Found : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3websvc
Key Found : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3websvc.1.0
Key Found : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser
Key Found : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1
Key Found : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX
Key Found : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1
Key Found : HKLM\SOFTWARE\Classes\HssIE.HssIEApp
Key Found : HKLM\SOFTWARE\Classes\HssIE.HssIEApp.1
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.bho
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\6BA018E6E43F3A949AF3E90563067F81
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\6BA018E6E43F3A949AF3E90563067F81
Key Found : HKLM\SOFTWARE\Classes\Interface\{0214A12B-C5A3-437F-A6F3-068ABCD8C85E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Found : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455185552}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466186652}
Key Found : HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{96DD9437-5D20-4EFB-BF52-A4A605A4E0AA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Found : HKLM\SOFTWARE\Classes\PCProxy.DataContainer
Key Found : HKLM\SOFTWARE\Classes\PricePeep.PricePeepBho
Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3289847
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444184452}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444184452}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4A11A6BD-7880-49BD-92D4-6F09D0BD3250}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{68DE31F7-43FF-4EE2-B88B-10665016970D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73}
Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\SOFTWARE\CompeteInc
Key Found : HKLM\SOFTWARE\DealPly
Key Found : HKLM\SOFTWARE\DealPlyLive
Key Found : HKLM\SOFTWARE\Default Tab
Key Found : HKLM\SOFTWARE\DefaultTab
Key Found : HKLM\SOFTWARE\Fast Free Converter
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\kiplfnciaokpcennlkldkdaeaaomamof
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\poheodfamflhhhdcmjfeggbgigeefaco
Key Found : HKLM\SOFTWARE\iLividSRTB
Key Found : HKLM\SOFTWARE\InstallCore
Key Found : HKLM\SOFTWARE\LinkSwift
Key Found : HKLM\SOFTWARE\MediaPlayerV1
Key Found : HKLM\SOFTWARE\MediaViewV1
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1791C1B5-FFD0-4D4B-ABCD-7A7DF6EAA89C}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49BC4DD1-0E69-4611-9164-0009538C5E46}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C536F080-57B7-46D6-8894-C647553F2889}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411181152}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{323420B6-65E5-4657-8106-A27392D4D4AA}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE48ED75-5A56-4C5F-BBCE-6F1AC3875F66}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5580E24-8416-4DFD-90B3-078D4EDF4FCB}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110411181152}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{c632643}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Fast Free Converter
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hotspotshield
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Results Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Software Updater_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WSE_Astromenda
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3
Key Found : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9
Key Found : HKLM\SOFTWARE\SweetIM
Key Found : HKLM\SOFTWARE\systweak
Key Found : HKLM\SOFTWARE\TermTutor
Key Found : HKLM\SOFTWARE\torch
Key Found : [x64] HKLM\SOFTWARE\Adpeak, Inc.
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411181152}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422182252}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{F5580E24-8416-4DFD-90B3-078D4EDF4FCB}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0214A12B-C5A3-437F-A6F3-068ABCD8C85E}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{15527BF5-9729-49DC-889C-9F956983154C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2830488C-079B-45C2-88B6-AFE4EAA2DF85}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455185552}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466186652}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{96DD9437-5D20-4EFB-BF52-A4A605A4E0AA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{DD05B915-F77B-474A-9D42-9FEEAF5475C4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Found : [x64] HKLM\SOFTWARE\DataMngr
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
Key Found : [x64] HKLM\SOFTWARE\InstalledThirdPartyPrograms
Key Found : [x64] HKLM\SOFTWARE\LevelQualityWatcher
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49BC4DD1-0E69-4611-9164-0009538C5E46}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411181152}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5580E24-8416-4DFD-90B3-078D4EDF4FCB}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\070C83CAC0BBFE455B6212FB4397793C
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1C19AC53289098045B06B0DD1D37CBAB
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23D9E9D21B4E77E41B9F50DD22F24E20
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23EEA1F105A7F45449974D9B95E7AC89
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\26982796A8AFD1246B95E00265A95BF9
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\32DA746012E6D4F488AAD113D6FA4A44
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\382E585E62B6F595CB727CEBAB9E48A0
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3B786268CB4A7F156A3BDF6701444F22
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3FB1AAC4382437047A03618BF727B859
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\42D92D0D75AFEF74297E03876C8D9D33
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4D2EB987C8C8A46578D4943D5A9A1467
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\50FFE845C555A6E4BADB7CB7A145BFEB
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6FB4398202577895B83B74B08F79C3A2
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\715A3348920B6534690067594BB69F60
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7617C782A0FD4D15288CD4E4ECF84C67
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7AB2AE85638F6255CA2F35481D3A8828
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7B7B13B037A7C2A42AC3E3EAF14D7107
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7D05B2942E9CC80499F397F6114DFB35
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8591B8948E1C4A04F90505B3CDEE8555
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D841C5FEC311624CB88D49DB3884FA7
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9BBBCEE5468FF9C569B1F7A24F6ED3D8
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A1A8F5D2D938A495DBE3BC97E2BC5FA3
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AD746BF3B3B3FD8409B86604BA85982A
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2E5AC6B3591558529A290643010F81B
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5E8CD27C9B1C435AAB81D8619DCEFE3
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F355F0DB7A2E3A14B8E7A568FBA25937
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6BA018E6E43F3A949AF3E90563067F81
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6E810AB6-F34E-49A3-A93F-9E503660F718}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Key Found : [x64] HKLM\SOFTWARE\Scorpion Saver
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BRS]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17344
 
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://astromenda.com/?f=1&a=ast_dnldstr_14_40_ch&cd=2XzuyEtN2Y1L1Qzu0EtDtDyC0EyCtCyBtAyB0B0FzytByEtCtN0D0Tzu0StCtDtDyEtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StDtAtC0E0ByC0B0CtGtDyByByCtGyByCyEyEtG0A0EyCyDtGtB0DtBtD0D0F0B0AyDyD0BtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0DtCtD0D0DtDyDtG0FtDyEyBtGyEzz0AyEtG0BtDyD0AtG0AzztDtDzy0A0CtD0D0F0AtA2Q&cr=571490522&ir=
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://search.findwide.com/?guid={5113DA32-5963-443B-BF0C-31E2763C4E04}&serpv=22
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKTsRdIV5F5NNlgQm3zZdN2XEe6u704a6qVJqSpBcJ21CenqRixNUt4hsfc7CKdYiAVhkCxY1ofU-GOgel48BAhIbnjDblnUhp00Mki1ueuA3jmnHJLUdulaHwbHhBn5C6mV9ucAD-gCBKE768,&q={searchTerms}
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKTsRdIV5F5NNlgQm3zZdN2XEe6u704a6qVJqSpBcJ21CenqRixNUt4hsfc7CKdYiAVhkCxY1ofU-GOgel48BAhIbnjDblnUhp00Mki1ueuA3jmnHJLUdulaHwbHhBn5C6mV9ucAD-gCBKE768,&q={searchTerms}
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKTsRdIV5F5NNlgQm3zZdN2XEe6u704a6qVJqSpBcJ21CenqRixNUt4hsfc7CKdYiAVhkCxY1ofU-GOgel48BAhIbnjDblnUhp00Mki1ueuA3jmnHJLUdulaHwbHhBn5C6mV9ucAD-gCBKE768,&q={searchTerms}
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKTsRdIV5F5NNlgQm3zZdN2XEe6u704a6qVJqSpBcJ21CenqRixNUt4hsfc7CKdYiAVhkCxY1ofU-GOgel48BAhIbnjDblnUhp00Mki1ueuA3jmnHJLUdulaHwbHhBn5C6mV9ucAD-gCBKE768,&q={searchTerms}
Setting Found : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKTsRdIV5F5NNlgQm3zZdN2XEe6u704a6qVJqSpBcJ21CenqRixNUt4hsfc7CKdYiAVhkCxY1ofU-GOgel48BAhIbnjDblnUhp00Mki1ueuA3jmnHJLUdulaHwbHhBn5C6mV9ucAD-gCBKE768,&q={searchTerms}
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKTsRdIV5F5NNlgQm3zZdN2XEe6u704a6qVJqSpBcJ21CenqRixNUt4hsfc7CKdYiAVhkCxY1ofU-GOgel48BAhIbnjDblnUhp00Mki1ueuA3jmnHJLUdulaHwbHhBn5C6mV9ucAD-gCBKE768,&q={searchTerms}
 
-\\ Google Chrome v31.0.1650.63
 
 
*************************
 
AdwCleaner[R0].txt - [44647 octets] - [22/10/2014 23:49:00]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [44708 octets] ##########
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.21.2014:1)
OS: Windows 7 Home Premium x64
Ran by Dangerous on Wed 10/22/2014 at 23:59:09.27
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
Successfully stopped: [Service] 0c632643 
Successfully deleted: [Service] 0c632643 
Successfully stopped: [Service] backupstack 
Successfully deleted: [Service] backupstack 
Successfully stopped: [Service] dealplylive 
Successfully deleted: [Service] dealplylive 
Successfully stopped: [Service] dealplylivem 
Successfully deleted: [Service] dealplylivem 
Successfully stopped: [Service] defaulttabupdate 
Successfully deleted: [Service] defaulttabupdate 
Successfully stopped: [Service] fastfreeconverterupdt 
Successfully deleted: [Service] fastfreeconverterupdt 
Failed to stop: [Service] hsswd 
Successfully stopped: [Service] update linkswift 
Successfully deleted: [Service] update linkswift 
Successfully stopped: [Service] util linkswift 
Successfully deleted: [Service] util linkswift 
Successfully stopped: [Service] APNMCP
Successfully deleted: [Service] APNMCP
 
 
 
~~~ Registry Values
 
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\brs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113}
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-3031197819-1423011399-4028574408-1000\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Bar
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\Default_Search_URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL\\Default
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\searchURL\\Default
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update linkswift
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\util linkswift
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0041852.BHO
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0041852.BHO.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0041852.Sandbox
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0041852.Sandbox.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Toolbar.CT3289847
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110411181152}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220422182252}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550455185552}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660466186652}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440444184452}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110411181152}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220422182252}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550455185552}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660466186652}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440444184452}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0041852.BHO
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0041852.BHO.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0041852.Sandbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0041852.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3289847
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550455185552}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660466186652}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440444184452}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110411181152}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411181152}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updateLinkSwift_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updateLinkSwift_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\utilLinkSwift_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\utilLinkSwift_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividMediaBar_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividMediaBar_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110411181152}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550455185552}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660466186652}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440444184452}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\updateLinkSwift_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\updateLinkSwift_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\utilLinkSwift_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\utilLinkSwift_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividMediaBar_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividMediaBar_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411181152}
Successfully deleted: [Registry Key] "hkey_current_user\software\askpartnernetwork"
Successfully deleted: [Registry Key] "hkey_local_machine\software\askpartnernetwork"
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE48ED75-5A56-4C5F-BBCE-6F1AC3875F66}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{323420b6-65e5-4657-8106-a27392d4d4aa}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{323420b6-65e5-4657-8106-a27392d4d4aa}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ae48ed75-5a56-4c5f-bbce-6f1ac3875f66}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{ae48ed75-5a56-4c5f-bbce-6f1ac3875f66}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{323420b6-65e5-4657-8106-a27392d4d4aa}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{323420b6-65e5-4657-8106-a27392d4d4aa}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ae48ed75-5a56-4c5f-bbce-6f1ac3875f66}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{ae48ed75-5a56-4c5f-bbce-6f1ac3875f66}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
 
 
 
~~~ Files
 
Successfully deleted: [File] C:\Windows\Tasks\LyricsParty-1-chromeinstaller.job
Successfully deleted: [File] C:\Windows\Tasks\LyricsParty-1-codedownloader.job
Successfully deleted: [File] C:\Windows\Tasks\LyricsParty-1-enabler.job
Successfully deleted: [File] C:\Windows\Tasks\LyricsParty-1-updater.job
Successfully deleted: [File] C:\Windows\Tasks\Dealply.job
Successfully deleted: [File] C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
Successfully deleted: [File] C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
Successfully deleted: [File] "C:\Users\Dangerous\appdata\local\google\chrome\user data\default\local storage\http_app.mam.conduit.com_0.localstorage"
Successfully deleted: [File] "C:\Users\Dangerous\appdata\local\google\chrome\user data\default\local storage\http_app.mam.conduit.com_0.localstorage-journal"
Successfully deleted: [File] "C:\Users\Dangerous\appdata\local\google\chrome\user data\default\local storage\http_search.conduit.com_0.localstorage"
Successfully deleted: [File] "C:\Users\Dangerous\appdata\local\google\chrome\user data\default\local storage\http_search.conduit.com_0.localstorage-journal"
Successfully deleted: [File] "C:\Users\Dangerous\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage"
Successfully deleted: [File] "C:\Users\Dangerous\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage-journal"
Successfully deleted: [File] "C:\Users\Dangerous\appdata\local\google\chrome\user data\default\local storage\http_www.wajam.com_0.localstorage"
Successfully deleted: [File] "C:\Users\Dangerous\appdata\local\google\chrome\user data\default\local storage\http_www.wajam.com_0.localstorage-journal"
Successfully deleted: [File] "C:\Users\Dangerous\appdata\locallow\skwconfig.bin"
Successfully deleted: [File] C:\Windows\prefetch\DEALPLYLIVE.EXE-EC78F127.pf
Successfully deleted: [File] C:\Windows\prefetch\DEALPLYLIVEHANDLER.EXE-C0B57938.pf
Successfully deleted: [File] C:\Windows\prefetch\DRIVER RESTORE.EXE-22BD7F09.pf
Successfully deleted: [File] C:\Windows\prefetch\DRIVERRESTORE.EXE-A459080E.pf
Successfully deleted: [File] C:\Windows\prefetch\DRIVERRESTORE.EXE-F2026631.pf
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] C:\ProgramData\ddEalpeak
Successfully deleted: [Folder] C:\ProgramData\FiNeDeiaoluSoft
Successfully deleted: [Folder] C:\ProgramData\saverr box
Successfully deleted: [Folder] C:\ProgramData\SaaverPro
Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\ProgramData\dealplylive"
Successfully deleted: [Folder] "C:\ProgramData\hotspot shield"
Successfully deleted: [Folder] "C:\Users\Dangerous\AppData\Roaming\dealply"
Successfully deleted: [Folder] "C:\Users\Dangerous\AppData\Roaming\hotspot shield"
Successfully deleted: [Folder] "C:\Users\Dangerous\AppData\Roaming\pcfixspeed"
Successfully deleted: [Folder] "C:\Users\Dangerous\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Users\Dangerous\appdata\local\dealplylive"
Successfully deleted: [Folder] "C:\Users\Dangerous\appdata\local\defineext"
Failed to delete: [Folder] "C:\Users\Dangerous\appdata\local\smartbar"
Successfully deleted: [Folder] "C:\Users\Dangerous\appdata\local\swvupdater"
Successfully deleted: [Folder] "C:\Users\Dangerous\appdata\locallow\comcasttb"
Successfully deleted: [Folder] "C:\Users\Dangerous\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Dangerous\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Users\Dangerous\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Users\Dangerous\appdata\locallow\smartbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\driver support"
Successfully deleted: [Folder] "C:\Program Files (x86)\fast free converter"
Successfully deleted: [Folder] "C:\Program Files (x86)\file type helper"
Failed to delete: [Folder] "C:\Program Files (x86)\hotspot shield"
Successfully deleted: [Folder] "C:\Program Files (x86)\optimizer pro"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\driver support"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pc fix speed"
Successfully deleted: [Folder] "C:\Users\Dangerous\AppData\Roaming\microsoft\windows\start menu\programs\dealply"
Successfully deleted: [Folder] "C:\Users\Dangerous\AppData\Roaming\microsoft\windows\start menu\programs\mypc backup"
Successfully deleted: [Folder] "C:\Users\Dangerous\AppData\Roaming\microsoft\windows\start menu\programs\wajam"
Successfully deleted: [Folder] "C:\Users\Dangerous\documents\optimizer pro"
Successfully deleted: [Folder] "C:\ProgramData\ask"
Successfully deleted: [Folder] "C:\ProgramData\AskPartnerNetwork"
Failed to delete: [Folder] "C:\Program Files (x86)\askpartnernetwork"
 
 
 
~~~ Chrome
 
Failed to delete: [Folder] C:\Users\Dangerous\appdata\local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
Failed to delete: [Folder] C:\Users\Dangerous\appdata\local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\kiplfnciaokpcennlkldkdaeaaomamof
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\odpccdgkmiicgocepijnaeihjnjnomca
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\poheodfamflhhhdcmjfeggbgigeefaco
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 10/23/2014 at  0:29:07.92
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#8 pendaless

pendaless

    New Member

  • Authentic Member
  • Pip
  • 6 posts

Posted 23 October 2014 - 02:59 AM

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 10/23/2014
Scan Time: 12:45:01 AM
Logfile: 
Administrator: Yes
 
Version: 2.00.3.1025
Malware Database: v2014.10.23.02
Rootkit Database: v2014.10.22.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Dangerous
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 364923
Time Elapsed: 36 min, 56 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 228
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\CLASSES\APPID\{38495740-0035-4471-851E-F5BBB86AB085}, , [a47a85935824f4423bb1278224de17e9], 
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{38495740-0035-4471-851E-F5BBB86AB085}, , [a47a85935824f4423bb1278224de17e9], 
PUP.Optional.PricePeep.A, HKLM\SOFTWARE\CLASSES\APPID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}, , [918d1afedd9fdb5ba485974641c1768a], 
PUP.Optional.PricePeep.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}, , [918d1afedd9fdb5ba485974641c1768a], 
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\CLASSES\APPID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}, , [1a04fa1e9ede8ea8e508c1e8c63cb64a], 
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}, , [1a04fa1e9ede8ea8e508c1e8c63cb64a], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\APPID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}, , [b26ce434f488b87ea968e1fce121fa06], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.OnDemandCOMClassSvc, , [b26ce434f488b87ea968e1fce121fa06], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.OnDemandCOMClassSvc.1.0, , [b26ce434f488b87ea968e1fce121fa06], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.OnDemandCOMClassSvc, , [b26ce434f488b87ea968e1fce121fa06], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.OnDemandCOMClassSvc.1.0, , [b26ce434f488b87ea968e1fce121fa06], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}, , [b26ce434f488b87ea968e1fce121fa06], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}, , [b26ce434f488b87ea968e1fce121fa06], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\APPID\{F48FC5B2-094A-44C7-B48C-289738C9582D}, , [c6584ccc6913fb3b9181c419cc36e818], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.Update3COMClassService, , [c6584ccc6913fb3b9181c419cc36e818], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.Update3COMClassService.1.0, , [c6584ccc6913fb3b9181c419cc36e818], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.Update3COMClassService, , [c6584ccc6913fb3b9181c419cc36e818], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.Update3COMClassService.1.0, , [c6584ccc6913fb3b9181c419cc36e818], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{F48FC5B2-094A-44C7-B48C-289738C9582D}, , [c6584ccc6913fb3b9181c419cc36e818], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{F48FC5B2-094A-44C7-B48C-289738C9582D}, , [c6584ccc6913fb3b9181c419cc36e818], 
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\CLASSES\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, , [31ed9a7e1b611b1b3c09776562a007f9], 
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\CLASSES\IESmartBar.BHO, , [31ed9a7e1b611b1b3c09776562a007f9], 
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, , [31ed9a7e1b611b1b3c09776562a007f9], 
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\IESmartBar.BHO, , [31ed9a7e1b611b1b3c09776562a007f9], 
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, , [31ed9a7e1b611b1b3c09776562a007f9], 
PUP.Optional.QuickShare.A, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, , [31ed9a7e1b611b1b3c09776562a007f9], 
PUP.Optional.QuickShare.A, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, , [31ed9a7e1b611b1b3c09776562a007f9], 
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, , [8f8f6dab522a6cca488efae290721ae6], 
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, , [8f8f6dab522a6cca488efae290721ae6], 
PUP.Optional.DynConIE.A, HKLM\SOFTWARE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, , [908ebf595a223ef8164b5e4afe0456aa], 
PUP.Optional.DynConIE.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, , [908ebf595a223ef8164b5e4afe0456aa], 
PUP.Optional.FastFreeConverter.A, HKLM\SOFTWARE\CLASSES\CLSID\{F5580E24-8416-4DFD-90B3-078D4EDF4FCB}, , [36e820f8f488c76fbd27dc0058aa9e62], 
PUP.Optional.FastFreeConverter.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{FA5C5536-2B19-4E28-B9D6-9143B3499F46}, , [36e820f8f488c76fbd27dc0058aa9e62], 
PUP.Optional.FastFreeConverter.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{354BEC8C-21B7-497B-B2D5-F6A522A46F7D}, , [36e820f8f488c76fbd27dc0058aa9e62], 
PUP.Optional.FastFreeConverter.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{354BEC8C-21B7-497B-B2D5-F6A522A46F7D}, , [36e820f8f488c76fbd27dc0058aa9e62], 
PUP.Optional.FastFreeConverter.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{FA5C5536-2B19-4E28-B9D6-9143B3499F46}, , [36e820f8f488c76fbd27dc0058aa9e62], 
PUP.Optional.FastFreeConverter.A, HKLM\SOFTWARE\CLASSES\FastFreeConverter.1, , [36e820f8f488c76fbd27dc0058aa9e62], 
PUP.Optional.FastFreeConverter.A, HKLM\SOFTWARE\CLASSES\FastFreeConverter, , [36e820f8f488c76fbd27dc0058aa9e62], 
PUP.Optional.FastFreeConverter.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FastFreeConverter, , [36e820f8f488c76fbd27dc0058aa9e62], 
PUP.Optional.FastFreeConverter.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{F5580E24-8416-4DFD-90B3-078D4EDF4FCB}, , [36e820f8f488c76fbd27dc0058aa9e62], 
PUP.Optional.FastFreeConverter.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{F5580E24-8416-4DFD-90B3-078D4EDF4FCB}, , [36e820f8f488c76fbd27dc0058aa9e62], 
PUP.Optional.FastFreeConverter.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FastFreeConverter.1, , [36e820f8f488c76fbd27dc0058aa9e62], 
PUP.Optional.FastFreeConverter.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{F5580E24-8416-4DFD-90B3-078D4EDF4FCB}, , [36e820f8f488c76fbd27dc0058aa9e62], 
PUP.Optional.FastFreeConverter.A, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{F5580E24-8416-4DFD-90B3-078D4EDF4FCB}, , [36e820f8f488c76fbd27dc0058aa9e62], 
PUP.Optional.FastFreeConverter.A, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{F5580E24-8416-4DFD-90B3-078D4EDF4FCB}, , [36e820f8f488c76fbd27dc0058aa9e62], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{1E0C9B2A-6447-452C-B012-2314A0C29412}, , [bd612eea3e3ec472b261ab32e1219868], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.OnDemandCOMClassMachineFallback.1.0, , [bd612eea3e3ec472b261ab32e1219868], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.OnDemandCOMClassMachineFallback, , [bd612eea3e3ec472b261ab32e1219868], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.OnDemandCOMClassMachineFallback, , [bd612eea3e3ec472b261ab32e1219868], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.OnDemandCOMClassMachineFallback.1.0, , [bd612eea3e3ec472b261ab32e1219868], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{34A8CEB6-89BB-49F1-B5E4-0D0D6C21F3B1}, , [e7372bed0d6f93a3d242dffedb27a35d], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.CredentialDialogMachine.1.0, , [e7372bed0d6f93a3d242dffedb27a35d], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.CredentialDialogMachine, , [e7372bed0d6f93a3d242dffedb27a35d], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.CredentialDialogMachine, , [e7372bed0d6f93a3d242dffedb27a35d], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.CredentialDialogMachine.1.0, , [e7372bed0d6f93a3d242dffedb27a35d], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3A4DBD3A-98CC-41CE-AD21-352D42B6F754}, , [839b74a4ea922b0bc1545e7f7d857987], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.CoCreateAsync.1.0, , [839b74a4ea922b0bc1545e7f7d857987], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.CoCreateAsync, , [839b74a4ea922b0bc1545e7f7d857987], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.CoCreateAsync, , [839b74a4ea922b0bc1545e7f7d857987], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.CoCreateAsync.1.0, , [839b74a4ea922b0bc1545e7f7d857987], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4F8A50F6-69DE-4BE3-A33A-A1079B9AC0DB}, , [8896b26658242214090d25b855add52b], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.Update3WebMachineFallback.1.0, , [8896b26658242214090d25b855add52b], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.Update3WebMachineFallback, , [8896b26658242214090d25b855add52b], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.Update3WebMachineFallback, , [8896b26658242214090d25b855add52b], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.Update3WebMachineFallback.1.0, , [8896b26658242214090d25b855add52b], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{501CB57A-D4E2-4855-96AD-EDB0A9083395}, , [908ef22692ea1b1ba770fbe235cd0000], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.CoreMachineClass.1, , [908ef22692ea1b1ba770fbe235cd0000], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.CoreMachineClass, , [908ef22692ea1b1ba770fbe235cd0000], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.CoreMachineClass, , [908ef22692ea1b1ba770fbe235cd0000], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.CoreMachineClass.1, , [908ef22692ea1b1ba770fbe235cd0000], 
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}, , [f32b21f7611b8caa94d95f50ae54d42c], 
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\CLASSES\TYPELIB\{A0EE0278-2986-4E5A-884E-A3BF0357E476}, , [f32b21f7611b8caa94d95f50ae54d42c], 
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\CLASSES\INTERFACE\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}, , [f32b21f7611b8caa94d95f50ae54d42c], 
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}, , [f32b21f7611b8caa94d95f50ae54d42c], 
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{A0EE0278-2986-4E5A-884E-A3BF0357E476}, , [f32b21f7611b8caa94d95f50ae54d42c], 
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\CLASSES\Updater.AmiUpd.1, , [f32b21f7611b8caa94d95f50ae54d42c], 
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\CLASSES\Updater.AmiUpd, , [f32b21f7611b8caa94d95f50ae54d42c], 
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Updater.AmiUpd, , [f32b21f7611b8caa94d95f50ae54d42c], 
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Updater.AmiUpd.1, , [f32b21f7611b8caa94d95f50ae54d42c], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{6FF2C4DD-77A4-4BB5-BA4C-B42DEFBF9137}, , [47d76dab3d3f5dd9c751a73680824ab6], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.ProcessLauncher.1.0, , [47d76dab3d3f5dd9c751a73680824ab6], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.ProcessLauncher, , [47d76dab3d3f5dd9c751a73680824ab6], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.ProcessLauncher, , [47d76dab3d3f5dd9c751a73680824ab6], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.ProcessLauncher.1.0, , [47d76dab3d3f5dd9c751a73680824ab6], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{83ABA270-8390-4CA6-AE48-FC089F55629E}, , [48d6b16788f40b2b4dcc20bd9d65e21e], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.OnDemandCOMClassMachine.1.0, , [48d6b16788f40b2b4dcc20bd9d65e21e], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.OnDemandCOMClassMachine, , [48d6b16788f40b2b4dcc20bd9d65e21e], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.OnDemandCOMClassMachine, , [48d6b16788f40b2b4dcc20bd9d65e21e], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.OnDemandCOMClassMachine.1.0, , [48d6b16788f40b2b4dcc20bd9d65e21e], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{8B218A5F-1A3D-4347-94EF-A79575EB8094}, , [eb334ccca1db0e28bc5e974636cc847c], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}, , [140aa1770a72f145b26946979e64e21e], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLive.Update3WebControl.3, , [140aa1770a72f145b26946979e64e21e], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLive.Update3WebControl.3, , [140aa1770a72f145b26946979e64e21e], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}, , [140aa1770a72f145b26946979e64e21e], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}, , [140aa1770a72f145b26946979e64e21e], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{9BDB5E09-4BBA-4422-8C2B-529B281C32B8}, , [2df13bdd295371c5978579643fc3be42], 
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A1E28287-1A31-4b0f-8D05-AA8C465D3C5A}, , [a67847d1601c45f1cc229415986a8b75], 
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73}, , [a67847d1601c45f1cc229415986a8b75], 
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}, , [a67847d1601c45f1cc229415986a8b75], 
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{BE89FFB3-7F9C-4A16-B475-98B195A06628}, , [a67847d1601c45f1cc229415986a8b75], 
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}, , [a67847d1601c45f1cc229415986a8b75], 
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{BE89FFB3-7F9C-4A16-B475-98B195A06628}, , [a67847d1601c45f1cc229415986a8b75], 
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73}, , [a67847d1601c45f1cc229415986a8b75], 
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\CLASSES\DefaultTabBHO.DefaultTabBrowserActiveX.1, , [a67847d1601c45f1cc229415986a8b75], 
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\CLASSES\DefaultTabBHO.DefaultTabBrowserActiveX, , [a67847d1601c45f1cc229415986a8b75], 
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DefaultTabBHO.DefaultTabBrowserActiveX, , [a67847d1601c45f1cc229415986a8b75], 
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DefaultTabBHO.DefaultTabBrowserActiveX.1, , [a67847d1601c45f1cc229415986a8b75], 
PUP.Optional.DefaultTab.A, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}, , [a67847d1601c45f1cc229415986a8b75], 
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}, , [a67847d1601c45f1cc229415986a8b75], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C536F080-57B7-46D6-8894-C647553F2889}, , [a07ed048aece1a1cb964d10c1fe335cb], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLive.OneClickProcessLauncherMachine.1.0, , [a07ed048aece1a1cb964d10c1fe335cb], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLive.OneClickProcessLauncherMachine, , [a07ed048aece1a1cb964d10c1fe335cb], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLive.OneClickProcessLauncherMachine, , [a07ed048aece1a1cb964d10c1fe335cb], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLive.OneClickProcessLauncherMachine.1.0, , [a07ed048aece1a1cb964d10c1fe335cb], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C536F080-57B7-46D6-8894-C647553F2889}, , [a07ed048aece1a1cb964d10c1fe335cb], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CA5D945F-E738-4D0B-A0B5-25AC51C64659}, , [011d1bfd2953c3739d814d9023df8b75], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.CoreClass.1, , [011d1bfd2953c3739d814d9023df8b75], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.CoreClass, , [011d1bfd2953c3739d814d9023df8b75], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.CoreClass, , [011d1bfd2953c3739d814d9023df8b75], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.CoreClass.1, , [011d1bfd2953c3739d814d9023df8b75], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{F7698761-4ABA-45C2-A5BB-D2163922C725}, , [40de64b47efe171f0c13dc01e1214fb1], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.Update3WebSvc.1.0, , [40de64b47efe171f0c13dc01e1214fb1], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.Update3WebSvc, , [40de64b47efe171f0c13dc01e1214fb1], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.Update3WebSvc, , [40de64b47efe171f0c13dc01e1214fb1], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.Update3WebSvc.1.0, , [40de64b47efe171f0c13dc01e1214fb1], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{FFCC53E6-2655-47FC-A89B-54E8D7F305D1}, , [4dd1d741dca038fe59c776670bf7b34d], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.Update3WebMachine.1.0, , [4dd1d741dca038fe59c776670bf7b34d], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.Update3WebMachine, , [4dd1d741dca038fe59c776670bf7b34d], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.Update3WebMachine, , [4dd1d741dca038fe59c776670bf7b34d], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.Update3WebMachine.1.0, , [4dd1d741dca038fe59c776670bf7b34d], 
Adware.Agent, HKLM\SOFTWARE\CLASSES\TYPELIB\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408}, , [ef2f0b0d5c20e84e3a6ea8033dc5a759], 
Adware.Agent, HKLM\SOFTWARE\CLASSES\INTERFACE\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}, , [ef2f0b0d5c20e84e3a6ea8033dc5a759], 
Adware.Agent, HKLM\SOFTWARE\CLASSES\INTERFACE\{75BF416E-4326-45B5-8A2D-AE32D05B930B}, , [ef2f0b0d5c20e84e3a6ea8033dc5a759], 
Adware.Agent, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}, , [ef2f0b0d5c20e84e3a6ea8033dc5a759], 
Adware.Agent, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{75BF416E-4326-45B5-8A2D-AE32D05B930B}, , [ef2f0b0d5c20e84e3a6ea8033dc5a759], 
Adware.Agent, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408}, , [ef2f0b0d5c20e84e3a6ea8033dc5a759], 
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, , [fe209484126a3ff7bbbd525190728b75], 
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, , [fe209484126a3ff7bbbd525190728b75], 
PUP.Optional.DefaultTab.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{7F6AFBF1-E065-4627-A2FD-810366367D01}, , [5fbf31e7e498b3835fbd7535f50d17e9], 
PUP.Optional.DefaultTab.A, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{7F6AFBF1-E065-4627-A2FD-810366367D01}, , [5fbf31e7e498b3835fbd7535f50d17e9], 
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\CLASSES\DefaultTabBHO.DefaultTabBrowser, , [5fbf31e7e498b3835fbd7535f50d17e9], 
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\CLASSES\DefaultTabBHO.DefaultTabBrowser.1, , [5fbf31e7e498b3835fbd7535f50d17e9], 
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DefaultTabBHO.DefaultTabBrowser, , [5fbf31e7e498b3835fbd7535f50d17e9], 
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DefaultTabBHO.DefaultTabBrowser.1, , [5fbf31e7e498b3835fbd7535f50d17e9], 
PUP.Optional.DefaultTab.A, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{7F6AFBF1-E065-4627-A2FD-810366367D01}, , [5fbf31e7e498b3835fbd7535f50d17e9], 
PUP.Optional.DefaultTab.A, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{7F6AFBF1-E065-4627-A2FD-810366367D01}, , [5fbf31e7e498b3835fbd7535f50d17e9], 
PUP.Optional.DefaultTab.A, HKU\S-1-5-21-3031197819-1423011399-4028574408-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{7F6AFBF1-E065-4627-A2FD-810366367D01}, , [5fbf31e7e498b3835fbd7535f50d17e9], 
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{7F6AFBF1-E065-4627-A2FD-810366367D01}, , [5fbf31e7e498b3835fbd7535f50d17e9], 
PUP.Optional.LinkSwift.A, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{323420B6-65E5-4657-8106-A27392D4D4AA}, , [f72756c2512b2d09ad45c3e6c73be51b], 
PUP.Optional.LinkSwift.A, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{323420B6-65E5-4657-8106-A27392D4D4AA}, , [f72756c2512b2d09ad45c3e6c73be51b], 
PUP.Optional.TermTutor.A, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{6CB99040-7828-4C37-AC01-F15758F43E4D}, , [f529cc4c96e6a0962cdba9f9f60c5fa1], 
PUP.Optional.TermTutor.A, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{6CB99040-7828-4C37-AC01-F15758F43E4D}, , [f529cc4c96e6a0962cdba9f9f60c5fa1], 
PUP.Optional.DealPly.A, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{AE48ED75-5A56-4C5F-BBCE-6F1AC3875F66}, , [d846de3aea92082e8a0d901a9b67fc04], 
PUP.Optional.DealPly.A, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{AE48ED75-5A56-4C5F-BBCE-6F1AC3875F66}, , [d846de3aea92082e8a0d901a9b67fc04], 
PUP.Optional.PricePeep.A, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}, , [07176cac06764ceab352d70513ef04fc], 
PUP.Optional.PricePeep.A, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}, , [07176cac06764ceab352d70513ef04fc], 
PUP.Optional.SweetIM.A, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{DEDAF650-12B8-48F5-A843-BBA100716106}, , [b6684dcb0e6e1b1bae940d9db15118e8], 
PUP.Optional.WordOV, HKU\S-1-5-21-3031197819-1423011399-4028574408-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}, , [879700182557af87044e1fbf3cc6ff01], 
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B2D33ED6-EBBD-467C-BF6F-F175D9B51363}, , [6faf8197fa82b77fe30c5e4b9e647789], 
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BAD84EE2-624D-4e7c-A8BB-41EFD720FD77}, , [25f91404641856e0ea068e1b58aab34d], 
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{f34c9277-6577-4dff-b2d7-7d58092f272f}, , [06189583cfad39fd9642416e41c107f9], 
PUP.Optional.AdpeakProxy, HKLM\SOFTWARE\Adpeak, Inc., , [43db3fd9afcd4aecbabb9edfa2626b95], 
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\DataMngr, , [1905da3ee6967abcb103ee4b58ab837d], 
PUP.Optional.AdPeak.A, HKLM\SOFTWARE\LevelQualityWatcher, , [8896ac6c82fa092df3fbcf63877c3fc1], 
PUP.Optional.ScorpionSaver, HKLM\SOFTWARE\Scorpion Saver, , [d549ad6b8af21620d28f463659ab51af], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLive.OneClickCtrl.9, , [8d91f325126a21159a76303a0ef6bf41], 
PUP.Optional.PricePeep.A, HKLM\SOFTWARE\CLASSES\PricePeep.PricePeepBho, , [46d8d14795e74bebccfa8cee6e96f40c], 
PUP.Optional.Adpeak, HKLM\SOFTWARE\CLASSES\APPID\AdpeakProxy.exe, , [e93508100d6fa096035f7ffdcc38926e], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\APPID\DealPlyLive.exe, , [64ba958338449e9844ba0469a064aa56], 
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\CLASSES\APPID\DefaultTabBHO.DLL, , [918d8890601c092d291565f407fce719], 
PUP.Optional.PricePeep.A, HKLM\SOFTWARE\CLASSES\APPID\PricePeep.DLL, , [e03e50c845375cda2e0084eaa460df21], 
PUP.Optional.Adpeak, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\AdpeakProxy.exe, , [0e108197b6c6af875c073a42729201ff], 
PUP.Optional.Astromenda.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pfkfdlcdbajamklbneflfbcmfgddmpae, , [2bf3958349334fe74fc771214bb90df3], 
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\${dtUserElevationPolicyID}, , [af6f2fe936462214e9d8107e897bb24e], 
PUP.Optional.ScorpionSaver, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{6E810AB6-F34E-49A3-A93F-9E503660F718}, , [7f9fcf492d4fbb7b555a423ba4600bf5], 
PUP.Optional.AdpeakProxy, HKLM\SOFTWARE\WOW6432NODE\Adpeak, Inc., , [4ad4f820d5a78aac4c29add0bc4853ad], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\DealPly, , [6cb21dfb3f3dd85e34f0bd7e838023dd], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\DealPlyLive, , [041a9088384493a33cc3a1cc54b032ce], 
PUP.Optional.LinkSwift.A, HKLM\SOFTWARE\WOW6432NODE\LinkSwift, , [4fcf28f0a1db81b592c92e56867ecb35], 
PUP.Optional.LyricsParty.A, HKLM\SOFTWARE\WOW6432NODE\LyricsParty-1, , [e5391cfc7c0087afec8cfa7a9b6910f0], 
PUP.Optional.MediaPlayerAlpha.A, HKLM\SOFTWARE\WOW6432NODE\MediaPlayerV1alpha172, , [c45a38e0720a7db96f2f23306c979e62], 
PUP.Optional.MediaView.A, HKLM\SOFTWARE\WOW6432NODE\MediaViewV1alpha9116, , [f92530e8f8840f2783ebed6129dad22e], 
PUP.Optional.PCFixSpeed, HKLM\SOFTWARE\WOW6432NODE\PCFixSpeed, , [1e00d543c4b8e155e26180ef55aff50b], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLive.OneClickCtrl.9, , [a9756cac502c0e28d23e02683cc814ec], 
PUP.Optional.PricePeep.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PricePeep.PricePeepBho, , [66b86cac4e2e3afcb6105624a85c3dc3], 
PUP.Optional.Adpeak, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\AdpeakProxy.exe, , [fb2320f8e89451e5a4bee993c44012ee], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\DealPlyLive.exe, , [67b7ea2ef08cd1655ea05c11ff05dd23], 
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\DefaultTabBHO.DLL, , [4ad4e1378af223139aa4a8b1a45fc040], 
PUP.Optional.PricePeep.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\PricePeep.DLL, , [56c88d8b7606ac8a86a8610dd232a35d], 
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\WOW6432NODE\DEFAULT TAB, , [50ceda3e522aa096dc643425ce35e818], 
PUP.Optional.BetterSurf.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\ajadlheagenmmedmhaoafgkdenfilcme, , [ef2f68b0225a77bf0d3d0c2e59aa1ce4], 
PUP.Optional.InstallCore.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLCORE\WSE_Astromenda, , [36e8898f84f89e98c7e50519e12223dd], 
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Software Updater_is1, , [c9550612c3b9e74f89e4712034d0d12f], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@tools.dpliveupdate.com/DealPlyLive Update;version=3, , [031b03153b4172c4f40d4d214bb9ae52], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@tools.dpliveupdate.com/DealPlyLive Update;version=9, , [29f58a8edba1043241c0f77712f2fd03], 
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SWEETIM, , [b668e8302f4d2e0839554f1ebd47916f], 
PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\ssd, , [0b1323f5dd9fee48c26bb87919ea6f91], 
PUP.Optional.FastFreeConverter.A, HKLM\SOFTWARE\WOW6432NODE\ZUPDATER\FastFreeConverterUpdt.exe, , [948a3eda4834fa3c5a7171d7788bdf21], 
PUP.Optional.SearchProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPPD, , [8995cb4dc2bab87ebdb535f73cc78e72], 
PUP.Optional.TermTutor.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TTNFD, , [a876fa1ed5a7171f51e8081cd132e31d], 
PUP.Optional.DefaultTab.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\DefaultTab, , [4ed0cb4d7804ad89e062a8b1f60d45bb], 
PUP.Optional.Adpeak, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Scorpion Saver, , [e03e898f8eeeed49b335f165a95a41bf], 
PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT, , [2ef021f7e597a4924260df94010355ab], 
PUP.Optional.DealPly.A, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DealPlyLive, , [928c997f403c2f074cb772fc1de7b44c], 
PUP.Optional.PCFixSpeed, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\PCFixSpeed, , [5fbfc1570775be78df61125db054f60a], 
PUP.Optional.SmartBar, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SmartbarBackup, , [1d0172a698e45dd9ffd09de71de7cc34], 
PUP.Optional.SmartBar, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SmartbarLog, , [70ae59bf86f64beb7e50ceb657adad53], 
PUP.Optional.Astromenda.A, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\wse_astromenda, , [0b13f7212b519c9aa20980a60ff40df3], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [ad711ff9a5d7d3631dc3c0c0db29d729], 
PUP.Optional.PriceGong.A, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong, , [8d919f792557d561f3e19cb42dd6b749], 
PUP.Optional.Adpeak, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Scorpion Saver, , [aa742fe97dffef47f5f3282e45be2ed2], 
PUP.Optional.ScorpionSaver.A, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\ScorpionSaver, , [25f9a96f3f3d21151cb20b3de71ce21e], 
PUP.Optional.TidyNetwork.A, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\TidyNetwork, , [918d9583f5872c0a62456ee0e91a936d], 
PUP.Optional.DealPly.A, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DEALPLY, , [40de76a27a02a195d131ff6f33d1d42c], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, , [cc5294842953280e341e292ddb2844bc], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, , [49d51404225ae2545550214bb84c19e7], 
PUP.Optional.Lyrics.A, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\Lyrics, , [06184cccef8d1125d936fb5e7b88fd03], 
PUP.Optional.LinkSwift.A, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\LINKSWIFT, , [e53962b681fbe45254bf64f5e51e2ed2], 
PUP.Optional.SuperFish.A, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com, , [ce5063b593e9a39308d2e250d52eaf51], 
PUP.Optional.FindWide.A, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLAPLUGINS\@tightropeinteractive.com/Plugin, , [b26c859397e561d5d006a2ea4abac43c], 
PUP.Optional.TidyNetwork.A, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLAPLUGINS\@tnt2ghost.com/Plugin, , [9985b365c7b5e551ff1d69ed847fb64a], 
PUP.Optional.SweetIM.A, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM, , [2ef007110d6f3501f598aac3fd0744bc], 
PUP.Optional.SystemSpeedup, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\ssd, , [63bbad6b91eb89adac8045ec010210f0], 
PUP.Optional.DataMngr.A, HKU\S-1-5-21-3031197819-1423011399-4028574408-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr, , [5bc3ad6b423a9a9c532f105cc63e0ff1], 
PUP.Optional.DataMngr.A, HKU\S-1-5-21-3031197819-1423011399-4028574408-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr_Toolbar, , [839bc751601ced49d1b0f5770ef6b44c], 
PUP.Optional.Astromenda, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WSE_Astromenda, , [08163ddba8d421153001799af0135ea2], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110411181152}, , [45d952c6215bfd39dc1349e671949a66], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110411181152}, , [45d952c6215bfd39dc1349e671949a66], 
 
Registry Values: 15
PUP.Optional.AdpeakProxy, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\SHAREDDLLS|C:\WINDOWS\SYSTEM32\ADPEAKPROXY.INI, 1, , [75a9e03869135adc88eb24597292f709]
PUP.Optional.AdpeakProxy, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\SHAREDDLLS|C:\WINDOWS\SYSTEM32\ADPEAKPROXYOFF.INI, 1, , [34eacc4cf884c86e393af18c4eb6a65a]
PUP.Optional.FindWide, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\ABOUTURLS|Tabs, http://search.findwide.com/?guid={5113DA32-5963-443B-BF0C-31E2763C4E04}&serpv=22, , [32ec39df4c3046f08825d0ad4cb815eb]
PUP.Optional.SmartBar, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, , [120c38e0017b52e49cc7ec3963a0ee12]
PUP.Optional.ScorpionSaver, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{6E810AB6-F34E-49A3-A93F-9E503660F718}|Publisher, Adpeak, Inc., , [7f9fcf492d4fbb7b555a423ba4600bf5]
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\WOW6432NODE\DEFAULT TAB|Version, 2.2.16.0, , [50ceda3e522aa096dc643425ce35e818]
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SWEETIM|simapp_id, 191542744054977477512641744021418677824, , [b668e8302f4d2e0839554f1ebd47916f]
PUP.Optional.SearchProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPPD|ImagePath, \??\C:\Windows\system32\drivers\SPPD.sys, , [8995cb4dc2bab87ebdb535f73cc78e72]
PUP.Optional.TermTutor.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TTNFD|ImagePath, system32\drivers\ttnfd.sys, , [a876fa1ed5a7171f51e8081cd132e31d]
PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT|URL, MYSTART, , [2ef021f7e597a4924260df94010355ab]
PUP.Optional.DealPly.A, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DEALPLY|Partner, cnet, , [40de76a27a02a195d131ff6f33d1d42c]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0X2O1C0R2R1R, , [49d51404225ae2545550214bb84c19e7]
PUP.Optional.LinkSwift.A, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\LINKSWIFT|iid, def_LinkSwift, , [e53962b681fbe45254bf64f5e51e2ed2]
PUP.Optional.Snapdo.T, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {006ee092-9658-4fd6-bd8e-a21a348e59f5}, , [978742d6c6b6a88ed73b6ec1020131cf]
PUP.Optional.SweetIM.A, HKU\S-1-5-21-3031197819-1423011399-4028574408-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM|simapp_id, 191542744054977477512641744021418677824, , [2ef007110d6f3501f598aac3fd0744bc]
 
Registry Data: 0
(No malicious items detected)
 
Folders: 18
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config, , [fc2255c35329b284bdb44ce3778c0000], 
Rogue.Multiple, C:\ProgramData\374311380, , [5ec046d2334994a2a5f85987c73b5ca4], 
PUP.Optional.SmartBar.A, C:\Users\Dangerous\AppData\Local\Smartbar, , [51cdb662f5870630e5332cc4fc068f71], 
PUP.Optional.SmartBar.A, C:\Users\Dangerous\AppData\Local\Smartbar\QuickShare.exe_StrongName_vuedtbpoockmp1sq45awfxuouevabx0i, , [51cdb662f5870630e5332cc4fc068f71], 
PUP.Optional.Conduit.A, C:\Users\Dangerous\AppData\Local\Temp\ct3289847, , [a876f424e7950135c9e38c647f83a55b], 
PUP.Optional.Conduit.A, C:\Users\Dangerous\AppData\Local\Temp\ct3289847\plugins, , [a876f424e7950135c9e38c647f83a55b], 
PUP.Optional.ScorpionSaver, C:\Program Files\ScorpionSaver Services, , [d94536e297e52c0a158ed21f24de7789], 
PUP.Optional.SnapDo.A, C:\Users\Dangerous\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl, , [54ca34e4afcd69cd3421a152e51d847c], 
PUP.Optional.Adpeak, C:\Program Files\Level Quality Watcher, , [a37b8c8c6e0e7eb8c3d7af58bb489a66], 
PUP.Optional.Adpeak, C:\Program Files\Level Quality Watcher\v1.01, , [a37b8c8c6e0e7eb8c3d7af58bb489a66], 
PUP.Optional.Astromenda.A, C:\Users\Dangerous\AppData\Roaming\Astromenda, , [60bea07881fb5fd7837bf71957ac56aa], 
PUP.Optional.Astromenda.A, C:\Users\Dangerous\AppData\Roaming\Astromenda\BRS, , [60bea07881fb5fd7837bf71957ac56aa], 
PUP.Optional.Astromenda, C:\Program Files (x86)\WSE_Astromenda, , [08163ddba8d421153001799af0135ea2], 
PUP.Optional.Astromenda, C:\Program Files (x86)\WSE_Astromenda\bh, , [08163ddba8d421153001799af0135ea2], 
PUP.Optional.Astromenda, C:\Program Files (x86)\WSE_Astromenda\BRS, , [08163ddba8d421153001799af0135ea2], 
PUP.Optional.Astromenda.A, C:\Users\Dangerous\AppData\Roaming\WSE_Astromenda, , [aa7470a86e0e4fe7aaa032e1b54e58a8], 
PUP.Optional.Astromenda.A, C:\Users\Dangerous\AppData\Roaming\WSE_Astromenda\icons_3.2.1.5, , [aa7470a86e0e4fe7aaa032e1b54e58a8], 
PUP.Optional.Astromenda.A, C:\Users\Dangerous\AppData\Roaming\WSE_Astromenda\UpdateProc, , [aa7470a86e0e4fe7aaa032e1b54e58a8], 
 
Files: 98
PUP.Optional.OptimunInstaller, C:\$Recycle.Bin\S-1-5-21-3031197819-1423011399-4028574408-1000\$R2YN0YO.exe, , [f42ae236b4c8ae88def464e5768a10f0], 
PUP.Optional.InstallCore, C:\$Recycle.Bin\S-1-5-21-3031197819-1423011399-4028574408-1000\$RDUMALW.exe, , [ec3276a21d5fd95d08b74db064a0e917], 
PUP.Optional.InstallBrain.A, C:\Users\Dangerous\AppData\Local\Temp\WSSetup.exe, , [d945a96f2e4ed2646fae36a615ef7d83], 
PUP.Optional.GreatArcadeHits.A, C:\Users\Dangerous\AppData\Local\Temp\newsetup.exe, , [d6488c8c7a027abc6a5ab8e228dca45c], 
PUP.Optional.Conduit.A, C:\Users\Dangerous\AppData\Local\Temp\nsr811.exe, , [da44c6529ce0ac8a5bc1adebe1209e62], 
PUP.Optional.Conduit.A, C:\Users\Dangerous\AppData\Local\Temp\nsrD221.exe, , [c15d809881fb44f21a02673106fbc040], 
PUP.Optional.Conduit.A, C:\Users\Dangerous\AppData\Local\Temp\nss27B8.exe, , [a6783cdc621ae94de7355e3aa75a857b], 
PUP.Optional.Conduit.A, C:\Users\Dangerous\AppData\Local\Temp\nsuBFF7.exe, , [58c636e25527f145b7503ff5e31eb050], 
PUP.Optional.PCOptimizerPro, C:\Users\Dangerous\AppData\Local\Temp\Optimizer_Pro.exe, , [37e7ab6dcfad80b64065bd63966bf20e], 
PUP.Optional.BundleInstaller.A, C:\Users\Dangerous\AppData\Local\Temp\parent.txt, , [f925c157601c96a0d068e1786b965ea2], 
PUP.Optional.Adpeak, C:\Users\Dangerous\AppData\Local\Temp\airD6A4.exe, , [0a14b464a4d8a98dd08103e062a29c64], 
PUP.Optional.SweetIM.A, C:\Users\Dangerous\AppData\Local\Temp\BundleInstaller.exe, , [47d77a9ee894ca6c8222074b8a7b54ac], 
PUP.Optional.SweetIM, C:\Users\Dangerous\AppData\Local\Temp\Shortcut_IMsetup.exe, , [39e5bb5d215bd95d816b0d41b84d8f71], 
PUP.Optional.SweetIM.A, C:\Users\Dangerous\AppData\Local\Temp\sp.exe, , [41ddd048592387aff7ad92c044c106fa], 
PUP.Optional.Conduit.A, C:\Users\Dangerous\AppData\Local\Temp\SPStub.exe, , [24fa50c8522a34029aa92012629f43bd], 
PUP.Optional.ScramblePacker.A, C:\Users\Dangerous\AppData\Local\Temp\air2938.exe, , [8a94a3750d6f60d65689573ade230ef2], 
PUP.Optional.Wajam.A, C:\Users\Dangerous\AppData\Local\Temp\air43D8.exe, , [69b5c94fd0acba7c160f82c5f60a07f9], 
PUP.Optional.SevereWeatherAlerts, C:\Users\Dangerous\AppData\Local\Temp\air4CCA.exe, , [5fbfdd3b146825117922e2419a6611ef], 
PUP.Optional.Conduit.A, C:\Users\Dangerous\AppData\Local\Temp\nsf97F1.exe, , [e03eb563c3b9023410f768cc8e73c43c], 
PUP.Optional.SearchProtect.A, C:\Users\Dangerous\AppData\Local\Temp\nsmEC45.tmp, , [cb537a9e007cf93d68d43969ea17ed13], 
PUP.Optional.Conduit.A, C:\Users\Dangerous\AppData\Local\Temp\nsnF48E.exe, , [d846819794e8e353996edb593fc2817f], 
PUP.Optional.Conduit.A, C:\Users\Dangerous\AppData\Local\Temp\nsnF8AB.exe, , [6ab4e92fdca040f65dbf9afedb263ac6], 
PUP.Optional.SweetIM, C:\Users\Dangerous\AppData\Local\Temp\mgsqlite3.dll, , [c45ac454225ad066a646a2ac5da8ff01], 
PUP.Optional.Conduit.A, C:\Users\Dangerous\AppData\Local\Temp\nsc1205.exe, , [71ade8304a32102646d6861254adee12], 
PUP.Optional.Conduit.A, C:\Users\Dangerous\AppData\Local\Temp\nscE4F7.exe, , [2df19f794933c17530ec62368d7414ec], 
PUP.Optional.SweetIM, C:\Users\Dangerous\AppData\Local\Temp\IMsetup.exe, , [110d061273094fe7ae3ef35bb64ff20e], 
PUP.Optional.SmartBar.A, C:\Users\Dangerous\AppData\Local\Temp\Installer.exe, , [76a8908879033600e58b60be4ab6b64a], 
PUP.Optional.Conduit.A, C:\Users\Dangerous\AppData\Local\Temp\dlLogic.exe, , [8b93ba5ee29afd395376db41d62b3cc4], 
PUP.Optional.Conduit.A, C:\Users\Dangerous\AppData\Local\Temp\ibtmp1920709\component_514, , [25f9b8606a12ce68aa6da17e7090a35d], 
PUP.Optional.SpeedAnalysis.A, C:\Users\Dangerous\AppData\Local\Temp\ibtmp1920709\component_613, , [001ee4348fedc96dbcd66eaf15ece917], 
PUP.Optional.SpeedAnalysis.A, C:\Users\Dangerous\AppData\Local\Temp\ibtmp1920709\component_633, , [40deb6622d4fd660deb437e6c1409a66], 
PUP.Optional.BestToolbar, C:\Users\Dangerous\AppData\Local\Temp\ibtmp1920709\component_640, , [15098c8c2c5088ae39bce24cae52867a], 
PUP.Optional.GreatArcadeHits.A, C:\Users\Dangerous\AppData\Local\Temp\is202948896\102324892_stp\GreatArcadeHits.exe, , [3fdf9583e09cb3837bc48f9727d92bd5], 
PUP.Optional.Wajam.A, C:\Users\Dangerous\AppData\Local\Temp\is202948896\102324944_stp\wajam_download.exe, , [a57973a5681483b3cd58e265f709eb15], 
PUP.Optional.Conduit.A, C:\Users\Dangerous\AppData\Local\Temp\ct3289847\chlogic.exe, , [b9654eca4c30fb3b6bd8b082d928c23e], 
PUP.Optional.Conduit.A, C:\Users\Dangerous\AppData\Local\Temp\ct3289847\ctbe.exe, , [c35b25f304788aac9d24d24c8e721ae6], 
PUP.Optional.Conduit.A, C:\Users\Dangerous\AppData\Local\Temp\ct3289847\ielogic.exe, , [3ee0db3d5e1e6ec82221f73b2fd240c0], 
PUP.Optional.Conduit.A, C:\Users\Dangerous\AppData\Local\Temp\ct3289847\statisticsStub.exe, , [ff1f1ff97507211504c3ca529e6335cb], 
PUP.Optional.Conduit.A, C:\Users\Dangerous\AppData\Local\Temp\ct3289847\plugins\TBVerifier.dll, , [110de434b9c392a427b8c979768a659b], 
PUP.Optional.SnapDo.A, C:\Users\Dangerous\AppData\Local\Temp\Smartbar\LinkuryInstaller.msi, , [c9554ace86f68ea8d3b36b2e43be54ac], 
PUP.Optional.SnapDo.A, C:\Users\Dangerous\AppData\Local\Temp\Smartbar\0ddbcffd-811e-4117-b751-215ad5d91769\QuickObrw.exe, , [4bd38d8b6d0f3cfae79f5e3b07fa936d], 
PUP.Optional.SnapDo.A, C:\Users\Dangerous\AppData\Local\Temp\Smartbar\754613ab-9b88-4b30-8195-509378671e3c\LinkuryInstaller.msi, , [fe2019ff1567ca6cb0d62673b0517b85], 
PUP.Optional.BundleInstaller.A, C:\Users\Dangerous\AppData\Local\Temp\0faed691-8f8b-4d93-b003-7f005586f4100\parent.txt, , [ec32fc1cee8e2214370181d87c8505fb], 
PUP.Optional.BundleInstaller.A, C:\Users\Dangerous\AppData\Local\Temp\ifoxleoodbnfvoh\ondkbntwcokx.exe, , [938bfa1ebcc0171f84d73000758b4db3], 
PUP.Optional.BundleInstaller.A, C:\Users\Dangerous\AppData\Local\Temp\ifoxleoodbnfvoh\parent.txt, , [ca54b95f99e3ee4854e5aeab1fe2f20e], 
PUP.Optional.BundleInstaller.A, C:\Users\Dangerous\AppData\Local\Temp\ifoxleoodbnfvoh\b8e2cfdc-93d5-4374-b912-ebd74b989f140\parent.txt, , [a77734e41765f93da5941b3ee51c39c7], 
PUP.Optional.BundleInstaller.A, C:\Users\Dangerous\AppData\Local\Temp\ifoxleoodbnfvoh\ffb1084c-ceac-4217-bcbc-829728aa1d3e0\parent.txt, , [e539ca4e80fc3ef8a693cc8dec15a759], 
PUP.Optional.Amonetize, C:\Windows\Temp\675e332f-42a7-47ce-39cf-d5ed8fc5480e.exe, , [c25c31e7ed8f211509caeeda17ea44bc], 
PUP.Optional.Conduit.A, C:\Windows\Temp\nsb7F85.exe, , [9a847b9ddca0be7838e41a7edb26de22], 
PUP.Optional.Conduit.A, C:\Windows\Temp\nsbE8F2.exe, , [9e8029ef5923af87b06c4e4a629fa15f], 
PUP.Optional.Amonetize, C:\Windows\Temp\Updater.exe, , [0f0f38e0502c4beb22b16662b74ade22], 
PUP.Optional.AirInstaller, C:\Users\Dangerous\FPP_Setup (1).exe, , [20fe1008ee8efa3c7a0bfe33ab56f10f], 
PUP.Optional.AirInstaller, C:\Users\Dangerous\FPP_Setup (2).exe, , [c25c11072e4e90a6d9acfc3505fc52ae], 
PUP.Optional.AirInstaller, C:\Users\Dangerous\FPP_Setup.exe, , [9b8393856d0fef47aadb1021fb068c74], 
PUP.Optional.AirInstaller, C:\Users\Dangerous\Downloads\5683.tmp, , [d648997fd0ac57dfcfb6eb466d94827e], 
PUP.Optional.Bandoo, C:\Users\QT\Downloads\iLividSetup (1).exe, , [9886d444cab2ca6cb8b2ea3540c13dc3], 
PUP.Optional.Bandoo, C:\Users\QT\Downloads\iLividSetup.exe, , [d846a870d4a885b18bdf44dbfd046f91], 
PUP.Optional.InstallIQ.A, C:\Users\QT\Downloads\movie_player_d1041378.exe, , [a9758e8a99e35dd9be38111af20ff20e], 
PUP.Optional.InstallIQ.A, C:\Users\QT\Downloads\movie_player_d998173 (1).exe, , [2ef0eb2dee8e0d29d42244e7926fa15f], 
PUP.Optional.InstallIQ.A, C:\Users\QT\Downloads\movie_player_d998173.exe, , [bf5f6eaa25570d29a353b37819e8966a], 
PUP.Optional.SnapDo.A, C:\Windows\Installer\4a4d7.msi, , [8797b266c5b7fc3a95f14d4c679a14ec], 
PUP.Optional.Astromenda.A, C:\Windows\Tasks\WSE_Astromenda.job, , [a37b46d2c5b7a6901c52c25c1de6cb35], 
PUP.Optional.InstallD.A, C:\Windows\SysWOW64\installd.exe, , [1fffd246ef8dd16568c638f446bde719], 
PUP.Optional.SweetPacks.A, C:\Users\Dangerous\AppData\Local\Temp\BundleSweetIMSetup.exe, , [4dd125f3fd7f74c2b62c6ec08e75d030], 
PUP.Optional.Babylon.A, C:\Users\Dangerous\AppData\Local\Temp\MybabylonTB.exe, , [51cd3edaccb06cca529279b58f7409f7], 
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config\ver.xml, , [fc2255c35329b284bdb44ce3778c0000], 
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config\uninstinethnfd.exe, , [fc2255c35329b284bdb44ce3778c0000], 
PUP.Optional.TidyNetwork.A, C:\Windows\System32\Tasks\TidyNetwork Update, , [d44a859382fa4de92b83042ffb0856aa], 
PUP.Optional.GreatArcadeHits.A, C:\Windows\System32\Tasks\GreatArcadeHits, , [65b98791d5a7bc7a446fca69e91a8f71], 
PUP.Optional.SoftwareUpdater.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftwareUpdater.lnk, , [c856fb1d0c701521e5752b0b8b78bc44], 
PUP.Optional.AdpeakProxy, C:\Windows\System32\AdpeakProxy.ini, , [75a9e03869135adc88eb24597292f709], 
PUP.Optional.AdpeakProxy, C:\Windows\System32\AdpeakProxyOff.ini, , [34eacc4cf884c86e393af18c4eb6a65a], 
PUP.Optional.AdpeakProxy, C:\Windows\SysWOW64\AdpeakProxy.ini, , [22fc898fbcc047ef175cd2ab1ee6cb35], 
PUP.Optional.AdpeakProxy, C:\Windows\SysWOW64\AdpeakProxyOff.ini, , [39e550c8d0acf145bdb6d6a7c73d22de], 
PUP.Optional.AdpeakProxy, C:\Users\Dangerous\AppData\Local\Temp\AdpeakProxyr.log, , [829cb7612755191dcaaa7805a06434cc], 
PUP.Optional.AdpeakProxy, C:\Windows\Temp\AdpeakProxy.log, , [98863edad8a4082e3242c4b96a9af10f], 
PUP.Optional.AdpeakProxy, C:\Windows\Temp\AdpeakProxyr.log, , [e737a177047835010b694f2e1fe56a96], 
PUP.Optional.Conduit.A, C:\Users\Dangerous\AppData\Local\Temp\ct3289847\chromeid.txt, , [a876f424e7950135c9e38c647f83a55b], 
PUP.Optional.Conduit.A, C:\Users\Dangerous\AppData\Local\Temp\ct3289847\CT3289847.txt, , [a876f424e7950135c9e38c647f83a55b], 
PUP.Optional.Conduit.A, C:\Users\Dangerous\AppData\Local\Temp\ct3289847\iedump.exe, , [a876f424e7950135c9e38c647f83a55b], 
PUP.Optional.Conduit.A, C:\Users\Dangerous\AppData\Local\Temp\ct3289847\initData.json, , [a876f424e7950135c9e38c647f83a55b], 
PUP.Optional.Conduit.A, C:\Users\Dangerous\AppData\Local\Temp\ct3289847\manifest.json, , [a876f424e7950135c9e38c647f83a55b], 
PUP.Optional.Conduit.A, C:\Users\Dangerous\AppData\Local\Temp\ct3289847\setup.ini.txt, , [a876f424e7950135c9e38c647f83a55b], 
PUP.Optional.ScorpionSaver, C:\Program Files\ScorpionSaver Services\AdpeakRegisterLSP.ini, , [d94536e297e52c0a158ed21f24de7789], 
PUP.Optional.ScorpionSaver, C:\Program Files\ScorpionSaver Services\Microsoft.Deployment.WindowsInstaller.dll, , [d94536e297e52c0a158ed21f24de7789], 
PUP.Optional.ScorpionSaver, C:\Program Files\ScorpionSaver Services\Microsoft.Deployment.WindowsInstaller.xml, , [d94536e297e52c0a158ed21f24de7789], 
PUP.Optional.Astromenda.A, C:\Users\Dangerous\AppData\Roaming\Astromenda\BRS\stats, , [60bea07881fb5fd7837bf71957ac56aa], 
PUP.Optional.Astromenda, C:\Program Files (x86)\WSE_Astromenda\FavIcon.ico, , [08163ddba8d421153001799af0135ea2], 
PUP.Optional.Astromenda, C:\Program Files (x86)\WSE_Astromenda\Sqlite3.dll, , [08163ddba8d421153001799af0135ea2], 
PUP.Optional.Astromenda, C:\Program Files (x86)\WSE_Astromenda\uninst.dat, , [08163ddba8d421153001799af0135ea2], 
PUP.Optional.Astromenda, C:\Program Files (x86)\WSE_Astromenda\uninstall.exe, , [08163ddba8d421153001799af0135ea2], 
PUP.Optional.Astromenda.A, C:\Users\Dangerous\AppData\Roaming\WSE_Astromenda\icons_3.2.1.5\ctr.ico, , [aa7470a86e0e4fe7aaa032e1b54e58a8], 
PUP.Optional.Astromenda.A, C:\Users\Dangerous\AppData\Roaming\WSE_Astromenda\UpdateProc\bkup.dat, , [aa7470a86e0e4fe7aaa032e1b54e58a8], 
PUP.Optional.Astromenda.A, C:\Users\Dangerous\AppData\Roaming\WSE_Astromenda\UpdateProc\config.dat, , [aa7470a86e0e4fe7aaa032e1b54e58a8], 
PUP.Optional.Astromenda.A, C:\Users\Dangerous\AppData\Roaming\WSE_Astromenda\UpdateProc\info.dat, , [aa7470a86e0e4fe7aaa032e1b54e58a8], 
PUP.Optional.Astromenda.A, C:\Users\Dangerous\AppData\Roaming\WSE_Astromenda\UpdateProc\STTL.DAT, , [aa7470a86e0e4fe7aaa032e1b54e58a8], 
PUP.Optional.Astromenda.A, C:\Users\Dangerous\AppData\Roaming\WSE_Astromenda\UpdateProc\TTL.DAT, , [aa7470a86e0e4fe7aaa032e1b54e58a8], 
PUP.Optional.SnapDo.A, C:\Users\QT\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "homepage": "http://feed.snapdo.c...Date=20/10/2013",), ,[6cb242d6eb91ca6c37146bf151b45ea2]
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

#9 fbfbfb

fbfbfb

    SuperMember

  • Malware Team
  • 1,218 posts

Posted 23 October 2014 - 10:43 AM

Hello, pendaless.

 

Thank you for your logs.  Let's keep cleaning.

 

Please run the following scans

 

1.  AdwCleaner

 

Double click on AdwCleaner.exe to run the tool again.

  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
  • This time, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleanerto restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

 

2.  Farbar Recovery Scan Tool

 

Please rerun FRST and send me a fresh log.  Before beginning the scan, be certain to check mark Addition.txt.

 

CHECKLIST : In your next reply, please post the following:

  • AdwCleaner[S0].txt
  • FRST.txt
  • Addition.txt
  • Let me know how your computer is running at this stage.

 


#10 fbfbfb

fbfbfb

    SuperMember

  • Malware Team
  • 1,218 posts

Posted 25 October 2014 - 08:17 AM

Hello, pendaless.

 

Have you been able to run the last scans yet?  Please reply within the next 24 hours to avoid closing this thread.

 

Thank you.


#11 fbfbfb

fbfbfb

    SuperMember

  • Malware Team
  • 1,218 posts

Posted 26 October 2014 - 03:00 PM

Due to inactivity this topic will be closed.
If you need help please start a new thread.

New members follow the instructions here http://forums.whatth...ed_t106388.html and start a new topic

Related Topics

Back to Virus, Spyware & Malware Removal · Next Unread Topic →

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. What the Tech
  2. Spyware / Malware / Virus Removal
  3. Virus, Spyware & Malware Removal
  4. Privacy Policy
  5. Terms of Use ·