View Full Version : Barowwsoe2save virus
snowboarder
2013-12-21, 06:56
I tried the instructions to delete in manually. No luck.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.45.2
Run by ldbachman at 14:49:07 on 2013-12-20
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3999.1622 [GMT -8:00]
.
AV: Norton 360 *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
c:\progra~2\optimi~1\OptProCrash.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
C:\Program Files\LSI SoftModem\agr64svc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Microsoft LifeCam\MSCamS64.exe
C:\Program Files (x86)\Norton 360\Engine\3.8.3.6\ccSvcHst.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files (x86)\Sendori\sndappv2.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\Sendori\SendoriSvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Sendori\SendoriUp.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\SeaPort.exe
C:\Windows\explorer.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32\igfxtray.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files (x86)\HP\QuickPlay\QPService.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\Sendori\SendoriTray.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\Sendori\Sendori.Service.exe
C:\Users\ldbachman\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ldbachman\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ldbachman\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ldbachman\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ldbachman\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ldbachman\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\system32\SnippingTool.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Users\ldbachman\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=US&userid=a9e49f06-f639-0802-e141-541423680fde&searchtype=hp&installDate={installDate}
uSearch Bar = hxxp://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=US&userid=a9e49f06-f639-0802-e141-541423680fde&searchtype=ds&q={searchTerms}&installDate={installDate}
uSearch Page = hxxp://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=US&userid=a9e49f06-f639-0802-e141-541423680fde&searchtype=ds&q={searchTerms}&installDate={installDate}
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb
uSearchAssistant = hxxp://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=US&userid=a9e49f06-f639-0802-e141-541423680fde&searchtype=ds&q={searchTerms}&installDate={installDate}
mWinlogon: Userinit = userinit.exe
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: DealCabby: {0B4A07CF-45EB-4B10-B6BB-35568A2F89BE} - C:\Users\ldbachman\AppData\Local\dealcabby\ie\dealcabby_20121029030001.dll
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BingExt.dll
BHO: MyWordTool: {45470599-8237-486D-87B5-E89CD6AED154} - C:\Users\ldbachman\AppData\Roaming\MyWordTool\temp.dat
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\3.8.3.6\CoIEPlg.dll
BHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\3.8.3.6\IPSBHO.dll
BHO: Re-markit: {73cce2a7-dd1b-4a56-b7dc-02313837ecb5} - C:\Program Files (x86)\Re-markit\136.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: hpBHO Class: {ABD3B5E1-B268-407B-A150-2641DAB8D898} - C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
BHO: GreatArcadeHits Add-on: {D0C21091-FF8E-432C-9006-0540E81BA9D7} - C:\Users\ldbachman\AppData\Local\GreatArcadeHits\GreatArcadeHitsIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
BHO: PETN: {E9EA706C-6888-474D-AD5A-913CD504C068} - C:\Users\ldbachman\AppData\Local\TidyNetwork\petn.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\3.8.3.6\CoIEPlg.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\3.8.3.6\CoIEPlg.dll
TB: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BingExt.dll
EB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Google Update] "C:\Users\ldbachman\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [QPService] "C:\Program Files (x86)\HP\QuickPlay\QPService.exe"
mRun: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
mRun: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
mRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Sendori Tray] "C:\Program Files (x86)\Sendori\SendoriTray.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
StartupFolder: C:\Users\LDBACH~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files\Logitech\SetPoint\SetPoint.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SPYSUB~1.LNK - C:\Program Files\interMute\SpySubtract\spysub.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-System: WallpaperStyle = 2
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: WallpaperStyle = 2
IE: Append to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
LSP: C:\Windows\System32\Sendori.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{127B341E-8FFE-4E7E-BBA8-6EC682180DA9} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{127B341E-8FFE-4E7E-BBA8-6EC682180DA9}\2377962756232353 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{127B341E-8FFE-4E7E-BBA8-6EC682180DA9}\4696E616E696 : DHCPNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{127B341E-8FFE-4E7E-BBA8-6EC682180DA9}\74C6F62616C6355796475675962756C6563737 : DHCPNameServer = 4.2.2.1
TCP: Interfaces\{127B341E-8FFE-4E7E-BBA8-6EC682180DA9}\84F6C6964616970294E6E6 : DHCPNameServer = 8.8.8.8 8.8.4.4
TCP: Interfaces\{127B341E-8FFE-4E7E-BBA8-6EC682180DA9}\84F6C69646169794E6E6 : DHCPNameServer = 8.8.8.8 64.60.0.17 4.2.2.2
TCP: Interfaces\{127B341E-8FFE-4E7E-BBA8-6EC682180DA9}\A4650286F6473707F647 : NameServer = 192.168.0.1
TCP: Interfaces\{127B341E-8FFE-4E7E-BBA8-6EC682180DA9}\A4650286F6473707F647 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{3DC90021-B8C9-42BC-B7FB-B45A8BA8812E} : DHCPNameServer = 208.180.42.68 208.180.42.100
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton 360\Engine\3.8.3.6\CoIEPlg.dll
AppInit_DLLs= c:\progra~2\optimi~1\optpro~1.dll
SSODL: WebCheck - <orphaned>
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
x64-BHO: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\amd64\BingExt.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-TB: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} -
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
x64-Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
x64-Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\ldbachman\AppData\Roaming\Mozilla\Firefox\Profiles\qo1ws90o.default\
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage - hxxp://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=US&userid=a9e49f06-f639-0802-e141-541423680fde&searchtype=hp&installDate={installDate}
FF - prefs.js: keyword.URL - hxxp://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=US&userid=a9e49f06-f639-0802-e141-541423680fde&searchtype=ds&installDate={installDate}&q=
FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - component: C:\Users\ldbachman\AppData\Roaming\Mozilla\Firefox\Profiles\qo1ws90o.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\XPATLCOM.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMSS.dll
FF - plugin: C:\Users\ldbachman\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Users\ldbachman\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
FF - ExtSQL: 2013-11-30 21:00; emily@wilford.biz; C:\Users\ldbachman\AppData\Roaming\Mozilla\Firefox\Profiles\qo1ws90o.default\extensions\emily@wilford.biz
FF - ExtSQL: 2013-12-16 21:36; {73f58f76-2abf-4927-8c1c-5f98500e0bb8}; C:\Program Files (x86)\Re-markit\136.xpi
FF - ExtSQL: !HIDDEN! 2013-12-01 18:25; emily@wilford.biz; C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
.
============= SERVICES / DRIVERS ===============
.
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\0308030.006\SymEFA64.sys [2011-10-10 402992]
R1 BHDrvx64;Symantec Heuristics Driver;C:\Windows\System32\drivers\N360x64\0308030.006\BHDrvx64.sys [2011-10-10 334384]
R1 ccHP;Symantec Hash Provider;C:\Windows\System32\drivers\N360x64\0308030.006\cchpx64.sys [2011-10-10 561800]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20111104.030\IDSviA64.sys [2011-11-4 488568]
R2 70e6ca8c;Optimizer Pro Crash Monitor;C:\progra~2\optimi~1\OptProCrash.exe [2013-12-1 143488]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [2009-8-31 89600]
R2 Application Sendori;Application Sendori;C:\Program Files (x86)\Sendori\SendoriSvc.exe [2013-7-1 119072]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2012-8-23 13672]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\3.8.3.6\ccSvcHst.exe [2011-10-10 117648]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2010-5-20 1153368]
R2 Service Sendori;Service Sendori;C:\Program Files (x86)\Sendori\Sendori.Service.exe [2013-7-1 22304]
R2 sndappv2;sndappv2;C:\Program Files (x86)\Sendori\sndappv2.exe [2013-7-1 3623200]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\SeaPort.EXE [2013-8-30 240288]
R3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-8-14 227896]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;C:\Windows\System32\drivers\IntcHdmi.sys [2009-5-26 138752]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2010-6-14 7675392]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-6-23 344680]
R3 SYMNDISV;Symantec Network Filter Driver;C:\Windows\System32\drivers\N360x64\0308030.006\symndisv.sys [2011-10-10 56952]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BBSvc.EXE [2013-8-30 193696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-12 111616]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [2013-9-6 288776]
S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;C:\Windows\System32\drivers\nx6000.sys [2010-3-12 36720]
S3 NETw1v64;Intel(R) Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\NETw1v64.sys [2009-8-31 7058432]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2009-8-31 216576]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-8-18 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-5-5 1255736]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
.
=============== Created Last 30 ================
.
2013-12-20 21:41:15 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C28073F2-E831-4366-9364-FA5F91F43EA7}\offreg.dll
2013-12-20 14:02:05 10315576 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C28073F2-E831-4366-9364-FA5F91F43EA7}\mpengine.dll
2013-12-18 17:53:56 -------- d-----w- C:\Program Files\Uninstaller
2013-12-17 05:41:55 -------- d-----w- C:\Users\ldbachman\AppData\Roaming\Uniblue
2013-12-17 05:38:53 -------- d-----w- C:\Users\ldbachman\AppData\Local\SwvUpdater
2013-12-17 05:36:32 -------- d-----w- C:\Users\ldbachman\AppData\Local\GreatArcadeHits
2013-12-17 05:36:10 -------- d-----w- C:\Program Files (x86)\Re-markit
2013-12-16 00:01:26 -------- d-----w- C:\Users\ldbachman\AppData\Local\QuickPlay
2013-12-11 13:25:22 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2013-12-11 13:25:22 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2013-12-11 13:25:21 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2013-12-11 13:25:21 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2013-12-11 06:22:54 335360 ----a-w- C:\Windows\System32\msieftp.dll
2013-12-11 06:22:54 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll
2013-12-11 06:22:53 3155968 ----a-w- C:\Windows\System32\win32k.sys
2013-12-02 02:26:43 -------- d-----w- C:\Program Files (x86)\Optimizer Pro
2013-12-02 02:26:41 -------- d-----w- C:\Users\ldbachman\AppData\Local\Programs
2013-12-02 02:25:31 -------- d-----w- C:\Users\ldbachman\AppData\Roaming\MyWordTool
2013-12-02 02:25:20 -------- d-----w- C:\Users\ldbachman\AppData\Local\TidyNetwork
2013-12-01 14:07:51 -------- d-----w- C:\New folder
.
==================== Find3M ====================
.
2013-12-11 02:26:43 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-11 02:26:43 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-12-11 02:26:35 9272200 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll
2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll
2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll
2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2013-11-19 11:33:38 267936 ------w- C:\Windows\System32\MpSigStub.exe
2013-11-12 02:23:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-11-12 02:07:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-10-19 02:18:57 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2013-10-19 01:36:59 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2013-10-12 02:32:04 150016 ----a-w- C:\Windows\System32\wshom.ocx
2013-10-12 02:31:04 202752 ----a-w- C:\Windows\System32\scrrun.dll
2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2013-10-12 02:04:36 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx
2013-10-12 02:03:31 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll
2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2013-10-12 01:33:39 156160 ----a-w- C:\Windows\System32\cscript.exe
2013-10-12 01:33:26 168960 ----a-w- C:\Windows\System32\wscript.exe
2013-10-12 01:15:48 141824 ----a-w- C:\Windows\SysWow64\wscript.exe
2013-10-12 01:15:48 126976 ----a-w- C:\Windows\SysWow64\cscript.exe
2013-10-08 15:50:37 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-05 20:25:35 1474048 ----a-w- C:\Windows\System32\crypt32.dll
2013-10-05 19:57:25 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-10-04 02:28:31 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll
2013-10-04 02:25:17 197120 ----a-w- C:\Windows\System32\credui.dll
2013-10-04 02:24:49 1930752 ----a-w- C:\Windows\System32\authui.dll
2013-10-04 02:16:30 116736 ----a-w- C:\Windows\System32\drivers\drmk.sys
2013-10-04 01:58:50 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
2013-10-04 01:56:25 168960 ----a-w- C:\Windows\SysWow64\credui.dll
2013-10-04 01:56:00 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2013-10-04 01:36:04 230400 ----a-w- C:\Windows\System32\drivers\portcls.sys
2013-10-03 02:23:48 404480 ----a-w- C:\Windows\System32\gdi32.dll
2013-10-03 02:00:44 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2013-09-28 01:09:10 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2013-09-25 02:26:40 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2013-09-25 02:26:40 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2013-09-25 02:23:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll
2013-09-25 02:23:33 135680 ----a-w- C:\Windows\System32\sspicli.dll
2013-09-25 02:23:01 28160 ----a-w- C:\Windows\System32\secur32.dll
2013-09-25 02:22:59 340992 ----a-w- C:\Windows\System32\schannel.dll
2013-09-25 02:21:50 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2013-09-25 02:21:07 1447936 ----a-w- C:\Windows\System32\lsasrv.dll
2013-09-25 01:58:17 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2013-09-25 01:57:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2013-09-25 01:57:24 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2013-09-25 01:56:42 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2013-09-25 01:03:24 30720 ----a-w- C:\Windows\System32\lsass.exe
.
============= FINISH: 18:47:33.71 ===============
:welcome:
Please download AdwCleaner (http://www.bleepingcomputer.com/download/adwcleaner/) by Xplode and save to your Desktop.
Double click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8 users right-click and select Run As Administrator (http://windows.microsoft.com/en-US/windows7/How-do-I-run-an-application-once-with-a-full-administrator-access-token).
Click on the Scan button.
AdwCleaner will begin...be patient as the scan may take some time to complete.
After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
Copy and paste the contents of that logfile in your next reply.
A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
snowboarder
2013-12-26, 18:51
:welcome:
Please download AdwCleaner (http://www.bleepingcomputer.com/download/adwcleaner/) by Xplode and save to your Desktop.
Double click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8 users right-click and select Run As Administrator (http://windows.microsoft.com/en-US/windows7/How-do-I-run-an-application-once-with-a-full-administrator-access-token).
Click on the Scan button.
AdwCleaner will begin...be patient as the scan may take some time to complete.
After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
Copy and paste the contents of that logfile in your next reply.
A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
I just ask because the adware has a lot of options on WHAT to scan, and I wanted to be sure I selected the correct one. Thank you.
snowboarder
2013-12-26, 19:04
I just ask because the adware has a lot of options on WHAT to scan, and I wanted to be sure I selected the correct one. Thank you.
This is the scan of Internet Explorer. Should Firefox and Chrome also be scanned? Thank you for your assistance.
Internet Explorer
# AdwCleaner v3.016 - Report created 26/12/2013 at 09:47:18
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : ldbachman - LDBACHMAN-PC
# Running from : C:\Users\ldbachman\Downloads\AdwCleaner.exe
# Option : Scan
***** [ Services ] *****
Service Found : 70e6ca8c
Service Found : BackupStack
Service Found : SProtection
Service Found : Update BrowseSmart
***** [ Files / Folders ] *****
File Found : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\StartWeb.xml
File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\safesearch.xml
File Found : C:\Users\ldbachman\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
File Found : C:\Users\ldbachman\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage-journal
File Found : C:\Users\ldbachman\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage
File Found : C:\Users\ldbachman\AppData\Local\mysearchdial-speeddial.crx
File Found : C:\Users\ldbachman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
File Found : C:\Users\ldbachman\AppData\Roaming\Mozilla\Firefox\Profiles\qo1ws90o.default\searchplugins\Askcom.xml
File Found : C:\Users\ldbachman\AppData\Roaming\Mozilla\Firefox\Profiles\qo1ws90o.default\searchplugins\conduit-search.xml
File Found : C:\Users\ldbachman\AppData\Roaming\Mozilla\Firefox\Profiles\qo1ws90o.default\searchplugins\iminent.xml
File Found : C:\Users\ldbachman\AppData\Roaming\Mozilla\Firefox\Profiles\qo1ws90o.default\searchplugins\Mysearchdial.xml
File Found : C:\Users\ldbachman\AppData\Roaming\Mozilla\Firefox\Profiles\qo1ws90o.default\searchplugins\search-the-web.xml
File Found : C:\Users\ldbachman\AppData\Roaming\Mozilla\Firefox\Profiles\qo1ws90o.default\searchplugins\Web Search.xml
File Found : C:\Users\ldbachman\AppData\Roaming\Mozilla\Firefox\Profiles\qo1ws90o.default\user.js
File Found : C:\Users\ldbachman\Desktop\Mobogenie.lnk
File Found : C:\Users\ldbachman\Desktop\MyPC Backup.lnk
File Found : C:\Users\ldbachman\Desktop\MySearchDial.url
File Found : C:\Users\Public\Desktop\Advanced System Protector.lnk
File Found : C:\Users\Public\Desktop\Open It!.lnk
File Found : C:\Users\Public\Desktop\RegClean Pro.lnk
File Found : C:\Windows\System32\roboot64.exe
File Found : C:\Windows\System32\Tasks\Advanced System Protector
File Found : C:\Windows\System32\Tasks\Advanced System Protector_startup
File Found : C:\Windows\System32\Tasks\MySearchDial
File Found : C:\Windows\System32\Tasks\Plus-HD-1.3-chromeinstaller
File Found : C:\Windows\System32\Tasks\Plus-HD-1.3-codedownloader
File Found : C:\Windows\System32\Tasks\Plus-HD-1.3-enabler
File Found : C:\Windows\System32\Tasks\Plus-HD-1.3-firefoxinstaller
File Found : C:\Windows\System32\Tasks\Plus-HD-1.3-updater
File Found : C:\Windows\System32\Tasks\RegClean Pro
File Found : C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
File Found : C:\Windows\System32\Tasks\RegClean Pro_UPDATES
File Found : C:\Windows\System32\Tasks\Re-markit Update
File Found : C:\Windows\Tasks\MySearchDial.job
File Found : C:\Windows\Tasks\Plus-HD-1.3-chromeinstaller.job
File Found : C:\Windows\Tasks\Plus-HD-1.3-codedownloader.job
File Found : C:\Windows\Tasks\Plus-HD-1.3-enabler.job
File Found : C:\Windows\Tasks\Plus-HD-1.3-firefoxinstaller.job
File Found : C:\Windows\Tasks\Plus-HD-1.3-updater.job
File Found : C:\Windows\Tasks\RegClean Pro_DEFAULT.job
File Found : C:\Windows\Tasks\RegClean Pro_UPDATES.job
File Found : C:\Windows\Tasks\Re-markit Update.job
Folder Found : C:\Users\ldbachman\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel
Folder Found : C:\Users\ldbachman\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl
Folder Found : C:\Users\ldbachman\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Folder Found : C:\Users\ldbachman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Folder Found : C:\Users\ldbachman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb
Folder Found : C:\Users\ldbachman\AppData\Roaming\Mozilla\Firefox\Profiles\qo1ws90o.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Folder Found : C:\Users\ldbachman\AppData\Roaming\Mozilla\Firefox\Profiles\qo1ws90o.default\Extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com
Folder Found : C:\Users\ldbachman\AppData\Roaming\Mozilla\Firefox\Profiles\qo1ws90o.default\Extensions\ffxtlbr@iminent.com
Folder Found : C:\Users\ldbachman\AppData\Roaming\Mozilla\Firefox\Profiles\qo1ws90o.default\Extensions\tidynetwork@tidynetwork
Folder Found C:\Program Files (x86)\Advanced System Protector
Folder Found C:\Program Files (x86)\BrowseSmart
Folder Found C:\Program Files (x86)\Common Files\Umbrella
Folder Found C:\Program Files (x86)\Iminent
Folder Found C:\Program Files (x86)\IminentToolbar
Folder Found C:\Program Files (x86)\Mobogenie
Folder Found C:\Program Files (x86)\MyPC Backup
Folder Found C:\Program Files (x86)\Mysearchdial
Folder Found C:\Program Files (x86)\openit
Folder Found C:\Program Files (x86)\optimizer pro
Folder Found C:\Program Files (x86)\Plus-HD-1.3
Folder Found C:\Program Files (x86)\RegClean Pro
Folder Found C:\Program Files (x86)\Re-markit
Folder Found C:\Program Files (x86)\Searchprotect
Folder Found C:\Program Files (x86)\Uniblue\SpeedUpMyPC
Folder Found C:\ProgramData\apn
Folder Found C:\ProgramData\Ask
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\open it!
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro v3.2
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue\SpeedUpMyPC
Folder Found C:\ProgramData\Systweak
Folder Found C:\Users\LDBACH~1\AppData\Local\Temp\apn
Folder Found C:\Users\LDBACH~1\AppData\Local\Temp\Iminent
Folder Found C:\Users\LDBACH~1\AppData\Local\Temp\Smartbar
Folder Found C:\Users\ldbachman\AppData\Local\Mobogenie
Folder Found C:\Users\ldbachman\AppData\Local\Searchprotect
Folder Found C:\Users\ldbachman\AppData\Local\SwvUpdater
Folder Found C:\Users\ldbachman\AppData\Local\TidyNetwork
Folder Found C:\Users\ldbachman\AppData\LocalLow\IminentToolbar
Folder Found C:\Users\ldbachman\AppData\LocalLow\Plus-HD-1.3
Folder Found C:\Users\ldbachman\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
Folder Found C:\Users\ldbachman\AppData\Roaming\Advanced System Protector
Folder Found C:\Users\ldbachman\AppData\Roaming\IminentToolbar
Folder Found C:\Users\ldbachman\AppData\Roaming\iSafe
Folder Found C:\Users\ldbachman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Folder Found C:\Users\ldbachman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Folder Found C:\Users\ldbachman\AppData\Roaming\Mozilla\Firefox\Profiles\qo1ws90o.default\FCTB
Folder Found C:\Users\ldbachman\AppData\Roaming\Mysearchdial
Folder Found C:\Users\ldbachman\AppData\Roaming\Systweak
Folder Found C:\Users\ldbachman\AppData\Roaming\Uniblue\SpeedUpMyPC
Folder Found C:\Users\ldbachman\Documents\Mobogenie
***** [ Shortcuts ] *****
***** [ Registry ] *****
Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\optimi~1\optpro~1.dll
Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\searchprotect\searchprotect\bin\spvc32loader.dll
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\AppDataLow\Software\Plus-HD-1.3
Key Found : HKCU\Software\dsiteproducts
Key Found : HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Found : HKCU\Software\Iminent
Key Found : HKCU\Software\IminentToolbar
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\installedbrowserextensions
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{112BA211-334C-4A90-90EC-2AD1CDAB287C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1FAFD711-ABF9-4F6A-8130-5166C7371427}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311121157}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{112BA211-334C-4A90-90EC-2AD1CDAB287C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1FAFD711-ABF9-4F6A-8130-5166C7371427}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Zip Opener Packages
Key Found : HKCU\Software\mysearchdial
Key Found : HKCU\Software\SmartBar
Key Found : HKCU\Software\smartbarlog
Key Found : HKCU\Software\systweak
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : [x64] HKCU\Software\dsiteproducts
Key Found : [x64] HKCU\Software\Iminent
Key Found : [x64] HKCU\Software\IminentToolbar
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\installedbrowserextensions
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Key Found : [x64] HKCU\Software\mysearchdial
Key Found : [x64] HKCU\Software\SmartBar
Key Found : [x64] HKCU\Software\smartbarlog
Key Found : [x64] HKCU\Software\systweak
Key Found : [x64] HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Found : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\AppID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}
Key Found : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{8E9F2D02-6B06-4EBA-92C2-68438EADED28}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9DC8FA51-B596-4F77-802C-5B295919C205}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Key Found : HKLM\SOFTWARE\Classes\b
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311121157}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{112BA211-334C-4A90-90EC-2AD1CDAB287C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1FAFD711-ABF9-4F6A-8130-5166C7371427}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322122257}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3E28F712-0D6C-4EE3-AC8C-8F060F5D7C33}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6CE321DA-DC11-45C6-A0FC-4E8A7D978ABC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6EEBC7FF-67DA-4B90-9251-C2C5696E4B48}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{74137531-80F7-406F-9543-7D11385FA8C8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{82E74373-58AB-47EB-B0F0-A1D82BB8EB5C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{832599B2-55BF-4437-8F3E-030CF5AEB262}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{99E71BF1-5F51-4AF9-830B-67015D59640D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9B7B034B-944A-4261-B487-862F642F7615}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9FD0C1D9-180B-4834-B80B-4B7325AF90E1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A2CC3C46-143B-4142-9D5A-B8543F0A6F55}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B1A429DB-FB06-4645-B7C0-0CC405EAD3CD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DD67706E-819E-4EBD-BF8D-6D6147CC7A49}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F62A4AF9-58B4-4FEC-89CC-D717A547D8E8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FFBB88A9-C663-4B9B-9170-70FA0A5A2786}
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0031257.BHO
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0031257.BHO.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0031257.Sandbox
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0031257.Sandbox.1
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\esrv.iminentESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.iminentESrvc.1
Key Found : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc.1
Key Found : HKLM\SOFTWARE\Classes\I
Key Found : HKLM\SOFTWARE\Classes\Iminent
Key Found : HKLM\SOFTWARE\Classes\iminent.iminentappCore
Key Found : HKLM\SOFTWARE\Classes\iminent.iminentappCore.1
Key Found : HKLM\SOFTWARE\Classes\iminent.iminentdskBnd
Key Found : HKLM\SOFTWARE\Classes\iminent.iminentdskBnd.1
Key Found : HKLM\SOFTWARE\Classes\iminent.iminentHlpr
Key Found : HKLM\SOFTWARE\Classes\iminent.iminentHlpr.1
Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject
Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1
Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{392DE650-A1E6-4FB3-A5A4-21285DE225BD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355125557}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366126657}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Key Found : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore
Key Found : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore.1
Key Found : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd
Key Found : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd.1
Key Found : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr
Key Found : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr.1
Key Found : HKLM\SOFTWARE\Classes\PCProxy.DataContainer
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\speedupmypc
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344124457}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{5563BEFE-3B03-43B1-8041-64A9745DAA56}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{8E9F2D02-6B06-4EBA-92C2-68438EADED28}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B463ECD2-E5D8-4178-80C4-EC7C7E72F9AC}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb
Key Found : HKLM\Software\Iminent
Key Found : HKLM\Software\IminentToolbar
Key Found : HKLM\Software\InstallCore
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{208D4124-3895-4974-B293-A159BD306078}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27701089-884d-474c-94e0-037b7a5fc12d}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27701089-884d-474c-94e0-037b7a5fc12d}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27701089-884d-474c-94e0-037b7a5fc12d}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{55116f15-b1e7-41d9-aa2c-541d6cbf44f4}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{55116f15-b1e7-41d9-aa2c-541d6cbf44f4}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{55116f15-b1e7-41d9-aa2c-541d6cbf44f4}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{666ab7b1-3c28-4159-9503-419fe6115753}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{666ab7b1-3c28-4159-9503-419fe6115753}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{666ab7b1-3c28-4159-9503-419fe6115753}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{84941f3d-3626-4410-8cce-d12bcab2bef6}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{84941f3d-3626-4410-8cce-d12bcab2bef6}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{84941f3d-3626-4410-8cce-d12bcab2bef6}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e6dacd3f-f5fb-4aa4-9759-b0a6f154d2ee}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e6dacd3f-f5fb-4aa4-9759-b0a6f154d2ee}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e6dacd3f-f5fb-4aa4-9759-b0a6f154d2ee}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311121157}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{112BA211-334C-4A90-90EC-2AD1CDAB287C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFBB88A9-C663-4B9B-9170-70FA0A5A2786}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Iminent
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OpenIt Open It!
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-1.3
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Found : HKLM\Software\Plus-HD-1.3
Key Found : HKLM\Software\SearchProtect
Key Found : HKLM\Software\systweak
Key Found : HKLM\Software\Umbrella
Key Found : HKLM\Software\Uniblue
Key Found : HKLM\Software\Uniblue\SpeedUpMyPC
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311121157}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322122257}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{392DE650-A1E6-4FB3-A5A4-21285DE225BD}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355125557}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366126657}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Key Found : [x64] HKLM\SOFTWARE\DomaIQ
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Found : [x64] HKLM\SOFTWARE\Iminent
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27701089-884d-474c-94e0-037b7a5fc12d}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27701089-884d-474c-94e0-037b7a5fc12d}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27701089-884d-474c-94e0-037b7a5fc12d}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{55116f15-b1e7-41d9-aa2c-541d6cbf44f4}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{55116f15-b1e7-41d9-aa2c-541d6cbf44f4}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{55116f15-b1e7-41d9-aa2c-541d6cbf44f4}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{666ab7b1-3c28-4159-9503-419fe6115753}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{666ab7b1-3c28-4159-9503-419fe6115753}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{666ab7b1-3c28-4159-9503-419fe6115753}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{84941f3d-3626-4410-8cce-d12bcab2bef6}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{84941f3d-3626-4410-8cce-d12bcab2bef6}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{84941f3d-3626-4410-8cce-d12bcab2bef6}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e6dacd3f-f5fb-4aa4-9759-b0a6f154d2ee}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e6dacd3f-f5fb-4aa4-9759-b0a6f154d2ee}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e6dacd3f-f5fb-4aa4-9759-b0a6f154d2ee}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311121157}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{84FF7BD6-B47F-46F8-9130-01B2696B36CB}]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{1FAFD711-ABF9-4F6A-8130-5166C7371427}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3004627E-F8E9-4E8B-909D-316753CBA923}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Iminent]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [IminentMessenger]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://start.iminent.com/?appId=8CADC269-9CDB-47A8-BB4E-36197AB47297
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=US&userid=a9e49f06-f639-0802-e141-541423680fde&searchtype=ds&q={searchTerms}&installDate={installDate}
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=US&userid=a9e49f06-f639-0802-e141-541423680fde&searchtype=ds&q={searchTerms}&installDate={installDate}
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://start.mysearchdial.com/?f=1&a=irmsd1202&cd=2XzuyEtN2Y1L1QzutDtDtByCzy0EyE0D0E0A0EzztDyEtByEtN0D0Tzu0SyBtByCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=973922486&ir=
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=US&userid=a9e49f06-f639-0802-e141-541423680fde&searchtype=ds&q={searchTerms}&installDate={installDate}
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=US&userid=a9e49f06-f639-0802-e141-541423680fde&searchtype=ds&q={searchTerms}&installDate={installDate}
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - hxxp://start.mysearchdial.com/?f=2&a=irmsd1202&cd=2XzuyEtN2Y1L1QzutDtDtByCzy0EyE0D0E0A0EzztDyEtByEtN0D0Tzu0SyBtByCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=973922486&ir=
Setting Found : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=US&userid=a9e49f06-f639-0802-e141-541423680fde&searchtype=ds&q={searchTerms}&installDate={installDate}
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://start.mysearchdial.com/?f=1&a=irmsd1202&cd=2XzuyEtN2Y1L1QzutDtDtByCzy0EyE0D0E0A0EzztDyEtByEtN0D0Tzu0SyBtByCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=973922486&ir=
-\\ Mozilla Firefox v22.0 (en-US)
[ File : C:\Users\ldbachman\AppData\Roaming\Mozilla\Firefox\Profiles\qo1ws90o.default\prefs.js ]
Line Found : user_pref("7C6800C5-339C-4C51-9137-4ADA1CCA6C92.license", "o04Nk0Ddd8Gbi8eaarYxwsAe9uwIq6jFsXLm%2BD4IFypX%2FSdECWvFl53TkmFIpO9dWDHKxI5zJ3cEmHp8TqipEsLh93Nhs%2Fq2niP24T2pMfunUIAXGBXyepstIFlI8%2FJb%2Bmn[...]
Line Found : user_pref("CT3309350.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Found : user_pref("browser.newtab.url", "hxxp://search.conduit.com/?ctid=CT3308837&octid=EB_ORIGINAL_CTID&SearchSource=69&CUI=&SSPV=&Lay=1&UM=2&UP=SP0800E2DB-ECDC-48EE-87B0-095CFF69F3E7");
Line Found : user_pref("browser.search.defaultengine", "Ask.com");
Line Found : user_pref("browser.search.defaultenginename", "Mysearchdial");
Line Found : user_pref("browser.search.order.1", "Ask.com");
Line Found : user_pref("browser.search.selectedEngine", "Mysearchdial");
Line Found : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=irmsd1202&cd=2XzuyEtN2Y1L1QzutDtDtByCzy0EyE0D0E0A0EzztDyEtByEtN0D0Tzu0SyBtByCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1[...]
Line Found : user_pref("extensions.BabylonToolbar.admin", false);
Line Found : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Line Found : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Line Found : user_pref("extensions.BabylonToolbar.autoRvrt", "false");
Line Found : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Line Found : user_pref("extensions.BabylonToolbar.excTlbr", false);
Line Found : user_pref("extensions.BabylonToolbar.id", "80c00424000000000000001e644aa096");
Line Found : user_pref("extensions.BabylonToolbar.instlDay", "15652");
Line Found : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Line Found : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Line Found : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Line Found : user_pref("extensions.BabylonToolbar.tlbrId", "tb9");
Line Found : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=80c00424000000000000001e644aa096&q=");
Line Found : user_pref("extensions.BabylonToolbar.vrsn", "1.8.3.8");
Line Found : user_pref("extensions.BabylonToolbar.vrsni", "1.8.3.8");
Line Found : user_pref("extensions.BabylonToolbar_i.babExt", "");
Line Found : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110803&tt=4512_7");
Line Found : user_pref("extensions.BabylonToolbar_i.newTab", false);
Line Found : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Line Found : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Line Found : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.3.821:43:42");
Line Found : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.InstallationTime", 1387602002);
Line Found : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.active", true);
Line Found : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.addressbar", "NA");
Line Found : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.addressbarenhanced", "");
Line Found : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.backgroundver", 2);
Line Found : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.certdomaininstaller", "");
Line Found : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.changeprevious", false);
Line Found : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");
Line Found : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.cookie.InstallationTime.value", "1387602002");
Line Found : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.description", "Turn YouTube videos to High Definition by default");
Line Found : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.domain", "");
Line Found : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.enablesearch", false);
Line Found : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.homepage", "");
Line Found : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.iframe", false);
Line Found : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.lastUpdate", "1387601999714");
Line Found : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.manifesturl", "");
Line Found : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.name", "Plus-HD-1.3");
Line Found : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.newtab", "");
Line Found : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.opensearch", "");
Line Found : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.pluginsurl", "hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/apps/31257/plugins/093/ff/plugins.json");
Line Found : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.publisher", "Plus HD");
Line Found : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.setnewtab", false);
Line Found : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.thankyou", "");
Line Found : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.updateinterval", 360);
Line Found : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.bic", "14313863f8084433170d232babbdc73c");
Line Found : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.installationdate", 1387602002);
Line Found : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.modetype", "production");
Line Found : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.reportInstall", true);
Line Found : user_pref("extensions.crossrider.bic", "14313863f8084433170d232babbdc73c");
Line Found : user_pref("extensions.enabledAddons", "TidyNetwork%40TidyNetwork:5.0,%7B73f58f76-2abf-4927-8c1c-5f98500e0bb8%7D:1.136,%7BB21F5E31-B8E8-41CD-B74C-168A71A10E49%7D:1.0.0,509508ef-0b14-4616-a557-0d58601be[...]
Line Found : user_pref("extensions.iminent.admin", false);
Line Found : user_pref("extensions.iminent.aflt", "orgnl");
Line Found : user_pref("extensions.iminent.appId", "{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}");
Line Found : user_pref("extensions.iminent.autoRvrt", "false");
Line Found : user_pref("extensions.iminent.cntry", "US");
Line Found : user_pref("extensions.iminent.dfltLng", "");
Line Found : user_pref("extensions.iminent.excTlbr", false);
Line Found : user_pref("extensions.iminent.ffxUnstlRst", false);
Line Found : user_pref("extensions.iminent.hdrMd5", "5285178FC59E7EEADB45DE657178CF29");
Line Found : user_pref("extensions.iminent.id", "80c00424000000000000001e644aa096");
Line Found : user_pref("extensions.iminent.instlDay", "16060");
Line Found : user_pref("extensions.iminent.instlRef", "");
Line Found : user_pref("extensions.iminent.lastVrsnTs", "1.8.28.320:25:06");
Line Found : user_pref("extensions.iminent.newTab", false);
Line Found : user_pref("extensions.iminent.prdct", "iminent");
Line Found : user_pref("extensions.iminent.prtnrId", "iminent");
Line Found : user_pref("extensions.iminent.rvrt", "false");
Line Found : user_pref("extensions.iminent.sg", "none");
Line Found : user_pref("extensions.iminent.smplGrp", "none");
Line Found : user_pref("extensions.iminent.tlbrId", "YBCPCSTIPO");
Line Found : user_pref("extensions.iminent.tlbrSrchUrl", "hxxp://start.iminent.com/?ref=toolbarm#q=");
Line Found : user_pref("extensions.iminent.vrsn", "1.8.28.3");
Line Found : user_pref("extensions.iminent.vrsnTs", "1.8.28.320:25:06");
Line Found : user_pref("extensions.iminent.vrsni", "1.8.28.3");
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.AutoSearchEventData", "auto%20search");
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.ClearCacheDate", 19);
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.DisplayEULA", false);
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.DnsCatchEventData", "dns%20catch");
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.FirstLaunchShown", true);
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.LoadLayoutDate.62781", 29);
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.NewTabSearchEventData", "tab%20search");
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.ShowRecommendedOptions", true);
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.StateReportDate", "1308541634466");
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.TopRightSearchEventData", "top%20right%20search");
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.customNewTab", true);
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.data", "970E0D327E91ACB7AE5FC2C7B268ABD9A70C71F6925C4BFAB44253B0B46B6E5B4DEEAC03D0FD44BA768F80BE5607101240C5FD33B018B3EC12416D6DC4F7BE70");
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.helpUsImprove", true);
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.hideOthers", false);
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.processAddrBar", true);
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.restoreSearch", false);
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.revision", "32");
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.searchHistory", true);
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.showFirstLaunchOptions", false);
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.stday", "29");
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.sthour", "13");
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.tb_lang", "en");
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.tool_id", "62781");
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.user_id", "34658195");
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.user_key", "03c20fd4764c225106ccd8c52de890fbc90fa808");
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.user_layouts", "62781");
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.user_lnames", "Gamers%20Unite%21%20Snag%20Bar");
Line Found : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.yahooSearch", true);
Line Found : user_pref("iminent.enabledAds", "false");
Line Found : user_pref("iminent.newtabredirect", "true");
Line Found : user_pref("iminent.searchindex", "1");
Line Found : user_pref("CT3309350.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Found : user_pref("CT3309350.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Found : user_pref("browser.startup.homepage", "hxxp://start.iminent.com/?appId=8CADC269-9CDB-47A8-BB4E-36197AB47297");
-\\ Google Chrome v
[ File : C:\Users\ldbachman\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Found : urls_to_restore_on_startup
Found : homepage
Found : icon_url
Found : search_url
Found : keyword
Found : urls_to_restore_on_startup
*************************
AdwCleaner[R0].txt - [42965 octets] - [26/12/2013 09:47:18]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [43026 octets] ##########
You did fine
Double click on AdwCleaner.exe to run the tool again.
Click on the Scan button.
AdwCleaner will begin to scan your computer like it did before.
After the scan has finished...
This time, click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
Copy and paste the contents of that logfile in your next reply.
A copy of that logfile will also be saved in the C:\AdwCleaner folder.
http://imageshack.us/a/img841/7292/thisisujrt.gif Please download Junkware Removal Tool (http://thisisudax.org/downloads/JRT.exe) to your desktop.
Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.
snowboarder
2013-12-27, 01:47
Hope I did it correctly:
# AdwCleaner v3.016 - Report created 26/12/2013 at 16:19:19
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : ldbachman - LDBACHMAN-PC
# Running from : C:\Users\ldbachman\Downloads\AdwCleaner (1).exe
# Option : Clean
***** [ Services ] *****
Service Deleted : 70e6ca8c
[#] Service Deleted : BackupStack
Service Deleted : SProtection
[#] Service Deleted : Update BrowseSmart
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Systweak
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\open it!
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro v3.2
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue\SpeedUpMyPC
Folder Deleted : C:\Program Files (x86)\Advanced System Protector
Folder Deleted : C:\Program Files (x86)\BrowseSmart
Folder Deleted : C:\Program Files (x86)\Iminent
Folder Deleted : C:\Program Files (x86)\IminentToolbar
Folder Deleted : C:\Program Files (x86)\Mobogenie
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Mysearchdial
Folder Deleted : C:\Program Files (x86)\openit
Folder Deleted : C:\Program Files (x86)\optimizer pro
Folder Deleted : C:\Program Files (x86)\RegClean Pro
Folder Deleted : C:\Program Files (x86)\Re-markit
Folder Deleted : C:\Program Files (x86)\Searchprotect
Folder Deleted : C:\Program Files (x86)\Uniblue\SpeedUpMyPC
Folder Deleted : C:\Program Files (x86)\Plus-HD-1.3
Folder Deleted : C:\Program Files (x86)\Common Files\Umbrella
Folder Deleted : C:\Users\ldbachman\AppData\Local\Mobogenie
Folder Deleted : C:\Users\ldbachman\AppData\Local\Searchprotect
Folder Deleted : C:\Users\ldbachman\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\ldbachman\AppData\Local\TidyNetwork
Folder Deleted : C:\Users\LDBACH~1\AppData\Local\Temp\apn
Folder Deleted : C:\Users\LDBACH~1\AppData\Local\Temp\Iminent
Folder Deleted : C:\Users\LDBACH~1\AppData\Local\Temp\Smartbar
Folder Deleted : C:\Users\ldbachman\AppData\LocalLow\IminentToolbar
Folder Deleted : C:\Users\ldbachman\AppData\LocalLow\Plus-HD-1.3
Folder Deleted : C:\Users\ldbachman\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
Folder Deleted : C:\Users\ldbachman\AppData\Roaming\Advanced System Protector
Folder Deleted : C:\Users\ldbachman\AppData\Roaming\IminentToolbar
Folder Deleted : C:\Users\ldbachman\AppData\Roaming\iSafe
Folder Deleted : C:\Users\ldbachman\AppData\Roaming\Mysearchdial
Folder Deleted : C:\Users\ldbachman\AppData\Roaming\Systweak
Folder Deleted : C:\Users\ldbachman\AppData\Roaming\Uniblue\SpeedUpMyPC
Folder Deleted : C:\Users\ldbachman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Folder Deleted : C:\Users\ldbachman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Folder Deleted : C:\Users\ldbachman\Documents\Mobogenie
Folder Deleted : C:\Users\ldbachman\AppData\Roaming\Mozilla\Firefox\Profiles\qo1ws90o.default\FCTB
Folder Deleted : C:\Users\ldbachman\AppData\Roaming\Mozilla\Firefox\Profiles\qo1ws90o.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Folder Deleted : C:\Users\ldbachman\AppData\Roaming\Mozilla\Firefox\Profiles\qo1ws90o.default\Extensions\ffxtlbr@iminent.com
Folder Deleted : C:\Users\ldbachman\AppData\Roaming\Mozilla\Firefox\Profiles\qo1ws90o.default\Extensions\tidynetwork@tidynetwork
Folder Deleted : C:\Users\ldbachman\AppData\Roaming\Mozilla\Firefox\Profiles\qo1ws90o.default\Extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com
Folder Deleted : C:\Users\ldbachman\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel
Folder Deleted : C:\Users\ldbachman\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Folder Deleted : C:\Users\ldbachman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Folder Deleted : C:\Users\ldbachman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb
Folder Deleted : C:\Users\ldbachman\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl
File Deleted : C:\Users\Public\Desktop\Advanced System Protector.lnk
File Deleted : C:\Users\Public\Desktop\Open It!.lnk
File Deleted : C:\Users\Public\Desktop\RegClean Pro.lnk
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\ldbachman\AppData\Local\mysearchdial-speeddial.crx
File Deleted : C:\Users\ldbachman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
File Deleted : C:\Users\ldbachman\Desktop\Mobogenie.lnk
File Deleted : C:\Users\ldbachman\Desktop\MyPC Backup.lnk
File Deleted : C:\Users\ldbachman\Desktop\MySearchDial.url
File Deleted : C:\Users\ldbachman\AppData\Roaming\Mozilla\Firefox\Profiles\qo1ws90o.default\searchplugins\Askcom.xml
File Deleted : C:\Users\ldbachman\AppData\Roaming\Mozilla\Firefox\Profiles\qo1ws90o.default\searchplugins\conduit-search.xml
File Deleted : C:\Users\ldbachman\AppData\Roaming\Mozilla\Firefox\Profiles\qo1ws90o.default\searchplugins\iminent.xml
File Deleted : C:\Users\ldbachman\AppData\Roaming\Mozilla\Firefox\Profiles\qo1ws90o.default\searchplugins\Mysearchdial.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\safesearch.xml
File Deleted : C:\Users\ldbachman\AppData\Roaming\Mozilla\Firefox\Profiles\qo1ws90o.default\searchplugins\search-the-web.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\StartWeb.xml
File Deleted : C:\Users\ldbachman\AppData\Roaming\Mozilla\Firefox\Profiles\qo1ws90o.default\searchplugins\Web Search.xml
File Deleted : C:\Users\ldbachman\AppData\Roaming\Mozilla\Firefox\Profiles\qo1ws90o.default\user.js
File Deleted : C:\Users\ldbachman\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
File Deleted : C:\Users\ldbachman\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage-journal
File Deleted : C:\Users\ldbachman\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage
File Deleted : C:\Windows\System32\Tasks\Advanced System Protector
File Deleted : C:\Windows\System32\Tasks\Advanced System Protector_startup
File Deleted : C:\Windows\Tasks\MySearchDial.job
File Deleted : C:\Windows\System32\Tasks\MySearchDial
File Deleted : C:\Windows\System32\Tasks\RegClean Pro
File Deleted : C:\Windows\Tasks\RegClean Pro_DEFAULT.job
File Deleted : C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
File Deleted : C:\Windows\Tasks\RegClean Pro_UPDATES.job
File Deleted : C:\Windows\System32\Tasks\RegClean Pro_UPDATES
File Deleted : C:\Windows\Tasks\Re-markit Update.job
File Deleted : C:\Windows\System32\Tasks\Re-markit Update
File Deleted : C:\Windows\Tasks\Plus-HD-1.3-chromeinstaller.job
File Deleted : C:\Windows\System32\Tasks\Plus-HD-1.3-chromeinstaller
File Deleted : C:\Windows\Tasks\Plus-HD-1.3-codedownloader.job
File Deleted : C:\Windows\System32\Tasks\Plus-HD-1.3-codedownloader
File Deleted : C:\Windows\Tasks\Plus-HD-1.3-enabler.job
File Deleted : C:\Windows\System32\Tasks\Plus-HD-1.3-enabler
File Deleted : C:\Windows\Tasks\Plus-HD-1.3-firefoxinstaller.job
File Deleted : C:\Windows\System32\Tasks\Plus-HD-1.3-firefoxinstaller
File Deleted : C:\Windows\Tasks\Plus-HD-1.3-updater.job
File Deleted : C:\Windows\System32\Tasks\Plus-HD-1.3-updater
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Key Deleted : HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.iminentESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.iminentESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\I
Key Deleted : HKLM\SOFTWARE\Classes\Iminent
Key Deleted : HKLM\SOFTWARE\Classes\iminent.iminentappCore
Key Deleted : HKLM\SOFTWARE\Classes\iminent.iminentappCore.1
Key Deleted : HKLM\SOFTWARE\Classes\iminent.iminentdskBnd
Key Deleted : HKLM\SOFTWARE\Classes\iminent.iminentdskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\iminent.iminentHlpr
Key Deleted : HKLM\SOFTWARE\Classes\iminent.iminentHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore
Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore.1
Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd
Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr
Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\PCProxy.DataContainer
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Iminent]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [IminentMessenger]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0031257.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0031257.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0031257.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0031257.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{8E9F2D02-6B06-4EBA-92C2-68438EADED28}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9DC8FA51-B596-4F77-802C-5B295919C205}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{112BA211-334C-4A90-90EC-2AD1CDAB287C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1FAFD711-ABF9-4F6A-8130-5166C7371427}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3E28F712-0D6C-4EE3-AC8C-8F060F5D7C33}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6CE321DA-DC11-45C6-A0FC-4E8A7D978ABC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EEBC7FF-67DA-4B90-9251-C2C5696E4B48}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{74137531-80F7-406F-9543-7D11385FA8C8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82E74373-58AB-47EB-B0F0-A1D82BB8EB5C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{832599B2-55BF-4437-8F3E-030CF5AEB262}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99E71BF1-5F51-4AF9-830B-67015D59640D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9B7B034B-944A-4261-B487-862F642F7615}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9FD0C1D9-180B-4834-B80B-4B7325AF90E1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A2CC3C46-143B-4142-9D5A-B8543F0A6F55}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B1A429DB-FB06-4645-B7C0-0CC405EAD3CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD67706E-819E-4EBD-BF8D-6D6147CC7A49}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F62A4AF9-58B4-4FEC-89CC-D717A547D8E8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFBB88A9-C663-4B9B-9170-70FA0A5A2786}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311121157}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322122257}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{392DE650-A1E6-4FB3-A5A4-21285DE225BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355125557}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366126657}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5563BEFE-3B03-43B1-8041-64A9745DAA56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8E9F2D02-6B06-4EBA-92C2-68438EADED28}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B463ECD2-E5D8-4178-80C4-EC7C7E72F9AC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344124457}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{112BA211-334C-4A90-90EC-2AD1CDAB287C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFBB88A9-C663-4B9B-9170-70FA0A5A2786}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311121157}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{112BA211-334C-4A90-90EC-2AD1CDAB287C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1FAFD711-ABF9-4F6A-8130-5166C7371427}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311121157}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{112BA211-334C-4A90-90EC-2AD1CDAB287C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1FAFD711-ABF9-4F6A-8130-5166C7371427}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{208D4124-3895-4974-B293-A159BD306078}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27701089-884d-474c-94e0-037b7a5fc12d}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{55116f15-b1e7-41d9-aa2c-541d6cbf44f4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{666ab7b1-3c28-4159-9503-419fe6115753}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{84941f3d-3626-4410-8cce-d12bcab2bef6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e6dacd3f-f5fb-4aa4-9759-b0a6f154d2ee}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{1FAFD711-ABF9-4F6A-8130-5166C7371427}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3004627E-F8E9-4E8B-909D-316753CBA923}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{84FF7BD6-B47F-46F8-9130-01B2696B36CB}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311121157}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322122257}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{392DE650-A1E6-4FB3-A5A4-21285DE225BD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355125557}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366126657}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311121157}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27701089-884d-474c-94e0-037b7a5fc12d}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{55116f15-b1e7-41d9-aa2c-541d6cbf44f4}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{666ab7b1-3c28-4159-9503-419fe6115753}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{84941f3d-3626-4410-8cce-d12bcab2bef6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e6dacd3f-f5fb-4aa4-9759-b0a6f154d2ee}
Key Deleted : HKCU\Software\dsiteproducts
Key Deleted : HKCU\Software\Iminent
Key Deleted : HKCU\Software\IminentToolbar
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\installedbrowserextensions
Key Deleted : HKCU\Software\mysearchdial
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\smartbarlog
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Plus-HD-1.3
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\Software\IminentToolbar
Key Deleted : HKLM\Software\InstallCore
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\Umbrella
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKLM\Software\Plus-HD-1.3
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Zip Opener Packages
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OpenIt Open It!
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-1.3
Key Deleted : [x64] HKLM\SOFTWARE\DomaIQ
Key Deleted : [x64] HKLM\SOFTWARE\Iminent
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\searchprotect\searchprotect\bin\spvc32loader.dll
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\optimi~1\optpro~1.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v22.0 (en-US)
[ File : C:\Users\ldbachman\AppData\Roaming\Mozilla\Firefox\Profiles\qo1ws90o.default\prefs.js ]
Line Deleted : user_pref("7C6800C5-339C-4C51-9137-4ADA1CCA6C92.license", "o04Nk0Ddd8Gbi8eaarYxwsAe9uwIq6jFsXLm%2BD4IFypX%2FSdECWvFl53TkmFIpO9dWDHKxI5zJ3cEmHp8TqipEsLh93Nhs%2Fq2niP24T2pMfunUIAXGBXyepstIFlI8%2FJb%2Bmn[...]
Line Deleted : user_pref("CT3309350.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("browser.newtab.url", "hxxp://search.conduit.com/?ctid=CT3308837&octid=EB_ORIGINAL_CTID&SearchSource=69&CUI=&SSPV=&Lay=1&UM=2&UP=SP0800E2DB-ECDC-48EE-87B0-095CFF69F3E7");
Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Line Deleted : user_pref("browser.search.defaultenginename", "Mysearchdial");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("browser.search.selectedEngine", "Mysearchdial");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=irmsd1202&cd=2XzuyEtN2Y1L1QzutDtDtByCzy0EyE0D0E0A0EzztDyEtByEtN0D0Tzu0SyBtByCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1[...]
Line Deleted : user_pref("extensions.BabylonToolbar.admin", false);
Line Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Line Deleted : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Line Deleted : user_pref("extensions.BabylonToolbar.autoRvrt", "false");
Line Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Line Deleted : user_pref("extensions.BabylonToolbar.excTlbr", false);
Line Deleted : user_pref("extensions.BabylonToolbar.id", "80c00424000000000000001e644aa096");
Line Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15652");
Line Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Line Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Line Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Line Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "tb9");
Line Deleted : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=80c00424000000000000001e644aa096&q=");
Line Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.8.3.8");
Line Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.8.3.8");
Line Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Line Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110803&tt=4512_7");
Line Deleted : user_pref("extensions.BabylonToolbar_i.newTab", false);
Line Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Line Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.3.821:43:42");
Line Deleted : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.InstallationTime", 1387602002);
Line Deleted : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.active", true);
Line Deleted : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.addressbar", "NA");
Line Deleted : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.addressbarenhanced", "");
Line Deleted : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.backgroundver", 2);
Line Deleted : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.certdomaininstaller", "");
Line Deleted : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.changeprevious", false);
Line Deleted : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Standard Time)");
Line Deleted : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.cookie.InstallationTime.value", "1387602002");
Line Deleted : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.description", "Turn YouTube videos to High Definition by default");
Line Deleted : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.domain", "");
Line Deleted : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.enablesearch", false);
Line Deleted : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.homepage", "");
Line Deleted : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.iframe", false);
Line Deleted : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.lastUpdate", "1387601999714");
Line Deleted : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.manifesturl", "");
Line Deleted : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.name", "Plus-HD-1.3");
Line Deleted : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.newtab", "");
Line Deleted : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.opensearch", "");
Line Deleted : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.pluginsurl", "hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/apps/31257/plugins/093/ff/plugins.json");
Line Deleted : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.publisher", "Plus HD");
Line Deleted : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.setnewtab", false);
Line Deleted : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.thankyou", "");
Line Deleted : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.updateinterval", 360);
Line Deleted : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.bic", "14313863f8084433170d232babbdc73c");
Line Deleted : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.installationdate", 1387602002);
Line Deleted : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.modetype", "production");
Line Deleted : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.reportInstall", true);
Line Deleted : user_pref("extensions.crossrider.bic", "14313863f8084433170d232babbdc73c");
Line Deleted : user_pref("extensions.enabledAddons", "TidyNetwork%40TidyNetwork:5.0,%7B73f58f76-2abf-4927-8c1c-5f98500e0bb8%7D:1.136,%7BB21F5E31-B8E8-41CD-B74C-168A71A10E49%7D:1.0.0,509508ef-0b14-4616-a557-0d58601be[...]
Line Deleted : user_pref("extensions.iminent.admin", false);
Line Deleted : user_pref("extensions.iminent.aflt", "orgnl");
Line Deleted : user_pref("extensions.iminent.appId", "{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}");
Line Deleted : user_pref("extensions.iminent.autoRvrt", "false");
Line Deleted : user_pref("extensions.iminent.cntry", "US");
Line Deleted : user_pref("extensions.iminent.dfltLng", "");
Line Deleted : user_pref("extensions.iminent.excTlbr", false);
Line Deleted : user_pref("extensions.iminent.ffxUnstlRst", false);
Line Deleted : user_pref("extensions.iminent.hdrMd5", "5285178FC59E7EEADB45DE657178CF29");
Line Deleted : user_pref("extensions.iminent.id", "80c00424000000000000001e644aa096");
Line Deleted : user_pref("extensions.iminent.instlDay", "16060");
Line Deleted : user_pref("extensions.iminent.instlRef", "");
Line Deleted : user_pref("extensions.iminent.lastVrsnTs", "1.8.28.320:25:06");
Line Deleted : user_pref("extensions.iminent.newTab", false);
Line Deleted : user_pref("extensions.iminent.prdct", "iminent");
Line Deleted : user_pref("extensions.iminent.prtnrId", "iminent");
Line Deleted : user_pref("extensions.iminent.rvrt", "false");
Line Deleted : user_pref("extensions.iminent.sg", "none");
Line Deleted : user_pref("extensions.iminent.smplGrp", "none");
Line Deleted : user_pref("extensions.iminent.tlbrId", "YBCPCSTIPO");
Line Deleted : user_pref("extensions.iminent.tlbrSrchUrl", "hxxp://start.iminent.com/?ref=toolbarm#q=");
Line Deleted : user_pref("extensions.iminent.vrsn", "1.8.28.3");
Line Deleted : user_pref("extensions.iminent.vrsnTs", "1.8.28.320:25:06");
Line Deleted : user_pref("extensions.iminent.vrsni", "1.8.28.3");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.AutoSearchEventData", "auto%20search");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.ClearCacheDate", 19);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.DisplayEULA", false);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.DnsCatchEventData", "dns%20catch");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.FirstLaunchShown", true);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.LoadLayoutDate.62781", 29);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.NewTabSearchEventData", "tab%20search");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.ShowRecommendedOptions", true);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.StateReportDate", "1308541634466");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.TopRightSearchEventData", "top%20right%20search");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.customNewTab", true);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.data", "970E0D327E91ACB7AE5FC2C7B268ABD9A70C71F6925C4BFAB44253B0B46B6E5B4DEEAC03D0FD44BA768F80BE5607101240C5FD33B018B3EC12416D6DC4F7BE70");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.helpUsImprove", true);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.hideOthers", false);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.processAddrBar", true);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.restoreSearch", false);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.revision", "32");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.searchHistory", true);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.showFirstLaunchOptions", false);
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.stday", "29");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.sthour", "13");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.tb_lang", "en");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.tool_id", "62781");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.user_id", "34658195");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.user_key", "03c20fd4764c225106ccd8c52de890fbc90fa808");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.user_layouts", "62781");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.user_lnames", "Gamers%20Unite%21%20Snag%20Bar");
Line Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.yahooSearch", true);
Line Deleted : user_pref("iminent.enabledAds", "false");
Line Deleted : user_pref("iminent.newtabredirect", "true");
Line Deleted : user_pref("iminent.searchindex", "1");
Line Deleted : user_pref("CT3309350.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT3309350.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://start.iminent.com/?appId=8CADC269-9CDB-47A8-BB4E-36197AB47297");
-\\ Google Chrome v
[ File : C:\Users\ldbachman\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted : urls_to_restore_on_startup
Deleted : homepage
Deleted : icon_url
Deleted : search_url
Deleted : keyword
*************************
AdwCleaner[R0].txt - [43315 octets] - [26/12/2013 09:47:18]
AdwCleaner[R1].txt - [43380 octets] - [26/12/2013 16:12:59]
AdwCleaner[S0].txt - [39108 octets] - [26/12/2013 16:19:19]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [39169 octets] ##########
snowboarder
2013-12-27, 02:24
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by ldbachman on Thu 12/26/2013 at 17:11:33.03
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\msntask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\msntask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dealcabby-20120921_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dealcabby-20120921_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dealcabby_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dealcabby_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\msntask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\msntask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dealcabby-20120921_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dealcabby-20120921_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dealcabby_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dealcabby_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311121157}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{75EFE89A-0D07-4CCA-9C56-F56E81471E18}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0B4A07CF-45EB-4B10-B6BB-35568A2F89BE}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ABD3B5E1-B268-407B-A150-2641DAB8D898}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45470599-8237-486D-87B5-E89CD6AED154}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{45470599-8237-486D-87B5-E89CD6AED154}
~~~ Files
Successfully deleted: [File] "C:\Users\ldbachman\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\speedupmypc.lnk"
~~~ Folders
Successfully deleted: [Folder] "C:\Users\ldbachman\appdata\local\dealcabby"
Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\homepage protection"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\uniblue"
~~~ FireFox
Successfully deleted: [Folder] C:\Users\ldbachman\AppData\Roaming\mozilla\firefox\profiles\qo1ws90o.default\extensions\dealcabby@jetpack
Failed to delete: [Folder] C:\Users\ldbachman\AppData\Roaming\mozilla\firefox\profiles\qo1ws90o.default\extensions\staged
Successfully deleted the following from C:\Users\ldbachman\AppData\Roaming\mozilla\firefox\profiles\qo1ws90o.default\prefs.js
user_pref("settings.premium.greatarcadehits.cl_addonData", "hxxp://tt.greatarcadehits.com/cljs?options=OTcwMjYyNzgyNugHjg0%2Bt5FoyRzgibOxPB5LOv%2FLZOWXnOz7Y6JpDkj3n7TAVw24RgRH
Emptied folder: C:\Users\ldbachman\AppData\Roaming\mozilla\firefox\profiles\qo1ws90o.default\minidumps [24 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 12/26/2013 at 17:21:33.69
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
:bigthumb:
Please download Malwarebytes from Here (http://www.malwarebytes.org/mbam-download.php) or Here (http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html)
Double-click mbam-setup.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform quick scan, then click Scan.
http://i24.photobucket.com/albums/c30/ken545/MBAMCapture.jpg
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected .
When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.
Post the report please
snowboarder
2013-12-27, 03:36
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
Database version: v2013.12.27.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
ldbachman :: LDBACHMAN-PC [administrator]
Protection: Enabled
12/26/2013 6:22:15 PM
mbam-log-2013-12-26 (18-22-15).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 220054
Time elapsed: 8 minute(s), 21 second(s)
Memory Processes Detected: 2
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\SevereWeatherAlerts.exe (PUP.Optional.SevereWeatherAlerts) -> 3372 -> Delete on reboot.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe (PUP.Optional.SevereWeatherAlerts) -> 3360 -> Delete on reboot.
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 26
HKCR\CLSID\{0B4A07CF-45EB-4B10-B6BB-35568A2F89BE} (Adware.DealCabby) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{0B4A07CF-45EB-4B10-B6BB-35568A2F89BE} (Adware.DealCabby) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0B4A07CF-45EB-4B10-B6BB-35568A2F89BE} (Adware.DealCabby) -> Quarantined and deleted successfully.
HKCR\CLSID\{D0C21091-FF8E-432C-9006-0540E81BA9D7} (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{5530C971-3D8F-471B-AC49-4CC23FA955E2} (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
HKCR\Interface\{7FBC7ADD-4D75-4685-9BD4-30D3FBDD3AB4} (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0C21091-FF8E-432C-9006-0540E81BA9D7} (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{D0C21091-FF8E-432C-9006-0540E81BA9D7} (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D0C21091-FF8E-432C-9006-0540E81BA9D7} (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{45470599-8237-486D-87B5-E89CD6AED154} (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{45470599-8237-486D-87B5-E89CD6AED154} (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Severe Weather Alerts (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Digital Sites (PUP.Optional.Updater) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWordTool (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\MyWordTool (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
HKCU\Software\BrowseSmart (PUP.Optional.BrowseSmart.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\MyWordTool (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\WinkHandler (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
HKLM\Software\BrowseSmart (PUP.Optional.BrowseSmart.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{856AD396-519D-4C7A-BED6-6785F64924BC} (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73cce2a7-dd1b-4a56-b7dc-02313837ecb5} (PUP.Optional.ReMarkIt.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{73cce2a7-dd1b-4a56-b7dc-02313837ecb5} (PUP.Optional.ReMarkIt.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{97d2a67e-5f58-4301-bbb4-7f40fca2503d} (PUP.Optional.ReMarkIt.A) -> Quarantined and deleted successfully.
HKCR\Interface\{6ca02717-0203-4daf-8466-47f1158c37f0} (PUP.Optional.ReMarkIt.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{73CCE2A7-DD1B-4A56-B7DC-02313837ECB5} (PUP.Optional.ReMarkIt.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{73CCE2A7-DD1B-4A56-B7DC-02313837ECB5} (PUP.Optional.ReMarkIt.A) -> Quarantined and deleted successfully.
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 60
C:\Users\ldbachman\AppData\Roaming\DigitalSites\UpdateProc (PUP.Optional.Updater) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GreatArcadeHits (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts (PUP.Optional.SevereWeatherAlerts) -> Delete on reboot.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973 (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1226162919 (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Severe Weather Alerts (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Roaming\MyWordTool (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\Weather_Notifications,_LL (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\Weather_Notifications,_LL\SevereWeatherAlerts.exe_Url_vk15g1jbtwhggrdmwr5310loufv2h5tz (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\Weather_Notifications,_LL\SevereWeatherAlerts.exe_Url_vk15g1jbtwhggrdmwr5310loufv2h5tz\1.21.0.0 (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\GreatArcadeHits (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\defaults (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\defaults\preferences (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\locale (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\data (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\addon (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\console (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\content (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\core (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\deprecated (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\deprecated\events (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\deprecated\traits (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\dom (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\event (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\io (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\l10n (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\lang (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\loader (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\net (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\page-mod (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\platform (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\preferences (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\private-browsing (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\private-browsing\window (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\system (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\tabs (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\util (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\window (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\windows (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\toolkit (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\mywordtool (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\mywordtool\lib (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\mywordtool\tests (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\Temp\DM\bin (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\Temp\DM\bin\css (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\Temp\DM\bin\css\images (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\Temp\DM\bin\Dealscompare (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\Temp\DM\bin\exe (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\Temp\DM\bin\GreatArcade (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\Temp\DM\bin\Re-Markit (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\Temp\mt_ffx\IminentToolbar (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\Temp\mt_ffx\IminentToolbar\iminent (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\Temp\mt_ffx\IminentToolbar\iminent\1.8.28.3 (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.
Files Detected: 217
C:\Users\ldbachman\AppData\Local\GreatArcadeHits\GreatArcadeHitsIE.dll (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\Temp\is357113909\319277142_stp\BrowseSmartSetup.exe (PUP.Optional.BrowseSmart.A) -> Quarantined and deleted successfully.
C:\Users\ldbachman\Downloads\FreeZipSetup-4jk3RFj.exe (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\ldbachman\Downloads\Free_Download_Manager_Setup.exe (PUP.Optional.iBryte) -> Quarantined and deleted successfully.
C:\Users\ldbachman\Downloads\Player_Setup (1).exe (PUP.Optional.Domalq) -> Quarantined and deleted successfully.
C:\Users\ldbachman\Downloads\Player_Setup.exe (PUP.Optional.Domalq) -> Quarantined and deleted successfully.
C:\Users\ldbachman\Downloads\Setup_V2(1).exe (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Users\ldbachman\Downloads\Setup_V2(2).exe (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Users\ldbachman\Downloads\Setup_V2(3).exe (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Users\ldbachman\Downloads\Setup_V2.exe (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Users\ldbachman\Downloads\WeatherSetup.exe (PUP.Optional.Inbox) -> Quarantined and deleted successfully.
C:\Users\ldbachman\Downloads\winrar.exe (PUP.Optional.DomalQ) -> Quarantined and deleted successfully.
C:\Users\ldbachman\Downloads\ZipOpenerSetup.exe (PUP.Optional.JumpyApps) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\uninstall.exe (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\Local Settings\Temporary Internet Files\Content.IE5\7XSWYZRB\MinibarChrome[1].exe (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
C:\Users\ldbachman\Local Settings\Temporary Internet Files\Content.IE5\N9Z6L8YL\IminentMinibarIE[1].exe (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
C:\Users\ldbachman\Local Settings\Temporary Internet Files\Content.IE5\N9Z6L8YL\MinibarFirefox[1].exe (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully.
C:\Users\ldbachman\Local Settings\Temporary Internet Files\Content.IE5\UKZEKVJL\metro[1].exe (PUP.Optional.Iminent) -> Quarantined and deleted successfully.
C:\Windows\Installer\1fba83f.msi (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Windows\Installer\MSIE399.tmp-\Smartbar.Installer.CustomActions.dll (PUP.Optional.SmartBar) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe (PUP.Optional.Updater) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Roaming\DigitalSites\UpdateProc\config.dat (PUP.Optional.Updater) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Roaming\DigitalSites\UpdateProc\prod.dat (PUP.Optional.Updater) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Roaming\DigitalSites\UpdateProc\STTL.DAT (PUP.Optional.Updater) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Roaming\DigitalSites\UpdateProc\TTL.DAT (PUP.Optional.Updater) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GreatArcadeHits\Play Games online on GreatArcadeHits.com.url (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GreatArcadeHits\Uninstall GreatArcadeHits.lnk (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Windows\Tasks\GreatArcadeHits.job (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\SevereWeatherAlerts.exe.config (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\ICSharpCode.SharpZipLib.dll (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\mod.SevereWeatherAlertsApp0.dat (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\SevereWeatherAlerts.exe (PUP.Optional.SevereWeatherAlerts) -> Delete on reboot.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe (PUP.Optional.SevereWeatherAlerts) -> Delete on reboot.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp0.dat (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsAppAPI.dll (PUP.Optional.SevereWeatherAlerts) -> Delete on reboot.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsBrowser.exe (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsK.dat (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsU.dat (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\SWAUpdater.exe (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.0.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.1.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.10.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.11.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.12.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.13.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.14.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.15.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.16.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.17.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.18.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.19.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.2.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.20.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.21.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.22.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.23.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.24.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.25.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.26.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.27.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.28.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.29.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.3.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.30.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.31.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.32.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.33.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.34.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.35.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.36.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.37.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.38.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.39.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.4.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.40.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.41.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.42.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.43.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.44.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.45.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.46.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.47.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.48.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.49.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.5.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.50.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.51.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.52.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.53.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.54.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.55.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.56.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.57.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.58.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.59.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.6.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.60.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.61.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.7.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.8.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1220203849.973\3612.9.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1226162919\3618.3618.tmp (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\SevereWeatherAlerts\1226162919\mergetree (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Severe Weather Alerts\Severe Weather Alerts.lnk (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Severe Weather Alerts App.lnk (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Severe Weather Alerts.lnk (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Roaming\MyWordTool\.build (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Roaming\MyWordTool\.user (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Roaming\MyWordTool\temp.dat (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Roaming\MyWordTool\uninst.exe (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\Weather_Notifications,_LL\SevereWeatherAlerts.exe_Url_vk15g1jbtwhggrdmwr5310loufv2h5tz\1.21.0.0\user.config (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\GreatArcadeHits\application.ico (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\GreatArcadeHits\cookies.js (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\GreatArcadeHits\gahff.xpi (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\GreatArcadeHits\GAHUninstaller.exe (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\GreatArcadeHits\GAHUpdate.exe (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\GreatArcadeHits\Play Games online on GreatArcadeHits.com.url (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\GreatArcadeHits\PopupBroker.exe (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\GreatArcadeHits\premium.pem (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Local\GreatArcadeHits\static.js (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\bootstrap.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\harness-options.json (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\install.rdf (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\locales.json (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\defaults\preferences\prefs.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\base64.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\page-mod.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\private-browsing.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\self.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\system.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\tabs.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\timers.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\url.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\windows.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\addon\runner.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\console\plain-text.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\console\traceback.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\content\content-proxy.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\content\content-worker.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\content\loader.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\content\thumbnail.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\content\worker.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\core\heritage.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\core\namespace.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\core\promise.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\deprecated\api-utils.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\deprecated\cortex.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\deprecated\errors.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\deprecated\events.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\deprecated\light-traits.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\deprecated\list.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\deprecated\memory.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\deprecated\observer-service.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\deprecated\traits.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\deprecated\window-utils.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\deprecated\events\assembler.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\deprecated\traits\core.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\dom\events.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\event\core.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\event\target.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\io\byte-streams.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\io\data.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\io\file.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\io\text-streams.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\l10n\core.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\l10n\html.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\l10n\loader.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\l10n\locale.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\l10n\prefs.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\lang\functional.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\loader\cuddlefish.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\loader\sandbox.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\net\url.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\page-mod\match-pattern.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\platform\xpcom.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\preferences\service.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\private-browsing\utils.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\private-browsing\window\utils.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\system\environment.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\system\events.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\system\globals.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\system\runtime.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\system\unload.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\system\xul-app.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\tabs\common.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\tabs\events.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\tabs\helpers.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\tabs\namespace.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\tabs\observer.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\tabs\tab-fennec.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\tabs\tab-firefox.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\tabs\tab.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\tabs\tabs-firefox.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\tabs\tabs.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\tabs\utils.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\tabs\worker.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\util\array.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\util\deprecate.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\util\list.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\util\object.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\util\registry.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\util\uuid.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\window\browser.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\window\namespace.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\window\utils.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\windows\dom.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\windows\fennec.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\windows\firefox.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\windows\loader.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\windows\observer.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\windows\tabs-fennec.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\sdk\windows\tabs-firefox.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\addon-sdk\lib\toolkit\loader.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\emily@wilford.biz\resources\mywordtool\lib\main.js (PUP.Optional.MyWordTool.A) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.
C:\Users\ldbachman\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.
(end)
Good Morning,
So far these tools have removed a bunch of junk, you most likely got them by not reading what your downloading and installing as most of this garbage comes bundled with other garbage. Whenever you download a program to install, you need to read read read read what your installing and don't just click NEXT at the prompts. Some programs will prompt you to install things like this so you need to read first about what your getting. A lot of this garbage is responsible for altering your browser, redirects and adds.
Before we move on there was so much removed I want to make sure we got it all or the better part of it, so what I would like you to to is run AdwCleaner again with the clean function, it it finds anything post the log, if not please just let me know it was clean, do the samething for Junkware Removal. Then open Malwarebytes.....check for updates....and run a new scan and post the log.
snowboarder
2013-12-31, 02:25
Sorry, I'm latent in posting -- was traveling over the holidays and not able to get to my laptop for a few days. My question is, you asked me to run adware cleaner, and due to my absence from the computer, I'll already forgotten which utility that was. Is that the MalWare utility?
snowboarder
2013-12-31, 02:32
Sorry, I'm latent in posting -- was traveling over the holidays and not able to get to my laptop for a few days. My question is, you asked me to run adware cleaner, and due to my absence from the computer, I'll already forgotten which utility that was. Is that the MalWare utility?
Disregard above post -- I'm on it. Running ADWCleaner on Scan. Be back when it's done
:bigthumb:
Had to work today, been a loooooong day , I will be back on line early in the morning
Due to inactivity, this thread will now be closed.
If it has been three days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a new DDS log with a link to your previous thread. Please do not add any logs that might have been requested in the closed topic, you would be starting fresh.