Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Computer overrun with pop ups, toolbars [Solved]


  • This topic is locked This topic is locked

#1
kepayne228

kepayne228

    Member

  • Member
  • PipPip
  • 79 posts

Hello, I am helping out my stepmother with her laptop once again. Her computer was overrun with popups for computer diagnostics. She was unable to even connect a browser to the internet.  I went to the control panel and manually removed items such as Real Solutions, Chocolate Bar, Blue Mechanic, Fast Driver.

 

Everything appears to be gone but I know this is usually not the case so I am hoping someone can give these logs a once over to make sure the computer is clear.

 

I am not sure how she acquired them but I am sure she clicks on things on the internet she should not.

 

I would also like some tips and programs to install to keep her system clean and less vulnerable.

 

Thank you.

 

See logs below:

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-05-2015 01
Ran by Tonis (administrator) on TONIS-PC on 07-05-2015 14:32:56
Running from C:\Users\Tonis\Downloads
Loaded Profiles: Tonis (Available profiles: Tonis)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\stacsv64.exe
(Hewlett-Packard) C:\Windows\System32\hpservice.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1814312 2009-08-14] (Synaptics Incorporated)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610872 2009-08-25] ()
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-06-15] (IDT, Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [SunJavaUpdateSched] => "C:\Program Files\Java\jre1.8.0_31\bin\jusched.exe"
HKLM-x32\...\Run: [HPCam_Menu] => c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [323640 2010-02-25] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [600936 2009-06-29] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [500792 2010-03-23] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2912795306-1733492519-829098707-1000\...\Run: [GoogleChromeAutoLaunch_D30B0C0B46E32DAAAF8F6F8216DB5A4D] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [812872 2015-04-27] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-01-09]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2010-02-20]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2912795306-1733492519-829098707-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.genieo...08,19841,UN,0,6
URLSearchHook: HKU\S-1-5-21-2912795306-1733492519-829098707-1000 - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No File
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://vosteran.com/...=1182803608&ir=
SearchScopes: HKLM -> {7B414D43-4D41-4E63-BEE6-0004AEC01DEE} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKLM-x32 -> {7B414D43-4D41-4E63-BEE6-0004AEC01DEE} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://www.ask.com/w...q={SEARCHTERMS}
SearchScopes: HKU\S-1-5-19 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://www.ask.com/w...q={SEARCHTERMS}
SearchScopes: HKU\S-1-5-20 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://www.ask.com/w...q={SEARCHTERMS}
SearchScopes: HKU\S-1-5-21-2912795306-1733492519-829098707-1000 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://vosteran.com/...=1182803608&ir=
SearchScopes: HKU\S-1-5-21-2912795306-1733492519-829098707-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://vosteran.com/...=1182803608&ir=
SearchScopes: HKU\S-1-5-21-2912795306-1733492519-829098707-1000 -> {7B414D43-4D41-4E63-BEE6-0004AEC01DEE} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2912795306-1733492519-829098707-1000 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-2912795306-1733492519-829098707-1000 -> {986E686F-22FB-4833-9656-50F52D7FF244} URL = http://search.genieo...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2912795306-1733492519-829098707-1000 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = https://search.yahoo...08,20028,0,31,0
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO-x32: Microsoft Live Search Toolbar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll [2009-07-16] (Microsoft Corp.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll No File
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll [2009-07-16] (Microsoft Corp.)
DPF: HKLM-x32 {1851174C-97BD-4217-A0CC-E908F60D5B7A} http://h20364.www2.h...DataManager.CAB
DPF: HKLM-x32 {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Tonis\AppData\Roaming\Mozilla\Firefox\Profiles\b9gxxi44.default
FF NewTab:
FF DefaultSearchEngine: Yahoo! Search
FF SearchEngineOrder.1: Yahoo
FF SearchEngineOrder.2:
FF SelectedSearchEngine: Yahoo! Search
FF Homepage: hxxp://q.search-simple.com/?affID=na
FF Keyword.URL:
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2009-07-21] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2912795306-1733492519-829098707-1000: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.7.1\npHDPlg.dll [2009-07-20] (Hulu LLC)
FF Plugin HKU\S-1-5-21-2912795306-1733492519-829098707-1000: @yahoo.com/BrowserPlus,version=2.9.8 -> C:\Users\Tonis\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll [2010-08-04] (Yahoo! Inc.)
FF user.js: detected! => C:\Users\Tonis\AppData\Roaming\Mozilla\Firefox\Profiles\b9gxxi44.default\user.js [2015-02-16]
FF SearchPlugin: C:\Users\Tonis\AppData\Roaming\Mozilla\Firefox\Profiles\b9gxxi44.default\searchplugins\dsrlte1.xml [2015-03-27]
FF SearchPlugin: C:\Users\Tonis\AppData\Roaming\Mozilla\Firefox\Profiles\b9gxxi44.default\searchplugins\my-homepage.xml [2015-05-07]
FF SearchPlugin: C:\Users\Tonis\AppData\Roaming\Mozilla\Firefox\Profiles\b9gxxi44.default\searchplugins\search-simple.xml [2015-03-27]
FF SearchPlugin: C:\Users\Tonis\AppData\Roaming\Mozilla\Firefox\Profiles\b9gxxi44.default\searchplugins\Vosteran.xml [2015-01-17]
FF Extension: Yahoo! Toolbar - C:\Users\Tonis\AppData\Roaming\Mozilla\Firefox\Profiles\b9gxxi44.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2015-02-16]
FF Extension: Solution Real 1.0.1 - C:\Users\Tonis\AppData\Roaming\Mozilla\Firefox\Profiles\b9gxxi44.default\Extensions\{6e9af5d3-a8f9-4461-ad38-1433888f55dc}.xpi [2015-01-17]
FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-03-31]
FF HKU\S-1-5-21-2912795306-1733492519-829098707-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR HomePage: Default -> hxxp://vosteran.com/?f=1&a=vst_coinis_15_03_ff&cd=2XzuyEtN2Y1L1Qzu0CyEtCyB0F0EtCzz0AzyyB0E0E0CtBtDtN0D0Tzu0StCtCtCtBtN1L2XzutAtFyBtFtBtFtCtN1L1CzutCyEtBzytDyD1V1BtAtN1L1G1B1V1N2Y1L1Qzu2StC0Czz0Dzz0FyC0DtG0EzzyEyBtGyCtD0EyBtG0AyCzztDtGtCyCyB0F0C0E0AtA0DtDyE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtA0E0D0Bzz0CyCtGtBtD0FtBtGyEtD0AtAtG0BzzyEyEtGtA0EyEtDzy0BtBtAyCtB0E0D2Q&cr=1182803608&ir=
CHR RestoreOnStartup: Default -> "hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=840_pr__alt__ddc_dsssyc_bd_com"
CHR StartupUrls: Default -> "hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=840_pr__alt__ddc_dsssyc_bd_com"
CHR DefaultSearchKeyword: Default -> yahoo.com
CHR DefaultNewTabURL: Default -> http://search.yahoo....sssyctab_bd_com
CHR DefaultSuggestURL: Default ->
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File
CHR Plugin: (Java™ Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (BrowserPlus (from Yahoo!) v2.9.8) - C:\Users\Tonis\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
CHR Plugin: (Hulu Desktop) - C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.7.1\npHDPlg.dll (Hulu LLC)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Java Deployment Toolkit 7.0.50.255) - C:\Windows\SysWOW64\npdeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll No File
CHR Profile: C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Yahoo! Search) - C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\eefhnbpnnaaokmclnihgajdnlgljajjg [2015-05-07]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-07]
CHR Extension: (Solution Real) - C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nongkkjjhbjloiienhkhphhjjlnlnbfe [2015-02-04]
CHR HKLM\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - https://clients2.goo...ice/update2/crx
CHR HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cbjibcbpmbcabnfnohhgjjmkgkimajko] - C:\Users\Tonis\AppData\Local\CRE\cbjibcbpmbcabnfnohhgjjmkgkimajko.crx [Not Found]
CHR HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kldbiondcoemmofebkcgcnbigliglcnl] - C:\Users\Tonis\AppData\Local\CRE\kldbiondcoemmofebkcgcnbigliglcnl.crx [Not Found]
CHR HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - C:\Users\Tonis\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx [Not Found]
CHR HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [aifbkdoebpbcaddcjobobbanaokiepnb] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cbjibcbpmbcabnfnohhgjjmkgkimajko] - C:\Users\Tonis\AppData\Local\CRE\cbjibcbpmbcabnfnohhgjjmkgkimajko.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [eefhnbpnnaaokmclnihgajdnlgljajjg] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ggebenakhmhfdkmkemdmllecchcldgec] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hphehadppenpmajgnkjdcopcfijjegaf] - C:\Program Files (x86)\Jump Flip\hphehadppenpmajgnkjdcopcfijjegaf.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [kldbiondcoemmofebkcgcnbigliglcnl] - C:\Users\Tonis\AppData\Local\CRE\kldbiondcoemmofebkcgcnbigliglcnl.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - C:\Users\Tonis\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - https://clients2.goo...ice/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe [89600 2010-06-15] (Andrea Electronics Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-23] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-06-16] (Hewlett-Packard Company) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-06] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\STacSV64.exe [247808 2010-06-15] (IDT, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S2 Update Solution Real; "C:\Program Files (x86)\Solution Real\updateSolutionReal.exe" [X]
S2 Util Jump Flip; "C:\Program Files (x86)\Jump Flip\bin\utilJumpFlip.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-02] (Realtek Semiconductor Corp.)
R1 {31c21995-b861-4864-ab50-4a53fbca73d4}Gw64; C:\Windows\System32\drivers\{31c21995-b861-4864-ab50-4a53fbca73d4}Gw64.sys [48784 2015-02-04] (StdLib)
R1 {6e9af5d3-a8f9-4461-ad38-1433888f55dc}Gw64; C:\Windows\System32\drivers\{6e9af5d3-a8f9-4461-ad38-1433888f55dc}Gw64.sys [48792 2015-01-17] (StdLib)
U4 eabfiltr; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-07 14:32 - 2015-05-07 14:33 - 00026587 _____ () C:\Users\Tonis\Downloads\FRST.txt
2015-05-07 14:32 - 2015-05-07 14:32 - 00001439 _____ () C:\Users\Tonis\Desktop\FRST64 - Shortcut.lnk
2015-05-07 14:31 - 2015-05-07 14:33 - 00000000 ____D () C:\FRST
2015-05-07 14:31 - 2015-05-07 14:31 - 02102272 _____ (Farbar) C:\Users\Tonis\Downloads\FRST64.exe
2015-05-07 14:27 - 2015-05-07 14:27 - 00875160 _____ () C:\Users\Tonis\Downloads\installer_adobe_flash_player_English.exe
2015-05-07 14:27 - 2015-05-07 14:27 - 00875160 _____ () C:\Users\Tonis\Downloads\installer_adobe_flash_player_English(1).exe
2015-05-07 13:49 - 2015-05-07 14:16 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForTonis.job
2015-05-07 13:49 - 2015-05-07 14:08 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForTonis

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-07 14:27 - 2010-01-09 02:28 - 01804274 _____ () C:\Windows\WindowsUpdate.log
2015-05-07 14:26 - 2014-11-11 20:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-07 14:26 - 2014-01-17 17:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-07 14:24 - 2015-02-16 22:41 - 00000272 _____ () C:\Windows\Tasks\PC-Mechanic Startup.job
2015-05-07 14:24 - 2012-11-13 15:27 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-07 14:24 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-07 14:24 - 2009-07-13 21:51 - 00083943 _____ () C:\Windows\setupact.log
2015-05-07 14:23 - 2009-07-13 21:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-07 14:23 - 2009-07-13 21:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-07 14:22 - 2009-11-27 17:22 - 00000000 ____D () C:\Program Files\Java
2015-05-07 14:16 - 2010-01-09 02:33 - 00861490 _____ () C:\Windows\PFRO.log
2015-05-07 14:12 - 2010-05-28 17:46 - 00000000 ____D () C:\ProgramData\Yahoo!
2015-05-07 14:11 - 2015-02-16 22:52 - 00000000 ____D () C:\ProgramData\Fighters
2015-05-07 14:08 - 2012-06-22 18:18 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-07 14:08 - 2009-07-13 22:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-07 14:07 - 2015-01-17 23:34 - 00000000 ____D () C:\ProgramData\Unchecky
2015-05-07 14:06 - 2009-07-13 19:34 - 00000603 _____ () C:\Windows\win.ini
2015-05-07 14:01 - 2015-02-04 20:53 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2015-05-07 14:01 - 2015-01-17 23:32 - 00000000 ____D () C:\Program Files (x86)\Solution Real
2015-05-07 13:45 - 2015-01-17 23:34 - 00000000 ____D () C:\Users\Tonis\AppData\Local\Vosteran
2015-05-07 13:41 - 2015-02-16 22:41 - 00000278 _____ () C:\Windows\Tasks\PC-Mechanic Maintenance.job
2015-05-07 13:37 - 2009-07-13 21:45 - 00349928 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-07 13:35 - 2009-11-27 15:37 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-07 13:35 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\tracing
2015-05-07 13:35 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-05-07 13:35 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-05-07 13:34 - 2012-11-13 15:27 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-07 13:27 - 2012-11-13 15:27 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-06 23:20 - 2013-09-13 20:40 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-06 23:10 - 2012-06-22 18:18 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-06 23:10 - 2012-06-22 18:18 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-06 23:10 - 2011-07-18 22:21 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-06 23:10 - 2010-03-03 22:15 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-06 23:00 - 2010-02-26 21:35 - 00000000 ____D () C:\Users\Tonis\AppData\Roaming\HpUpdate
2015-05-06 22:56 - 2011-11-24 02:42 - 00000000 ____D () C:\Users\Tonis\AppData\Local\CrashDumps

==================== Files in the root of some directories =======

2013-12-27 21:56 - 2014-01-05 22:52 - 0000000 _____ () C:\Users\Tonis\AppData\Roaming\Dialogs
2014-01-17 16:24 - 2015-02-22 22:27 - 0000241 _____ () C:\Users\Tonis\AppData\Roaming\WB.CFG
2014-01-17 16:24 - 2014-01-17 16:24 - 0000005 _____ () C:\Users\Tonis\AppData\Roaming\WBPU-TTL.DAT
2010-02-19 20:06 - 2010-02-19 20:06 - 0000000 _____ () C:\Users\Tonis\AppData\Local\AtStart.txt
2015-02-16 22:39 - 2015-02-16 22:39 - 0000064 _____ () C:\Users\Tonis\AppData\Local\cdb6eb10cee5a0c2c0afa2be7a326da5
2015-02-04 20:28 - 2015-02-04 20:28 - 0234679 _____ () C:\Users\Tonis\AppData\Local\dsi1.dat
2015-02-04 20:28 - 2015-02-04 20:28 - 0161916 _____ () C:\Users\Tonis\AppData\Local\dsi2.dat
2010-02-19 20:06 - 2010-02-19 20:06 - 0000000 _____ () C:\Users\Tonis\AppData\Local\DSwitch.txt
2010-02-19 20:06 - 2010-02-19 20:06 - 0000000 _____ () C:\Users\Tonis\AppData\Local\QSwitch.txt
2011-05-18 21:10 - 2011-05-21 13:19 - 0001940 _____ () C:\Users\Tonis\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
2014-01-05 22:52 - 2014-01-05 22:52 - 0000000 _____ () C:\ProgramData\Conditionals
2014-01-05 22:52 - 2014-01-05 22:52 - 0000000 _____ () C:\ProgramData\Devices
2010-02-19 20:06 - 2015-05-07 14:25 - 0000187 _____ () C:\ProgramData\HPWALog.txt
2010-02-19 18:59 - 2010-04-05 11:24 - 0014268 _____ () C:\ProgramData\hpzinstall.log
2013-12-27 21:57 - 2014-01-05 22:52 - 0000000 ____H () C:\ProgramData\PKP_DLes.DAT
2013-12-27 21:56 - 2014-01-05 22:52 - 0000000 ____H () C:\ProgramData\PKP_DLet.DAT
2013-12-27 21:56 - 2014-01-05 22:52 - 0000000 ____H () C:\ProgramData\PKP_DLev.DAT
2010-01-09 02:49 - 2010-01-09 02:49 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2009-11-27 16:38 - 2009-11-27 16:39 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2010-01-09 02:48 - 2010-01-09 02:48 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2009-11-27 16:34 - 2009-11-27 16:34 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-01-09 02:48 - 2010-01-09 02:48 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2010-01-09 02:48 - 2010-01-09 02:48 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2009-11-27 16:33 - 2009-11-27 16:34 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2009-11-27 16:35 - 2009-11-27 16:38 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2010-01-09 02:49 - 2010-01-09 02:49 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log

Some content of TEMP:
====================
C:\Users\Tonis\AppData\Local\Temp\CloudBackup2419.exe
C:\Users\Tonis\AppData\Local\Temp\dsrsetup.exe
C:\Users\Tonis\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Tonis\AppData\Local\Temp\install_temp.exe
C:\Users\Tonis\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Tonis\AppData\Local\Temp\res.dll
C:\Users\Tonis\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\Tonis\AppData\Local\Temp\SymCCIS.dll
C:\Users\Tonis\AppData\Local\Temp\tfhvxicz.dll
C:\Users\Tonis\AppData\Local\Temp\updater_uninstall.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-15 00:32

==================== End Of Log ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-05-2015 01
Ran by Tonis at 2015-05-07 14:34:00
Running from C:\Users\Tonis\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2912795306-1733492519-829098707-500 - Administrator - Disabled)
Guest (S-1-5-21-2912795306-1733492519-829098707-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2912795306-1733492519-829098707-1002 - Limited - Enabled)
Tonis (S-1-5-21-2912795306-1733492519-829098707-1000 - Administrator - Enabled) => C:\Users\Tonis

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
6500_E709_eDocs (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
6500_E709_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
6500_E709n (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32\...\{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}) (Version: 11.5.1.601 - Adobe Systems, Inc.)
Bejeweled 2 Deluxe (remove only) (HKLM-x32\...\Bejeweled 2 Deluxe) (Version:  - )
bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.350.6 - Broadcom Corporation)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2216 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DocMgr (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 3.1.3224 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 3.1.3224 - Hewlett-Packard) Hidden
ENE CIR Receiver Driver (HKLM\...\FFE7D41DF3C645075BB149E21988B63996C34187) (Version: 2.7.4.0 - ENE)
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{85A42FF0-F0D0-44A3-B226-C124D6E8B1D5}) (Version: 4.0.3.1 - Hewlett-Packard)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.12850.3526 - Hewlett-Packard)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Integrated Module with Bluetooth wireless technology (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.500 - Broadcom Corporation)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.1.3509 - Hewlett-Packard)
HP MediaSmart Internet TV (HKLM-x32\...\InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}) (Version: 3.1.2125 - Hewlett-Packard)
HP MediaSmart Live TV (HKLM-x32\...\InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}) (Version: 3.1.2206 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.1.3405 - Hewlett-Packard)
HP MediaSmart SlingPlayer (HKLM-x32\...\{1747DF05-6890-440B-B094-2146F5DC50E0}) (Version: 3.0.1.64 - Sling Media, Inc.)
HP MediaSmart SmartMenu (HKLM\...\{88E60521-1E4E-4785-B9F1-1798A4BD0C30}) (Version: 3.1.0.1 - Hewlett-Packard)
HP MediaSmart Software Notebook Demo (HKLM-x32\...\{82A213BD-B6AA-4281-A2D3-59D51893CC56}) (Version: 1.00.0000 - Hewlett-Packard)
HP MediaSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.2207 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{35021DFB-F9CA-402A-89A2-47F91E506465}) (Version: 1.0.2.0 - Hewlett-Packard)
HP Officejet 6500 E709 Series (HKLM\...\{2E1B4B42-069F-4F53-9966-9B9B938D7FE5}) (Version: 13.0 - HP)
HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.16.1 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HP User Guides 0154 (HKLM-x32\...\{B51605BF-6326-4553-AE96-6D7F1813D5F5}) (Version: 1.01.0001 - Hewlett-Packard)
HP Wireless Assistant (HKLM-x32\...\{4E432692-A736-4F77-AF77-F9078CF88D31}) (Version: 3.50.11.2 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hulu Desktop (HKU\S-1-5-21-2912795306-1733492519-829098707-1000\...\HuluDesktop) (Version: 0.9.7 - Hulu LLC)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6276.0 - IDT)
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.1968 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Java™ SE Development Kit 6 Update 15 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160150}) (Version: 1.6.0.150 - Sun Microsystems, Inc.)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2215 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2215 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{07E49BC1-24FF-4D7A-AC74-727BE95801AF}) (Version: 1.18.16.1 - LightScribe)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Live Search Toolbar (HKLM-x32\...\{DF802C05-4660-418c-970C-B988ADB1D316}) (Version: 3.0.566.0 - Microsoft Live Search Toolbar)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word 2007 Step by Step (HKLM-x32\...\{188D1647-5BC3-49F2-8774-9CB7406952E7}) (Version: 2.00.10 - Microsoft Press)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.1.3310 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 3.1.3310 - Hewlett-Packard) Hidden
Mozilla Firefox 33.1.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.1.1 (x86 en-US)) (Version: 33.1.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (Version: 130.0.579.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.20.0 - Symantec)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.4.2 - Nikon)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3415 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3415 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3420 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3420 - CyberLink Corp.) Hidden
ProductContext (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
QLBCASL (x32 Version: 6.40.17.2 - Hewlett-Packard) Hidden
Real Estate Exam 2006 -- Version 6.0 (HKLM-x32\...\Real Estate Exam 2006_is1) (Version:  - )
Realtek Ethernet Controller  Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0008 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30104 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2214 - CyberLink Corp.) Hidden
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.0.3 - Synaptics Incorporated)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Driver Package - Broadcom Bluetooth  (06/15/2009 6.2.0.9000) (HKLM\...\6B8550A319DDC8B17F35F4A89988705E4592349B) (Version: 06/15/2009 6.2.0.9000 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Yahoo! BrowserPlus 2.9.8 (HKU\S-1-5-21-2912795306-1733492519-829098707-1000\...\Yahoo! BrowserPlus) (Version:  - Yahoo! Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2912795306-1733492519-829098707-1000_Classes\CLSID\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}\InprocServer32 -> C:\PROGRA~2\APPGRA~1\APPGRA~2.DLL No File
CustomCLSID: HKU\S-1-5-21-2912795306-1733492519-829098707-1000_Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}\InprocServer32 -> C:\PROGRA~2\APPGRA~1\APPGRA~2.DLL No File

==================== Restore Points  =========================

15-01-2015 21:38:10 Windows Backup
25-01-2015 13:13:14 Windows Update
25-01-2015 13:19:19 Windows Backup
08-02-2015 23:33:41 Windows Update
08-02-2015 23:41:50 Windows Backup
16-02-2015 21:41:27 Windows Backup
16-02-2015 21:52:45 Windows Update
16-02-2015 22:38:44 Uniblue PC Mechanic installation
22-02-2015 22:46:38 Windows Update
02-03-2015 19:56:23 Windows Update
02-03-2015 20:01:29 Windows Backup
27-03-2015 22:49:17 Windows Update
06-05-2015 22:58:00 Windows Update
06-05-2015 23:03:19 Windows Backup
07-05-2015 14:12:53 Removed ChocolateBar by We-Care.com v1.0.1.0
07-05-2015 14:13:53 Removed Java 8 Update 31
07-05-2015 14:20:11 Removed Java 8 Update 31 (64-bit)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2015-05-07 14:22 - 00000100 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1       localhost
?

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {04C86D5C-49C8-45A6-87D7-2CC1EDF4A4F7} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {14002FE8-363F-4FCF-9CD1-4E182A179019} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSFUpdaterRedux => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {1863A247-83F2-483D-A83C-0820EFB89FB2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {1B786BA8-CA51-42FC-8941-CABC38FAACBF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {259E74B4-D25A-47C8-BD6A-A2F3181E7733} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-10-06] (CyberLink)
Task: {28B48B4C-1B04-4C5F-8145-1CE5FC5B2DFD} - \Scheduled Update for Ask Toolbar No Task File <==== ATTENTION
Task: {2B86C4B8-CDEF-4DF9-AECA-B5297CBE9CB2} - \RegClean Pro_UPDATES No Task File <==== ATTENTION
Task: {34E481E9-1F99-443D-B446-A13EEE8B5129} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-03-10] (Hewlett-Packard)
Task: {3AADF65B-B758-4E2F-86B3-5869E40BF3DA} - System32\Tasks\4706 => Wscript.exe C:\Users\Tonis\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {431E2D52-E94E-407F-B681-2473E9A37FFC} - System32\Tasks\TVAgent => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe [2009-10-06] (CyberLink Corp.)
Task: {4AEB9BB1-5C33-44FB-92B2-0AE63A199EEC} - System32\Tasks\CapSchedInst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSchedInst.exe [2009-10-06] (CL)
Task: {548F1B22-E53A-48B2-9AA2-D895D557E72E} - \BackgroundContainer Startup Task No Task File <==== ATTENTION
Task: {57B656DC-3884-4DF8-840C-D6C981B396F2} - \Advanced System Protector No Task File <==== ATTENTION
Task: {5AF07511-02F3-4C8B-89AB-DAD57B935400} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-13] (Google Inc.)
Task: {67820E6E-CD04-4675-9E08-DF098565EB31} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-06] (Adobe Systems Incorporated)
Task: {769CF88F-EA43-4C8A-88A3-F74F26C4D882} - \RegClean Pro_DEFAULT No Task File <==== ATTENTION
Task: {856FE23F-EE28-4E11-AAA1-0C1029D54186} - \RegClean Pro No Task File <==== ATTENTION
Task: {930EA4F5-F33B-46FA-87AA-5629B78C8174} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-13] (Google Inc.)
Task: {A2D16998-0B0E-41A4-8F94-C4FADAD86AF0} - System32\Tasks\{6BDF8B11-C75E-43DC-8306-B1FB2635E21E} => pcalua.exe -a "C:\Users\Tonis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TF5UNW4N\yahoo_bejeweled2_tm6-2[1].exe" -d C:\Users\Tonis\Desktop
Task: {A2D16998-0B0E-41A4-8F94-C4FADAD86AF0} - System32\Tasks\{6BDF8B11-C75E-43DC-8306-B1FB2635E21E} => pcalua.exe -a "C:\Users\Tonis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TF5UNW4N\yahoo_bejeweled2_tm6-2[1].exe" -d C:\Users\Tonis\Desktop
Task: {AA879DED-2BA7-4516-B3E6-9F38AB308C46} - System32\Tasks\PC-Mechanic Startup => C:\Program Files (x86)\Uniblue\PC-Mechanic\pc-mechanic.exe
Task: {B3EFAC6E-B9F4-4FDF-8CA3-7510928340C0} - \Advanced System Protector_startup No Task File <==== ATTENTION
Task: {B9104D1C-F3FB-40DE-91DE-066D2755CC50} - System32\Tasks\CapUninst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapUninst.exe [2009-10-06] (CL)
Task: {CCAA55F6-0FD6-4F7C-B8E5-F108636DF7CF} - System32\Tasks\isharpsoft Task => C:\Users\Tonis\AppData\Roaming\UpdateServ\IRegCleaner.exe
Task: {CF195B6A-B0DB-4778-BD32-AA2019370D17} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
Task: {DD8C4E1F-B876-4328-A6EA-4D1CB5803AD2} - System32\Tasks\HPCeeScheduleForTonis => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {E26F4E2B-1159-46FF-A098-B4BC6F88DDF3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {E4490934-409D-44DE-A832-4D7E4C050292} - \MySearchDial No Task File <==== ATTENTION
Task: {E44EE73B-395E-440F-803E-A956CE27D5F4} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {E86D91C1-3B32-41E7-992B-42A995ACBE35} - System32\Tasks\PC-Mechanic Maintenance => C:\Program Files (x86)\Uniblue\PC-Mechanic\pc-mechanic.exe
Task: {EF2C49CA-4C50-4480-B825-49A509611996} - System32\Tasks\CapSvcInst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSvcInst.exe [2009-10-06] (CL)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForTonis.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\PC-Mechanic Maintenance.job => C:\Program Files (x86)\Uniblue\PC-Mechanic\pc-mechanic.exe
Task: C:\Windows\Tasks\PC-Mechanic Startup.job => C:\Program Files (x86)\Uniblue\PC-Mechanic\pc-mechanic.exe

==================== Loaded Modules (whitelisted) ==============

2009-11-27 16:38 - 2009-07-06 12:20 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2009-08-25 10:48 - 2009-08-25 10:48 - 00610872 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2009-09-04 14:35 - 2009-09-04 14:35 - 00173344 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2009-07-01 16:44 - 2009-07-01 16:44 - 00632888 _____ () C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
2009-10-06 00:08 - 2009-10-06 00:08 - 00931112 ____N () c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
2014-11-11 20:16 - 2014-11-13 19:42 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2912795306-1733492519-829098707-1000\...\genieo.com -> hxxp://search.genieo.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2912795306-1733492519-829098707-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Tonis\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [{982D8F78-E21C-4148-A9FB-F9FC0C36160F}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{835DAB16-6FFD-4717-9282-DF3719C314E6}] => (Allow) svchost.exe
FirewallRules: [{63AA1A9B-20E0-4E43-9D0A-C742BEDC02EB}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{2A8FAB7B-0EFE-4BC3-9E6F-22C7A307914B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{A1A8B123-B44D-41CA-A7A6-FBC12CC3B2A1}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe
FirewallRules: [{2A57F7F0-7E88-44D4-B47C-AA9EEF6AAFB0}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe
FirewallRules: [{954D263D-DC54-4E48-AF19-60FE54A2F058}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe
FirewallRules: [{FD69E884-AC49-408C-890A-1E171E5A0A1A}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\TSMAgent.exe
FirewallRules: [{2C1EDB44-2724-4ABA-98A4-BAD8218AEDF0}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{11E66EEE-AC82-4B0C-B2FF-FE38288A6BAD}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [{30EED38F-453D-45BD-8F05-5A0D13F9E2E9}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe
FirewallRules: [{A64A277C-9F79-4A3A-9C1D-4B5DBE68A877}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe
FirewallRules: [{417481EA-0F2C-4CA3-BB52-91FE5B3ECF10}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe
FirewallRules: [{D8524796-BECD-4101-99A7-E06D49DB50BB}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
FirewallRules: [{6E9FE2A8-2B4D-46D3-981A-E68913FC633A}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{2F284A0B-405C-443A-95E4-21EDC43C99A2}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\QP.exe
FirewallRules: [{65A87601-E0EB-4DB5-9237-51DA1C47761A}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\QPService.exe
FirewallRules: [{35DFC8AC-AB04-4C21-9FAD-1932ED2F7D42}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{16870E06-D9E2-4794-8E96-B8649F3734A0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{622FB39F-4F0E-4372-A858-7C68FFA315E4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{13D48AAF-51AC-4DD3-A366-18FF97593063}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{D107C30D-6E94-40F3-ACAC-A1192B8B38CC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{6FBD1D3F-7EFE-4106-AAC0-5A83786A9944}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{66FE17B3-9AF7-44CC-8717-2459FDF47720}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{BF6B3AC4-53DA-4BE6-A2BB-41DA64EDF387}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{3CA9D9A9-0783-4D73-B034-9BBA0FEE61B9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{AD847B81-4FE6-46D8-B4E7-BDFAEBE92A17}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{BEA23F5A-74AD-4195-9FFB-CE71DC2ACE5E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{2EB7877D-ED5B-489A-8123-32A70604237B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{541D3097-0170-416E-89FC-3E7AF9D162A9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{151D8A67-08F4-4E86-941F-7C17F8AE461C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{501DD1AD-BC0B-4FB4-967D-27462F338DD1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{B44B25D5-F361-47CB-AABE-43BE08016A26}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{7D3F115F-F308-4780-B077-FA47305A9F09}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{11A51587-DED0-452F-8B93-FACEB4FA951D}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{4F8779DE-5AB0-45BE-BA9B-4C9306984706}] => (Allow) C:\Users\Tonis\AppData\Local\Temp\7zS6735\OJ6500vE709_Full_13\setup\hpznui40.exe
FirewallRules: [{AD02E45D-5CA9-4546-A71A-C254A7BFEE1F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{30CAB697-ABDD-40D0-B2CB-3DEB021C0591}] => (Allow) LPort=2869
FirewallRules: [{2324E864-E6AF-48F2-829C-4A48DFD62FB2}] => (Allow) LPort=1900
FirewallRules: [{10A03322-2266-43F3-B6C5-AF3EE3E55B2F}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{250F3A97-6927-418E-BB99-0CD2393F780B}] => (Allow) C:\Users\Tonis\AppData\Local\Temp\7zS41E8\HPDiagnosticCoreUI.exe
FirewallRules: [{777B5758-170F-4336-928C-7DF342D25B26}] => (Allow) C:\Users\Tonis\AppData\Local\Temp\7zS41E8\HPDiagnosticCoreUI.exe
FirewallRules: [{EA3AE791-BF89-4F1E-B916-D7F3A9038DC6}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
FirewallRules: [{0F9352CC-6100-4803-BE28-F144273DE7DF}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{9396710E-FB99-4227-A10C-6B9D2F3516D1}] => (Allow) C:\Program Files (x86)\Solution Real\bin\SolutionReal.BRT.Helper.exe
FirewallRules: [{8854FE68-EA44-4877-9FEF-E38313812210}] => (Allow) C:\Program Files (x86)\Solution Real\bin\SolutionReal.BRT.Helper.exe
FirewallRules: [TCP Query User{7F48859E-F907-48D2-BDE7-6B14459A3D02}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{0E72FBF5-CEA5-4391-9132-955FCCBD0256}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{74FBAB20-BBF9-426F-90DC-4A22983501ED}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{6D6838C4-FF60-4300-8589-21E5E40E94F7}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [TCP Query User{DB55FC12-F0EF-476D-86B1-8717963319AA}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{0FE59CA2-4DB7-46C7-90AE-A9776264EC52}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{A2612E90-1CC5-437B-84BF-6EA08D16B3EA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/06/2015 11:06:22 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Performance monitoring cannot be initialized for the gatherer object, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.

Context:  Application, SystemIndex Catalog

Error: (05/06/2015 10:56:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17631, time stamp: 0x54b31a70
Faulting module name: ChocolateBar.dll, version: 0.0.0.0, time stamp: 0x5436929f
Exception code: 0xc0000005
Fault offset: 0x0001c486
Faulting process id: 0xe18
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (03/27/2015 11:39:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17631, time stamp: 0x54b31a70
Faulting module name: ChocolateBar.dll, version: 0.0.0.0, time stamp: 0x5436929f
Exception code: 0xc0000005
Fault offset: 0x0001c451
Faulting process id: 0x10b8
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (03/27/2015 11:39:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17631, time stamp: 0x54b31a70
Faulting module name: ChocolateBar.dll, version: 0.0.0.0, time stamp: 0x5436929f
Exception code: 0xc0000005
Fault offset: 0x0001c451
Faulting process id: 0x23b4
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (03/27/2015 11:30:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17631, time stamp: 0x54b31a70
Faulting module name: ChocolateBar.dll, version: 0.0.0.0, time stamp: 0x5436929f
Exception code: 0xc0000005
Fault offset: 0x0001c451
Faulting process id: 0x2490
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (03/27/2015 11:29:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17631, time stamp: 0x54b31a70
Faulting module name: ChocolateBar.dll, version: 0.0.0.0, time stamp: 0x5436929f
Exception code: 0xc0000005
Fault offset: 0x0001c451
Faulting process id: 0x25a8
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (03/27/2015 11:29:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17631, time stamp: 0x54b31a70
Faulting module name: ChocolateBar.dll, version: 0.0.0.0, time stamp: 0x5436929f
Exception code: 0xc0000005
Fault offset: 0x0001c451
Faulting process id: 0x2734
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (03/27/2015 11:28:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17631, time stamp: 0x54b31a70
Faulting module name: ChocolateBar.dll, version: 0.0.0.0, time stamp: 0x5436929f
Exception code: 0xc0000005
Fault offset: 0x0001c451
Faulting process id: 0x245c
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (03/27/2015 11:28:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17631, time stamp: 0x54b31a70
Faulting module name: ChocolateBar.dll, version: 0.0.0.0, time stamp: 0x5436929f
Exception code: 0xc0000005
Fault offset: 0x0001c451
Faulting process id: 0x1f54
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (03/27/2015 11:21:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17631, time stamp: 0x54b31a70
Faulting module name: ChocolateBar.dll, version: 0.0.0.0, time stamp: 0x5436929f
Exception code: 0xc0000005
Fault offset: 0x0001c451
Faulting process id: 0x270
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3


System errors:
=============
Error: (05/07/2015 02:24:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Util Jump Flip service failed to start due to the following error:
%%2

Error: (05/07/2015 02:24:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Update Solution Real service failed to start due to the following error:
%%2

Error: (05/07/2015 02:16:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Util Jump Flip service failed to start due to the following error:
%%2

Error: (05/07/2015 02:16:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Update Solution Real service failed to start due to the following error:
%%2

Error: (05/07/2015 02:01:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Util Jump Flip service failed to start due to the following error:
%%2

Error: (05/07/2015 02:01:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Update Solution Real service failed to start due to the following error:
%%2

Error: (05/07/2015 01:52:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Util Jump Flip service failed to start due to the following error:
%%2

Error: (05/07/2015 01:48:19 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureCommand with the following error:
%%5

Error: (05/07/2015 01:47:51 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5

Error: (05/07/2015 01:45:49 PM) (Source: DCOM) (EventID: 10016) (User: Tonis-PC)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Tonis-PCTonisS-1-5-21-2912795306-1733492519-829098707-1000LocalHost (Using LRPC)


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel® Core™ i3 CPU M 330 @ 2.13GHz
Percentage of memory in use: 44%
Total physical RAM: 3894.87 MB
Available physical RAM: 2178.46 MB
Total Pagefile: 7787.92 MB
Available Pagefile: 5794.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:284.6 GB) (Free:227.18 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:13.2 GB) (Free:1.88 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 84F5B2C7)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=284.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.2 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End Of Log ============================


  • 0

Advertisements


#2
kepayne228

kepayne228

    Member

  • Topic Starter
  • Member
  • PipPip
  • 79 posts

Okay I also ran a Microsoft Security Essentials scan and it removed something called Software Bundler.

 

Here is the new FRST scans:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-05-2015 01
Ran by Tonis (administrator) on TONIS-PC on 07-05-2015 16:05:48
Running from C:\Users\Tonis\Downloads
Loaded Profiles: Tonis (Available profiles: Tonis)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\stacsv64.exe
(Hewlett-Packard) C:\Windows\System32\hpservice.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1814312 2009-08-14] (Synaptics Incorporated)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610872 2009-08-25] ()
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-06-15] (IDT, Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [SunJavaUpdateSched] => "C:\Program Files\Java\jre1.8.0_31\bin\jusched.exe"
HKLM-x32\...\Run: [HPCam_Menu] => c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [323640 2010-02-25] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [600936 2009-06-29] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [500792 2010-03-23] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2912795306-1733492519-829098707-1000\...\Run: [GoogleChromeAutoLaunch_D30B0C0B46E32DAAAF8F6F8216DB5A4D] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [812872 2015-04-27] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-01-09]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2010-02-20]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2912795306-1733492519-829098707-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.genieo...08,19841,UN,0,6
URLSearchHook: HKU\S-1-5-21-2912795306-1733492519-829098707-1000 - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No File
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://vosteran.com/...=1182803608&ir=
SearchScopes: HKLM -> {7B414D43-4D41-4E63-BEE6-0004AEC01DEE} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKLM-x32 -> {7B414D43-4D41-4E63-BEE6-0004AEC01DEE} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://www.ask.com/w...q={SEARCHTERMS}
SearchScopes: HKU\S-1-5-19 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://www.ask.com/w...q={SEARCHTERMS}
SearchScopes: HKU\S-1-5-20 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://www.ask.com/w...q={SEARCHTERMS}
SearchScopes: HKU\S-1-5-21-2912795306-1733492519-829098707-1000 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://vosteran.com/...=1182803608&ir=
SearchScopes: HKU\S-1-5-21-2912795306-1733492519-829098707-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://vosteran.com/...=1182803608&ir=
SearchScopes: HKU\S-1-5-21-2912795306-1733492519-829098707-1000 -> {7B414D43-4D41-4E63-BEE6-0004AEC01DEE} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2912795306-1733492519-829098707-1000 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-2912795306-1733492519-829098707-1000 -> {986E686F-22FB-4833-9656-50F52D7FF244} URL = http://search.genieo...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2912795306-1733492519-829098707-1000 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = https://search.yahoo...08,20028,0,31,0
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO-x32: Microsoft Live Search Toolbar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll [2009-07-16] (Microsoft Corp.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll No File
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll [2009-07-16] (Microsoft Corp.)
DPF: HKLM-x32 {1851174C-97BD-4217-A0CC-E908F60D5B7A} http://h20364.www2.h...DataManager.CAB
DPF: HKLM-x32 {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Tonis\AppData\Roaming\Mozilla\Firefox\Profiles\b9gxxi44.default
FF NewTab:
FF DefaultSearchEngine: Yahoo! Search
FF SearchEngineOrder.1: Yahoo
FF SearchEngineOrder.2:
FF SelectedSearchEngine: Yahoo! Search
FF Homepage: hxxp://q.search-simple.com/?affID=na
FF Keyword.URL:
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-05-07] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-05-07] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2009-07-21] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2912795306-1733492519-829098707-1000: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.7.1\npHDPlg.dll [2009-07-20] (Hulu LLC)
FF Plugin HKU\S-1-5-21-2912795306-1733492519-829098707-1000: @yahoo.com/BrowserPlus,version=2.9.8 -> C:\Users\Tonis\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll [2010-08-04] (Yahoo! Inc.)
FF user.js: detected! => C:\Users\Tonis\AppData\Roaming\Mozilla\Firefox\Profiles\b9gxxi44.default\user.js [2015-02-16]
FF SearchPlugin: C:\Users\Tonis\AppData\Roaming\Mozilla\Firefox\Profiles\b9gxxi44.default\searchplugins\dsrlte1.xml [2015-03-27]
FF SearchPlugin: C:\Users\Tonis\AppData\Roaming\Mozilla\Firefox\Profiles\b9gxxi44.default\searchplugins\my-homepage.xml [2015-05-07]
FF SearchPlugin: C:\Users\Tonis\AppData\Roaming\Mozilla\Firefox\Profiles\b9gxxi44.default\searchplugins\search-simple.xml [2015-03-27]
FF SearchPlugin: C:\Users\Tonis\AppData\Roaming\Mozilla\Firefox\Profiles\b9gxxi44.default\searchplugins\Vosteran.xml [2015-01-17]
FF Extension: Yahoo! Toolbar - C:\Users\Tonis\AppData\Roaming\Mozilla\Firefox\Profiles\b9gxxi44.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2015-05-07]
FF Extension: Adblock Plus - C:\Users\Tonis\AppData\Roaming\Mozilla\Firefox\Profiles\b9gxxi44.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-07]
FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-03-31]
FF HKU\S-1-5-21-2912795306-1733492519-829098707-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR HomePage: Default -> hxxp://vosteran.com/?f=1&a=vst_coinis_15_03_ff&cd=2XzuyEtN2Y1L1Qzu0CyEtCyB0F0EtCzz0AzyyB0E0E0CtBtDtN0D0Tzu0StCtCtCtBtN1L2XzutAtFyBtFtBtFtCtN1L1CzutCyEtBzytDyD1V1BtAtN1L1G1B1V1N2Y1L1Qzu2StC0Czz0Dzz0FyC0DtG0EzzyEyBtGyCtD0EyBtG0AyCzztDtGtCyCyB0F0C0E0AtA0DtDyE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtA0E0D0Bzz0CyCtGtBtD0FtBtGyEtD0AtAtG0BzzyEyEtGtA0EyEtDzy0BtBtAyCtB0E0D2Q&cr=1182803608&ir=
CHR RestoreOnStartup: Default -> "hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=840_pr__alt__ddc_dsssyc_bd_com"
CHR StartupUrls: Default -> "hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=840_pr__alt__ddc_dsssyc_bd_com"
CHR DefaultSearchKeyword: Default -> yahoo.com
CHR DefaultNewTabURL: Default -> http://search.yahoo....sssyctab_bd_com
CHR DefaultSuggestURL: Default ->
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File
CHR Plugin: (Java™ Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (BrowserPlus (from Yahoo!) v2.9.8) - C:\Users\Tonis\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
CHR Plugin: (Hulu Desktop) - C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.7.1\npHDPlg.dll (Hulu LLC)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Java Deployment Toolkit 7.0.50.255) - C:\Windows\SysWOW64\npdeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll No File
CHR Profile: C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Yahoo! Search) - C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\eefhnbpnnaaokmclnihgajdnlgljajjg [2015-05-07]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-07]
CHR Extension: (Solution Real) - C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nongkkjjhbjloiienhkhphhjjlnlnbfe [2015-02-04]
CHR HKLM\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - https://clients2.goo...ice/update2/crx
CHR HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cbjibcbpmbcabnfnohhgjjmkgkimajko] - C:\Users\Tonis\AppData\Local\CRE\cbjibcbpmbcabnfnohhgjjmkgkimajko.crx [Not Found]
CHR HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kldbiondcoemmofebkcgcnbigliglcnl] - C:\Users\Tonis\AppData\Local\CRE\kldbiondcoemmofebkcgcnbigliglcnl.crx [Not Found]
CHR HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - C:\Users\Tonis\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx [Not Found]
CHR HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [aifbkdoebpbcaddcjobobbanaokiepnb] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cbjibcbpmbcabnfnohhgjjmkgkimajko] - C:\Users\Tonis\AppData\Local\CRE\cbjibcbpmbcabnfnohhgjjmkgkimajko.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [eefhnbpnnaaokmclnihgajdnlgljajjg] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ggebenakhmhfdkmkemdmllecchcldgec] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hphehadppenpmajgnkjdcopcfijjegaf] - C:\Program Files (x86)\Jump Flip\hphehadppenpmajgnkjdcopcfijjegaf.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [kldbiondcoemmofebkcgcnbigliglcnl] - C:\Users\Tonis\AppData\Local\CRE\kldbiondcoemmofebkcgcnbigliglcnl.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - C:\Users\Tonis\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - https://clients2.goo...ice/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe [89600 2010-06-15] (Andrea Electronics Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-23] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-06-16] (Hewlett-Packard Company) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-06] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\STacSV64.exe [247808 2010-06-15] (IDT, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S2 Update Solution Real; "C:\Program Files (x86)\Solution Real\updateSolutionReal.exe" [X]
S2 Util Jump Flip; "C:\Program Files (x86)\Jump Flip\bin\utilJumpFlip.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-02] (Realtek Semiconductor Corp.)
R1 {31c21995-b861-4864-ab50-4a53fbca73d4}Gw64; C:\Windows\System32\drivers\{31c21995-b861-4864-ab50-4a53fbca73d4}Gw64.sys [48784 2015-02-04] (StdLib)
R1 {6e9af5d3-a8f9-4461-ad38-1433888f55dc}Gw64; C:\Windows\System32\drivers\{6e9af5d3-a8f9-4461-ad38-1433888f55dc}Gw64.sys [48792 2015-01-17] (StdLib)
U4 eabfiltr; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-07 15:00 - 2015-05-07 15:00 - 00000000 ____D () C:\Users\Tonis\AppData\Local\Macromedia
2015-05-07 14:34 - 2015-05-07 14:34 - 00041969 _____ () C:\Users\Tonis\Downloads\Addition.txt
2015-05-07 14:32 - 2015-05-07 16:06 - 00026734 _____ () C:\Users\Tonis\Downloads\FRST.txt
2015-05-07 14:32 - 2015-05-07 14:32 - 00001439 _____ () C:\Users\Tonis\Desktop\FRST64 - Shortcut.lnk
2015-05-07 14:31 - 2015-05-07 16:05 - 00000000 ____D () C:\FRST
2015-05-07 14:31 - 2015-05-07 14:31 - 02102272 _____ (Farbar) C:\Users\Tonis\Downloads\FRST64.exe
2015-05-07 14:27 - 2015-05-07 14:27 - 00875160 _____ () C:\Users\Tonis\Downloads\installer_adobe_flash_player_English.exe
2015-05-07 14:27 - 2015-05-07 14:27 - 00875160 _____ () C:\Users\Tonis\Downloads\installer_adobe_flash_player_English(1).exe
2015-05-07 13:49 - 2015-05-07 14:16 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForTonis.job
2015-05-07 13:49 - 2015-05-07 14:08 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForTonis

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-07 15:54 - 2010-01-09 02:28 - 01807153 _____ () C:\Windows\WindowsUpdate.log
2015-05-07 15:41 - 2015-02-16 22:41 - 00000278 _____ () C:\Windows\Tasks\PC-Mechanic Maintenance.job
2015-05-07 15:37 - 2012-11-13 15:27 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-07 15:33 - 2012-11-13 15:27 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-07 15:30 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2015-05-07 15:08 - 2012-06-22 18:18 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-07 15:00 - 2012-06-22 18:18 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-07 15:00 - 2012-06-22 18:18 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-07 15:00 - 2011-07-18 22:21 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-07 15:00 - 2010-03-27 18:30 - 00000000 ____D () C:\Users\Tonis\AppData\Local\Adobe
2015-05-07 14:35 - 2009-07-13 21:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-07 14:35 - 2009-07-13 21:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-07 14:26 - 2014-11-11 20:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-07 14:26 - 2014-01-17 17:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-07 14:24 - 2015-02-16 22:41 - 00000272 _____ () C:\Windows\Tasks\PC-Mechanic Startup.job
2015-05-07 14:24 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-07 14:24 - 2009-07-13 21:51 - 00083943 _____ () C:\Windows\setupact.log
2015-05-07 14:22 - 2009-11-27 17:22 - 00000000 ____D () C:\Program Files\Java
2015-05-07 14:16 - 2010-01-09 02:33 - 00861490 _____ () C:\Windows\PFRO.log
2015-05-07 14:12 - 2010-05-28 17:46 - 00000000 ____D () C:\ProgramData\Yahoo!
2015-05-07 14:11 - 2015-02-16 22:52 - 00000000 ____D () C:\ProgramData\Fighters
2015-05-07 14:08 - 2009-07-13 22:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-07 14:07 - 2015-01-17 23:34 - 00000000 ____D () C:\ProgramData\Unchecky
2015-05-07 14:06 - 2009-07-13 19:34 - 00000603 _____ () C:\Windows\win.ini
2015-05-07 14:01 - 2015-02-04 20:53 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2015-05-07 14:01 - 2015-01-17 23:32 - 00000000 ____D () C:\Program Files (x86)\Solution Real
2015-05-07 13:45 - 2015-01-17 23:34 - 00000000 ____D () C:\Users\Tonis\AppData\Local\Vosteran
2015-05-07 13:37 - 2009-07-13 21:45 - 00349928 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-07 13:35 - 2009-11-27 15:37 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-07 13:35 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\tracing
2015-05-07 13:35 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-05-07 13:35 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-05-07 13:34 - 2012-11-13 15:27 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-06 23:20 - 2013-09-13 20:40 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-06 23:10 - 2010-03-03 22:15 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-06 23:00 - 2010-02-26 21:35 - 00000000 ____D () C:\Users\Tonis\AppData\Roaming\HpUpdate
2015-05-06 22:56 - 2011-11-24 02:42 - 00000000 ____D () C:\Users\Tonis\AppData\Local\CrashDumps

==================== Files in the root of some directories =======

2013-12-27 21:56 - 2014-01-05 22:52 - 0000000 _____ () C:\Users\Tonis\AppData\Roaming\Dialogs
2014-01-17 16:24 - 2015-02-22 22:27 - 0000241 _____ () C:\Users\Tonis\AppData\Roaming\WB.CFG
2014-01-17 16:24 - 2014-01-17 16:24 - 0000005 _____ () C:\Users\Tonis\AppData\Roaming\WBPU-TTL.DAT
2010-02-19 20:06 - 2010-02-19 20:06 - 0000000 _____ () C:\Users\Tonis\AppData\Local\AtStart.txt
2015-02-16 22:39 - 2015-02-16 22:39 - 0000064 _____ () C:\Users\Tonis\AppData\Local\cdb6eb10cee5a0c2c0afa2be7a326da5
2015-02-04 20:28 - 2015-02-04 20:28 - 0234679 _____ () C:\Users\Tonis\AppData\Local\dsi1.dat
2015-02-04 20:28 - 2015-02-04 20:28 - 0161916 _____ () C:\Users\Tonis\AppData\Local\dsi2.dat
2010-02-19 20:06 - 2010-02-19 20:06 - 0000000 _____ () C:\Users\Tonis\AppData\Local\DSwitch.txt
2010-02-19 20:06 - 2010-02-19 20:06 - 0000000 _____ () C:\Users\Tonis\AppData\Local\QSwitch.txt
2011-05-18 21:10 - 2011-05-21 13:19 - 0001940 _____ () C:\Users\Tonis\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
2014-01-05 22:52 - 2014-01-05 22:52 - 0000000 _____ () C:\ProgramData\Conditionals
2014-01-05 22:52 - 2014-01-05 22:52 - 0000000 _____ () C:\ProgramData\Devices
2010-02-19 20:06 - 2015-05-07 15:16 - 0000279 _____ () C:\ProgramData\HPWALog.txt
2010-02-19 18:59 - 2010-04-05 11:24 - 0014268 _____ () C:\ProgramData\hpzinstall.log
2013-12-27 21:57 - 2014-01-05 22:52 - 0000000 ____H () C:\ProgramData\PKP_DLes.DAT
2013-12-27 21:56 - 2014-01-05 22:52 - 0000000 ____H () C:\ProgramData\PKP_DLet.DAT
2013-12-27 21:56 - 2014-01-05 22:52 - 0000000 ____H () C:\ProgramData\PKP_DLev.DAT
2010-01-09 02:49 - 2010-01-09 02:49 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2009-11-27 16:38 - 2009-11-27 16:39 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2010-01-09 02:48 - 2010-01-09 02:48 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2009-11-27 16:34 - 2009-11-27 16:34 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-01-09 02:48 - 2010-01-09 02:48 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2010-01-09 02:48 - 2010-01-09 02:48 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2009-11-27 16:33 - 2009-11-27 16:34 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2009-11-27 16:35 - 2009-11-27 16:38 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2010-01-09 02:49 - 2010-01-09 02:49 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log

Some content of TEMP:
====================
C:\Users\Tonis\AppData\Local\Temp\CloudBackup2419.exe
C:\Users\Tonis\AppData\Local\Temp\dsrsetup.exe
C:\Users\Tonis\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Tonis\AppData\Local\Temp\install_temp.exe
C:\Users\Tonis\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Tonis\AppData\Local\Temp\res.dll
C:\Users\Tonis\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\Tonis\AppData\Local\Temp\SymCCIS.dll
C:\Users\Tonis\AppData\Local\Temp\tfhvxicz.dll
C:\Users\Tonis\AppData\Local\Temp\updater_uninstall.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-07 15:22

==================== End Of Log ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-05-2015 01
Ran by Tonis at 2015-05-07 16:06:38
Running from C:\Users\Tonis\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2912795306-1733492519-829098707-500 - Administrator - Disabled)
Guest (S-1-5-21-2912795306-1733492519-829098707-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2912795306-1733492519-829098707-1002 - Limited - Enabled)
Tonis (S-1-5-21-2912795306-1733492519-829098707-1000 - Administrator - Enabled) => C:\Users\Tonis

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
6500_E709_eDocs (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
6500_E709_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
6500_E709n (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32\...\{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}) (Version: 11.5.1.601 - Adobe Systems, Inc.)
Bejeweled 2 Deluxe (remove only) (HKLM-x32\...\Bejeweled 2 Deluxe) (Version:  - )
bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.350.6 - Broadcom Corporation)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2216 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DocMgr (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 3.1.3224 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 3.1.3224 - Hewlett-Packard) Hidden
ENE CIR Receiver Driver (HKLM\...\FFE7D41DF3C645075BB149E21988B63996C34187) (Version: 2.7.4.0 - ENE)
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{85A42FF0-F0D0-44A3-B226-C124D6E8B1D5}) (Version: 4.0.3.1 - Hewlett-Packard)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.12850.3526 - Hewlett-Packard)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Integrated Module with Bluetooth wireless technology (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.500 - Broadcom Corporation)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.1.3509 - Hewlett-Packard)
HP MediaSmart Internet TV (HKLM-x32\...\InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}) (Version: 3.1.2125 - Hewlett-Packard)
HP MediaSmart Live TV (HKLM-x32\...\InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}) (Version: 3.1.2206 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.1.3405 - Hewlett-Packard)
HP MediaSmart SlingPlayer (HKLM-x32\...\{1747DF05-6890-440B-B094-2146F5DC50E0}) (Version: 3.0.1.64 - Sling Media, Inc.)
HP MediaSmart SmartMenu (HKLM\...\{88E60521-1E4E-4785-B9F1-1798A4BD0C30}) (Version: 3.1.0.1 - Hewlett-Packard)
HP MediaSmart Software Notebook Demo (HKLM-x32\...\{82A213BD-B6AA-4281-A2D3-59D51893CC56}) (Version: 1.00.0000 - Hewlett-Packard)
HP MediaSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.2207 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{35021DFB-F9CA-402A-89A2-47F91E506465}) (Version: 1.0.2.0 - Hewlett-Packard)
HP Officejet 6500 E709 Series (HKLM\...\{2E1B4B42-069F-4F53-9966-9B9B938D7FE5}) (Version: 13.0 - HP)
HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.16.1 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HP User Guides 0154 (HKLM-x32\...\{B51605BF-6326-4553-AE96-6D7F1813D5F5}) (Version: 1.01.0001 - Hewlett-Packard)
HP Wireless Assistant (HKLM-x32\...\{4E432692-A736-4F77-AF77-F9078CF88D31}) (Version: 3.50.11.2 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hulu Desktop (HKU\S-1-5-21-2912795306-1733492519-829098707-1000\...\HuluDesktop) (Version: 0.9.7 - Hulu LLC)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6276.0 - IDT)
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.1968 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Java™ SE Development Kit 6 Update 15 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160150}) (Version: 1.6.0.150 - Sun Microsystems, Inc.)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2215 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2215 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{07E49BC1-24FF-4D7A-AC74-727BE95801AF}) (Version: 1.18.16.1 - LightScribe)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Live Search Toolbar (HKLM-x32\...\{DF802C05-4660-418c-970C-B988ADB1D316}) (Version: 3.0.566.0 - Microsoft Live Search Toolbar)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word 2007 Step by Step (HKLM-x32\...\{188D1647-5BC3-49F2-8774-9CB7406952E7}) (Version: 2.00.10 - Microsoft Press)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.1.3310 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 3.1.3310 - Hewlett-Packard) Hidden
Mozilla Firefox 33.1.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.1.1 (x86 en-US)) (Version: 33.1.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (Version: 130.0.579.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.20.0 - Symantec)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.4.2 - Nikon)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3415 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3415 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3420 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3420 - CyberLink Corp.) Hidden
ProductContext (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
QLBCASL (x32 Version: 6.40.17.2 - Hewlett-Packard) Hidden
Real Estate Exam 2006 -- Version 6.0 (HKLM-x32\...\Real Estate Exam 2006_is1) (Version:  - )
Realtek Ethernet Controller  Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0008 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30104 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2214 - CyberLink Corp.) Hidden
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.0.3 - Synaptics Incorporated)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Driver Package - Broadcom Bluetooth  (06/15/2009 6.2.0.9000) (HKLM\...\6B8550A319DDC8B17F35F4A89988705E4592349B) (Version: 06/15/2009 6.2.0.9000 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Yahoo! BrowserPlus 2.9.8 (HKU\S-1-5-21-2912795306-1733492519-829098707-1000\...\Yahoo! BrowserPlus) (Version:  - Yahoo! Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2912795306-1733492519-829098707-1000_Classes\CLSID\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}\InprocServer32 -> C:\PROGRA~2\APPGRA~1\APPGRA~2.DLL No File
CustomCLSID: HKU\S-1-5-21-2912795306-1733492519-829098707-1000_Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}\InprocServer32 -> C:\PROGRA~2\APPGRA~1\APPGRA~2.DLL No File

==================== Restore Points  =========================

15-01-2015 21:38:10 Windows Backup
25-01-2015 13:13:14 Windows Update
25-01-2015 13:19:19 Windows Backup
08-02-2015 23:33:41 Windows Update
08-02-2015 23:41:50 Windows Backup
16-02-2015 21:41:27 Windows Backup
16-02-2015 21:52:45 Windows Update
16-02-2015 22:38:44 Uniblue PC Mechanic installation
22-02-2015 22:46:38 Windows Update
02-03-2015 19:56:23 Windows Update
02-03-2015 20:01:29 Windows Backup
27-03-2015 22:49:17 Windows Update
06-05-2015 22:58:00 Windows Update
06-05-2015 23:03:19 Windows Backup
07-05-2015 14:12:53 Removed ChocolateBar by We-Care.com v1.0.1.0
07-05-2015 14:13:53 Removed Java 8 Update 31
07-05-2015 14:20:11 Removed Java 8 Update 31 (64-bit)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2015-05-07 14:22 - 00000100 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1       localhost
?

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {04C86D5C-49C8-45A6-87D7-2CC1EDF4A4F7} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {14002FE8-363F-4FCF-9CD1-4E182A179019} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSFUpdaterRedux => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {1863A247-83F2-483D-A83C-0820EFB89FB2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {1B786BA8-CA51-42FC-8941-CABC38FAACBF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {259E74B4-D25A-47C8-BD6A-A2F3181E7733} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-10-06] (CyberLink)
Task: {28B48B4C-1B04-4C5F-8145-1CE5FC5B2DFD} - \Scheduled Update for Ask Toolbar No Task File <==== ATTENTION
Task: {2B86C4B8-CDEF-4DF9-AECA-B5297CBE9CB2} - \RegClean Pro_UPDATES No Task File <==== ATTENTION
Task: {34E481E9-1F99-443D-B446-A13EEE8B5129} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-03-10] (Hewlett-Packard)
Task: {3AADF65B-B758-4E2F-86B3-5869E40BF3DA} - System32\Tasks\4706 => Wscript.exe C:\Users\Tonis\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {431E2D52-E94E-407F-B681-2473E9A37FFC} - System32\Tasks\TVAgent => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe [2009-10-06] (CyberLink Corp.)
Task: {4AEB9BB1-5C33-44FB-92B2-0AE63A199EEC} - System32\Tasks\CapSchedInst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSchedInst.exe [2009-10-06] (CL)
Task: {548F1B22-E53A-48B2-9AA2-D895D557E72E} - \BackgroundContainer Startup Task No Task File <==== ATTENTION
Task: {57B656DC-3884-4DF8-840C-D6C981B396F2} - \Advanced System Protector No Task File <==== ATTENTION
Task: {5AF07511-02F3-4C8B-89AB-DAD57B935400} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-13] (Google Inc.)
Task: {67820E6E-CD04-4675-9E08-DF098565EB31} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-07] (Adobe Systems Incorporated)
Task: {769CF88F-EA43-4C8A-88A3-F74F26C4D882} - \RegClean Pro_DEFAULT No Task File <==== ATTENTION
Task: {856FE23F-EE28-4E11-AAA1-0C1029D54186} - \RegClean Pro No Task File <==== ATTENTION
Task: {930EA4F5-F33B-46FA-87AA-5629B78C8174} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-13] (Google Inc.)
Task: {A2D16998-0B0E-41A4-8F94-C4FADAD86AF0} - System32\Tasks\{6BDF8B11-C75E-43DC-8306-B1FB2635E21E} => pcalua.exe -a "C:\Users\Tonis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TF5UNW4N\yahoo_bejeweled2_tm6-2[1].exe" -d C:\Users\Tonis\Desktop
Task: {AA879DED-2BA7-4516-B3E6-9F38AB308C46} - System32\Tasks\PC-Mechanic Startup => C:\Program Files (x86)\Uniblue\PC-Mechanic\pc-mechanic.exe
Task: {B3EFAC6E-B9F4-4FDF-8CA3-7510928340C0} - \Advanced System Protector_startup No Task File <==== ATTENTION
Task: {B9104D1C-F3FB-40DE-91DE-066D2755CC50} - System32\Tasks\CapUninst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapUninst.exe [2009-10-06] (CL)
Task: {CCAA55F6-0FD6-4F7C-B8E5-F108636DF7CF} - System32\Tasks\isharpsoft Task => C:\Users\Tonis\AppData\Roaming\UpdateServ\IRegCleaner.exe
Task: {CF195B6A-B0DB-4778-BD32-AA2019370D17} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
Task: {DD8C4E1F-B876-4328-A6EA-4D1CB5803AD2} - System32\Tasks\HPCeeScheduleForTonis => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {E26F4E2B-1159-46FF-A098-B4BC6F88DDF3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {E4490934-409D-44DE-A832-4D7E4C050292} - \MySearchDial No Task File <==== ATTENTION
Task: {E44EE73B-395E-440F-803E-A956CE27D5F4} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {E86D91C1-3B32-41E7-992B-42A995ACBE35} - System32\Tasks\PC-Mechanic Maintenance => C:\Program Files (x86)\Uniblue\PC-Mechanic\pc-mechanic.exe
Task: {EF2C49CA-4C50-4480-B825-49A509611996} - System32\Tasks\CapSvcInst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSvcInst.exe [2009-10-06] (CL)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForTonis.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\PC-Mechanic Maintenance.job => C:\Program Files (x86)\Uniblue\PC-Mechanic\pc-mechanic.exe
Task: C:\Windows\Tasks\PC-Mechanic Startup.job => C:\Program Files (x86)\Uniblue\PC-Mechanic\pc-mechanic.exe

==================== Loaded Modules (whitelisted) ==============

2009-11-27 16:38 - 2009-07-06 12:20 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2009-08-25 10:48 - 2009-08-25 10:48 - 00610872 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2009-09-04 14:35 - 2009-09-04 14:35 - 00173344 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2009-07-01 16:44 - 2009-07-01 16:44 - 00632888 _____ () C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
2009-10-06 00:08 - 2009-10-06 00:08 - 00931112 ____N () c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2912795306-1733492519-829098707-1000\...\genieo.com -> hxxp://search.genieo.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2912795306-1733492519-829098707-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Tonis\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [{982D8F78-E21C-4148-A9FB-F9FC0C36160F}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{835DAB16-6FFD-4717-9282-DF3719C314E6}] => (Allow) svchost.exe
FirewallRules: [{63AA1A9B-20E0-4E43-9D0A-C742BEDC02EB}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{2A8FAB7B-0EFE-4BC3-9E6F-22C7A307914B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{A1A8B123-B44D-41CA-A7A6-FBC12CC3B2A1}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe
FirewallRules: [{2A57F7F0-7E88-44D4-B47C-AA9EEF6AAFB0}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe
FirewallRules: [{954D263D-DC54-4E48-AF19-60FE54A2F058}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe
FirewallRules: [{FD69E884-AC49-408C-890A-1E171E5A0A1A}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\TSMAgent.exe
FirewallRules: [{2C1EDB44-2724-4ABA-98A4-BAD8218AEDF0}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{11E66EEE-AC82-4B0C-B2FF-FE38288A6BAD}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [{30EED38F-453D-45BD-8F05-5A0D13F9E2E9}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe
FirewallRules: [{A64A277C-9F79-4A3A-9C1D-4B5DBE68A877}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe
FirewallRules: [{417481EA-0F2C-4CA3-BB52-91FE5B3ECF10}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe
FirewallRules: [{D8524796-BECD-4101-99A7-E06D49DB50BB}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
FirewallRules: [{6E9FE2A8-2B4D-46D3-981A-E68913FC633A}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{2F284A0B-405C-443A-95E4-21EDC43C99A2}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\QP.exe
FirewallRules: [{65A87601-E0EB-4DB5-9237-51DA1C47761A}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\QPService.exe
FirewallRules: [{35DFC8AC-AB04-4C21-9FAD-1932ED2F7D42}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{16870E06-D9E2-4794-8E96-B8649F3734A0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{622FB39F-4F0E-4372-A858-7C68FFA315E4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{13D48AAF-51AC-4DD3-A366-18FF97593063}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{D107C30D-6E94-40F3-ACAC-A1192B8B38CC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{6FBD1D3F-7EFE-4106-AAC0-5A83786A9944}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{66FE17B3-9AF7-44CC-8717-2459FDF47720}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{BF6B3AC4-53DA-4BE6-A2BB-41DA64EDF387}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{3CA9D9A9-0783-4D73-B034-9BBA0FEE61B9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{AD847B81-4FE6-46D8-B4E7-BDFAEBE92A17}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{BEA23F5A-74AD-4195-9FFB-CE71DC2ACE5E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{2EB7877D-ED5B-489A-8123-32A70604237B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{541D3097-0170-416E-89FC-3E7AF9D162A9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{151D8A67-08F4-4E86-941F-7C17F8AE461C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{501DD1AD-BC0B-4FB4-967D-27462F338DD1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{B44B25D5-F361-47CB-AABE-43BE08016A26}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{7D3F115F-F308-4780-B077-FA47305A9F09}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{11A51587-DED0-452F-8B93-FACEB4FA951D}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{4F8779DE-5AB0-45BE-BA9B-4C9306984706}] => (Allow) C:\Users\Tonis\AppData\Local\Temp\7zS6735\OJ6500vE709_Full_13\setup\hpznui40.exe
FirewallRules: [{AD02E45D-5CA9-4546-A71A-C254A7BFEE1F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{30CAB697-ABDD-40D0-B2CB-3DEB021C0591}] => (Allow) LPort=2869
FirewallRules: [{2324E864-E6AF-48F2-829C-4A48DFD62FB2}] => (Allow) LPort=1900
FirewallRules: [{10A03322-2266-43F3-B6C5-AF3EE3E55B2F}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{250F3A97-6927-418E-BB99-0CD2393F780B}] => (Allow) C:\Users\Tonis\AppData\Local\Temp\7zS41E8\HPDiagnosticCoreUI.exe
FirewallRules: [{777B5758-170F-4336-928C-7DF342D25B26}] => (Allow) C:\Users\Tonis\AppData\Local\Temp\7zS41E8\HPDiagnosticCoreUI.exe
FirewallRules: [{EA3AE791-BF89-4F1E-B916-D7F3A9038DC6}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
FirewallRules: [{0F9352CC-6100-4803-BE28-F144273DE7DF}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{9396710E-FB99-4227-A10C-6B9D2F3516D1}] => (Allow) C:\Program Files (x86)\Solution Real\bin\SolutionReal.BRT.Helper.exe
FirewallRules: [{8854FE68-EA44-4877-9FEF-E38313812210}] => (Allow) C:\Program Files (x86)\Solution Real\bin\SolutionReal.BRT.Helper.exe
FirewallRules: [TCP Query User{7F48859E-F907-48D2-BDE7-6B14459A3D02}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{0E72FBF5-CEA5-4391-9132-955FCCBD0256}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{74FBAB20-BBF9-426F-90DC-4A22983501ED}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{6D6838C4-FF60-4300-8589-21E5E40E94F7}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [TCP Query User{DB55FC12-F0EF-476D-86B1-8717963319AA}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{0FE59CA2-4DB7-46C7-90AE-A9776264EC52}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{A2612E90-1CC5-437B-84BF-6EA08D16B3EA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/07/2015 03:28:43 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (05/06/2015 11:06:22 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Performance monitoring cannot be initialized for the gatherer object, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.

Context:  Application, SystemIndex Catalog

Error: (05/06/2015 10:56:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17631, time stamp: 0x54b31a70
Faulting module name: ChocolateBar.dll, version: 0.0.0.0, time stamp: 0x5436929f
Exception code: 0xc0000005
Fault offset: 0x0001c486
Faulting process id: 0xe18
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (03/27/2015 11:39:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17631, time stamp: 0x54b31a70
Faulting module name: ChocolateBar.dll, version: 0.0.0.0, time stamp: 0x5436929f
Exception code: 0xc0000005
Fault offset: 0x0001c451
Faulting process id: 0x10b8
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (03/27/2015 11:39:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17631, time stamp: 0x54b31a70
Faulting module name: ChocolateBar.dll, version: 0.0.0.0, time stamp: 0x5436929f
Exception code: 0xc0000005
Fault offset: 0x0001c451
Faulting process id: 0x23b4
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (03/27/2015 11:30:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17631, time stamp: 0x54b31a70
Faulting module name: ChocolateBar.dll, version: 0.0.0.0, time stamp: 0x5436929f
Exception code: 0xc0000005
Fault offset: 0x0001c451
Faulting process id: 0x2490
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (03/27/2015 11:29:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17631, time stamp: 0x54b31a70
Faulting module name: ChocolateBar.dll, version: 0.0.0.0, time stamp: 0x5436929f
Exception code: 0xc0000005
Fault offset: 0x0001c451
Faulting process id: 0x25a8
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (03/27/2015 11:29:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17631, time stamp: 0x54b31a70
Faulting module name: ChocolateBar.dll, version: 0.0.0.0, time stamp: 0x5436929f
Exception code: 0xc0000005
Fault offset: 0x0001c451
Faulting process id: 0x2734
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (03/27/2015 11:28:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17631, time stamp: 0x54b31a70
Faulting module name: ChocolateBar.dll, version: 0.0.0.0, time stamp: 0x5436929f
Exception code: 0xc0000005
Fault offset: 0x0001c451
Faulting process id: 0x245c
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (03/27/2015 11:28:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17631, time stamp: 0x54b31a70
Faulting module name: ChocolateBar.dll, version: 0.0.0.0, time stamp: 0x5436929f
Exception code: 0xc0000005
Fault offset: 0x0001c451
Faulting process id: 0x1f54
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3


System errors:
=============
Error: (05/07/2015 02:24:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Util Jump Flip service failed to start due to the following error:
%%2

Error: (05/07/2015 02:24:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Update Solution Real service failed to start due to the following error:
%%2

Error: (05/07/2015 02:16:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Util Jump Flip service failed to start due to the following error:
%%2

Error: (05/07/2015 02:16:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Update Solution Real service failed to start due to the following error:
%%2

Error: (05/07/2015 02:01:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Util Jump Flip service failed to start due to the following error:
%%2

Error: (05/07/2015 02:01:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Update Solution Real service failed to start due to the following error:
%%2

Error: (05/07/2015 01:52:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Util Jump Flip service failed to start due to the following error:
%%2

Error: (05/07/2015 01:48:19 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureCommand with the following error:
%%5

Error: (05/07/2015 01:47:51 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5

Error: (05/07/2015 01:45:49 PM) (Source: DCOM) (EventID: 10016) (User: Tonis-PC)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Tonis-PCTonisS-1-5-21-2912795306-1733492519-829098707-1000LocalHost (Using LRPC)


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel® Core™ i3 CPU M 330 @ 2.13GHz
Percentage of memory in use: 40%
Total physical RAM: 3894.87 MB
Available physical RAM: 2309.46 MB
Total Pagefile: 7787.92 MB
Available Pagefile: 6031.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:284.6 GB) (Free:226.84 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:13.2 GB) (Free:2.19 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 84F5B2C7)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=284.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.2 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End Of Log ============================


  • 0

#3
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Hi. My name is Brian, and I would be happy to look into your issue.
 


- General Instructions -

  • Please read all instructions and fixes thoroughly. Read the ENTIRE post BEFORE performing any steps so you understand all that needs to be done.
  • I would advise printing any instructions for easy reference as some of the fixes may require you to boot in Safe mode. Access to these instructions may not be available in Safe Mode.
  • Any fixes provided by myself are for this log file only and should not be used on any other systems.
  • Do not run any other removal software or perform updates other than the ones I provide, as it will complicate the cleaning process.
  • It's very likely that part of our cleanup will include emptying your recycle bin. If you use your recycle bin as an archive and do not wish this to be emptied, please let me know.
  • It is also likely during our cleaning process that your internet browsing history will be removed. Your favorites will be untouched. If you don't want this to happen you need to let me know before running any steps so I can adjust my fixes accordingly.
  • You have 4 days to reply to each post or the topic will be closed. You will be able to request that the topic be re-opened by sending me a PM (Personal Message) or PM a moderator.
  • Please feel free to ask any questions, especially if you are having problems with my instructions.


- Save ALL Tools to your Desktop-

 

All tools that I have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.
 
Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.
Chrome.JPGGoogle Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser.Settings.JPG Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.
Firefox.JPGMozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Settings.JPG Choose Options. In the downloads section, click the Browse button, click on the Desktop folder
and the click the "Select Folder" button. Click OK to get out of the Options menu.
IE.jpgInternet Explorer - Click the Tools menu in the upper right-corner of the browser. Tools.JPG Select View downloads. Select the Options link in the lower left of the window. Click Browse and
select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.
 

- Finally Before We Start-

 
Removing malware is a complicated multiple step process, Please stay with me until I have declared your system clean. I strongly recommend you backup your personal files and folders. Although rare, attempting to remove malware can render your machine unbootable or cause data loss. Having backups of your data is your responsibility. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

 

 

 

 

Let's get started.

 

Step#1 - FRST Fix
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
1. Download attached file and save it to the Desktop. Attached File  fixlist.txt   6.57KB   224 downloads
Note. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work (in this case...the desktop).
2. Run FRST64 by Right-Clicking on the file and choosing Run as administrator.
3. Press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
4. When finished FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents of it in your reply.

 

Step#2 - AdWCleaner
1. Please download AdwCleaner by Xplode onto your desktop.
2. Close all open programs and internet browsers.
3. Right-click on AdwCleaner.exe and select Run as administrator to run the tool.
4. Click on Scan.
5. After the scan is complete click on "Cleaning"
6. Confirm each time with Ok.
7. Your computer will be rebooted automatically. A text file will open after the restart.
8. Please post the content of that logfile with your next answer.
9. If need be, you can also find the logfile at C:\AdwCleaner\AdwCleaner[S0].txt as well.

 

Step#3 - JRT
1. Download Junkware Removal Tool to your desktop.
1. Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
2. The tool will open and start scanning your system.
3. Please be patient as this can take a while to complete depending on your system's specifications.
4. On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
5. Close the text file and reboot your machine.
6. Post the contents of JRT.txt into your next message.

 

 

 

Items for your next post

1. FRST Fix Log

2. AdwCleaner Log

3. Junkware Log

 


  • 0

#4
kepayne228

kepayne228

    Member

  • Topic Starter
  • Member
  • PipPip
  • 79 posts

Hi Brian, I just saw that you replied to this. I will be able to work on this tonight when I see my stepmother. Thank you.


  • 0

#5
kepayne228

kepayne228

    Member

  • Topic Starter
  • Member
  • PipPip
  • 79 posts

Brian,

 

I am getting stuck on the ADW Cleaner step of this process. I did the scan on ADW. I clicked Clean. There are no folders that appear on the list, just items in files, scheduled tasks, registry,  shortcuts, etc. So the ADW says it is deleting folders and it stops there. It does not go any further.

 

Please advise.


Edited by kepayne228, 18 May 2015 - 01:14 PM.

  • 0

#6
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

I've seen this before. Please skip Step#2 and go ahead to Step#3. Thanks.


  • 0

#7
kepayne228

kepayne228

    Member

  • Topic Starter
  • Member
  • PipPip
  • 79 posts

Hi Brian!

 

I'm not sure what a standard amount of time is for the JRT scan but I started the scan shortly after your last reply (almost 3 hours ago) and it seems stuck on "Checking Processes."

 

I have left it running (I'm sending this from another computer).

 

Please let me know if this is normal or if I need to try something else.

 

Thanks!


  • 0

#8
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

It should run in only a few minutes so something is wrong. Go ahead and stop the program and just post the results of the FRST fix from step#1. Thanks.


  • 0

#9
kepayne228

kepayne228

    Member

  • Topic Starter
  • Member
  • PipPip
  • 79 posts

When I tried to close out of ADW and JRT, the computer was frozen, I couldn't even do Ctrl+alt+del  I had to turn off the computer manually.

 

Here is the log from step 1

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-05-2015 02
Ran by Tonis at 2015-05-18 11:29:54 Run:1
Running from C:\Users\Tonis\Desktop
Loaded Profiles: Tonis (Available profiles: Tonis)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CreateRestorePoint:
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2912795306-1733492519-829098707-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.genieo...08,19841,UN,0,6
URLSearchHook: HKU\S-1-5-21-2912795306-1733492519-829098707-1000 - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No File
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://vosteran.com/...=1182803608&ir=
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKU\.DEFAULT -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://www.ask.com/w...q={SEARCHTERMS}
SearchScopes: HKU\S-1-5-19 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://www.ask.com/w...q={SEARCHTERMS}
SearchScopes: HKU\S-1-5-20 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://www.ask.com/w...q={SEARCHTERMS}
SearchScopes: HKU\S-1-5-21-2912795306-1733492519-829098707-1000 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://vosteran.com/...=1182803608&ir=
SearchScopes: HKU\S-1-5-21-2912795306-1733492519-829098707-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://vosteran.com/...=1182803608&ir=
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
FF user.js: detected! => C:\Users\Tonis\AppData\Roaming\Mozilla\Firefox\Profiles\b9gxxi44.default\user.js [2015-02-16]
FF SearchPlugin: C:\Users\Tonis\AppData\Roaming\Mozilla\Firefox\Profiles\b9gxxi44.default\searchplugins\dsrlte1.xml [2015-03-27]
FF SearchPlugin: C:\Users\Tonis\AppData\Roaming\Mozilla\Firefox\Profiles\b9gxxi44.default\searchplugins\my-homepage.xml [2015-05-07]
FF SearchPlugin: C:\Users\Tonis\AppData\Roaming\Mozilla\Firefox\Profiles\b9gxxi44.default\searchplugins\search-simple.xml [2015-03-27]
FF SearchPlugin: C:\Users\Tonis\AppData\Roaming\Mozilla\Firefox\Profiles\b9gxxi44.default\searchplugins\Vosteran.xml [2015-01-17]
FF Extension: Yahoo! Toolbar - C:\Users\Tonis\AppData\Roaming\Mozilla\Firefox\Profiles\b9gxxi44.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2015-02-16]
FF Extension: Solution Real 1.0.1 - C:\Users\Tonis\AppData\Roaming\Mozilla\Firefox\Profiles\b9gxxi44.default\Extensions\{6e9af5d3-a8f9-4461-ad38-1433888f55dc}.xpi [2015-01-17]
CHR HomePage: Default -> hxxp://vosteran.com/?f=1&a=vst_coinis_15_03_ff&cd=2XzuyEtN2Y1L1Qzu0CyEtCyB0F0EtCzz0AzyyB0E0E0CtBtDtN0D0Tzu0StCtCtCtBtN1L2XzutAtFyBtFtBtFtCtN1L1CzutCyEtBzytDyD1V1BtAtN1L1G1B1V1N2Y1L1Qzu2StC0Czz0Dzz0FyC0DtG0EzzyEyBtGyCtD0EyBtG0AyCzztDtGtCyCyB0F0C0E0AtA0DtDyE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtA0E0D0Bzz0CyCtGtBtD0FtBtGyEtD0AtAtG0BzzyEyEtGtA0EyEtDzy0BtBtAyCtB0E0D2Q&cr=1182803608&ir=
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Extension: (Solution Real) - C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nongkkjjhbjloiienhkhphhjjlnlnbfe [2015-02-04]
CHR HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cbjibcbpmbcabnfnohhgjjmkgkimajko] - C:\Users\Tonis\AppData\Local\CRE\cbjibcbpmbcabnfnohhgjjmkgkimajko.crx [Not Found]
CHR HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kldbiondcoemmofebkcgcnbigliglcnl] - C:\Users\Tonis\AppData\Local\CRE\kldbiondcoemmofebkcgcnbigliglcnl.crx [Not Found]
CHR HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - C:\Users\Tonis\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [cbjibcbpmbcabnfnohhgjjmkgkimajko] - C:\Users\Tonis\AppData\Local\CRE\cbjibcbpmbcabnfnohhgjjmkgkimajko.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [hphehadppenpmajgnkjdcopcfijjegaf] - C:\Program Files (x86)\Jump Flip\hphehadppenpmajgnkjdcopcfijjegaf.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [kldbiondcoemmofebkcgcnbigliglcnl] - C:\Users\Tonis\AppData\Local\CRE\kldbiondcoemmofebkcgcnbigliglcnl.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - C:\Users\Tonis\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx [Not Found]
S2 Update Solution Real; "C:\Program Files (x86)\Solution Real\updateSolutionReal.exe" [X]
S2 Util Jump Flip; "C:\Program Files (x86)\Jump Flip\bin\utilJumpFlip.exe" [X]
R1 {31c21995-b861-4864-ab50-4a53fbca73d4}Gw64; C:\Windows\System32\drivers\{31c21995-b861-4864-ab50-4a53fbca73d4}Gw64.sys [48784 2015-02-04] (StdLib)
C:\Windows\System32\drivers\{31c21995-b861-4864-ab50-4a53fbca73d4}Gw64.sys
R1 {6e9af5d3-a8f9-4461-ad38-1433888f55dc}Gw64; C:\Windows\System32\drivers\{6e9af5d3-a8f9-4461-ad38-1433888f55dc}Gw64.sys [48792 2015-01-17] (StdLib)
C:\Windows\System32\drivers\{6e9af5d3-a8f9-4461-ad38-1433888f55dc}Gw64.sys
CustomCLSID: HKU\S-1-5-21-2912795306-1733492519-829098707-1000_Classes\CLSID\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}\InprocServer32 -> C:\PROGRA~2\APPGRA~1\APPGRA~2.DLL No File
CustomCLSID: HKU\S-1-5-21-2912795306-1733492519-829098707-1000_Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}\InprocServer32 -> C:\PROGRA~2\APPGRA~1\APPGRA~2.DLL No File
Task: {04C86D5C-49C8-45A6-87D7-2CC1EDF4A4F7} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {28B48B4C-1B04-4C5F-8145-1CE5FC5B2DFD} - \Scheduled Update for Ask Toolbar No Task File <==== ATTENTION
Task: {2B86C4B8-CDEF-4DF9-AECA-B5297CBE9CB2} - \RegClean Pro_UPDATES No Task File <==== ATTENTION
Task: {3AADF65B-B758-4E2F-86B3-5869E40BF3DA} - System32\Tasks\4706 => Wscript.exe C:\Users\Tonis\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {548F1B22-E53A-48B2-9AA2-D895D557E72E} - \BackgroundContainer Startup Task No Task File <==== ATTENTION
Task: {57B656DC-3884-4DF8-840C-D6C981B396F2} - \Advanced System Protector No Task File <==== ATTENTION
Task: {769CF88F-EA43-4C8A-88A3-F74F26C4D882} - \RegClean Pro_DEFAULT No Task File <==== ATTENTION
Task: {856FE23F-EE28-4E11-AAA1-0C1029D54186} - \RegClean Pro No Task File <==== ATTENTION
Task: {E4490934-409D-44DE-A832-4D7E4C050292} - \MySearchDial No Task File <==== ATTENTION
Task: {E44EE73B-395E-440F-803E-A956CE27D5F4} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
IE trusted site: HKU\S-1-5-21-2912795306-1733492519-829098707-1000\...\genieo.com -> hxxp://search.genieo.com
Cmd: wevtutil cl application
Cmd: wevtutil cl system
Cmd: wevtutil cl security
EmptyTemp:

 


 
*****************

Restore point was successfully created.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKU\S-1-5-21-2912795306-1733492519-829098707-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-2912795306-1733492519-829098707-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F} => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => Key deleted successfully.
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}" => Key deleted successfully.
HKCR\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} => Key not found.
"HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}" => Key deleted successfully.
HKCR\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} => Key not found.
"HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}" => Key deleted successfully.
HKCR\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} => Key not found.
HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => Key deleted successfully.
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670} => Key not found.
C:\Users\Tonis\AppData\Roaming\Mozilla\Firefox\Profiles\b9gxxi44.default\user.js => Moved successfully.
C:\Users\Tonis\AppData\Roaming\Mozilla\Firefox\Profiles\b9gxxi44.default\searchplugins\dsrlte1.xml => Moved successfully.
C:\Users\Tonis\AppData\Roaming\Mozilla\Firefox\Profiles\b9gxxi44.default\searchplugins\my-homepage.xml => Moved successfully.
C:\Users\Tonis\AppData\Roaming\Mozilla\Firefox\Profiles\b9gxxi44.default\searchplugins\search-simple.xml => Moved successfully.
C:\Users\Tonis\AppData\Roaming\Mozilla\Firefox\Profiles\b9gxxi44.default\searchplugins\Vosteran.xml => Moved successfully.
C:\Users\Tonis\AppData\Roaming\Mozilla\Firefox\Profiles\b9gxxi44.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} => Moved successfully.
C:\Users\Tonis\AppData\Roaming\Mozilla\Firefox\Profiles\b9gxxi44.default\Extensions\{6e9af5d3-a8f9-4461-ad38-1433888f55dc}.xpi not found.
Chrome HomePage deleted successfully.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll not found.
C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nongkkjjhbjloiienhkhphhjjlnlnbfe => Moved successfully.
"HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\Google\Chrome\Extensions\cbjibcbpmbcabnfnohhgjjmkgkimajko" => Key deleted successfully.
"HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\Google\Chrome\Extensions\kldbiondcoemmofebkcgcnbigliglcnl" => Key deleted successfully.
"HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\Google\Chrome\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cbjibcbpmbcabnfnohhgjjmkgkimajko" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\hphehadppenpmajgnkjdcopcfijjegaf" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kldbiondcoemmofebkcgcnbigliglcnl" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi" => Key deleted successfully.
Update Solution Real => Service deleted successfully.
Util Jump Flip => Service deleted successfully.
{31c21995-b861-4864-ab50-4a53fbca73d4}Gw64 => Service stopped successfully.
{31c21995-b861-4864-ab50-4a53fbca73d4}Gw64 => Service deleted successfully.
C:\Windows\System32\drivers\{31c21995-b861-4864-ab50-4a53fbca73d4}Gw64.sys => Moved successfully.
{6e9af5d3-a8f9-4461-ad38-1433888f55dc}Gw64 => Service stopped successfully.
{6e9af5d3-a8f9-4461-ad38-1433888f55dc}Gw64 => Service deleted successfully.
C:\Windows\System32\drivers\{6e9af5d3-a8f9-4461-ad38-1433888f55dc}Gw64.sys => Moved successfully.
"HKU\S-1-5-21-2912795306-1733492519-829098707-1000_Classes\CLSID\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}" => Key deleted successfully.
"HKU\S-1-5-21-2912795306-1733492519-829098707-1000_Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{04C86D5C-49C8-45A6-87D7-2CC1EDF4A4F7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{04C86D5C-49C8-45A6-87D7-2CC1EDF4A4F7}" => Key deleted successfully.
C:\Windows\System32\Tasks\LaunchSignup => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchSignup" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{28B48B4C-1B04-4C5F-8145-1CE5FC5B2DFD}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{28B48B4C-1B04-4C5F-8145-1CE5FC5B2DFD}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2B86C4B8-CDEF-4DF9-AECA-B5297CBE9CB2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B86C4B8-CDEF-4DF9-AECA-B5297CBE9CB2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegClean Pro_UPDATES" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3AADF65B-B758-4E2F-86B3-5869E40BF3DA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3AADF65B-B758-4E2F-86B3-5869E40BF3DA}" => Key deleted successfully.
C:\Windows\System32\Tasks\4706 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4706" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{548F1B22-E53A-48B2-9AA2-D895D557E72E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{548F1B22-E53A-48B2-9AA2-D895D557E72E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BackgroundContainer Startup Task" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{57B656DC-3884-4DF8-840C-D6C981B396F2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57B656DC-3884-4DF8-840C-D6C981B396F2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Advanced System Protector" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{769CF88F-EA43-4C8A-88A3-F74F26C4D882}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{769CF88F-EA43-4C8A-88A3-F74F26C4D882}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegClean Pro_DEFAULT" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{856FE23F-EE28-4E11-AAA1-0C1029D54186}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{856FE23F-EE28-4E11-AAA1-0C1029D54186}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegClean Pro" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E4490934-409D-44DE-A832-4D7E4C050292}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E4490934-409D-44DE-A832-4D7E4C050292}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MySearchDial" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E44EE73B-395E-440F-803E-A956CE27D5F4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E44EE73B-395E-440F-803E-A956CE27D5F4}" => Key deleted successfully.
C:\Windows\System32\Tasks\0 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0" => Key deleted successfully.
"HKU\S-1-5-21-2912795306-1733492519-829098707-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\genieo.com" => Key deleted successfully.

=========  wevtutil cl application =========


========= End of CMD: =========


=========  wevtutil cl system =========


========= End of CMD: =========


=========  wevtutil cl security =========


========= End of CMD: =========

EmptyTemp: => Removed 614.6 MB temporary data.


The system needed a reboot.

==== End of Fixlog 11:32:57 ====


  • 0

#10
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Thank you. Please uninstall Malwarebytes Anti-Malware version 1.75.0.1300 as it's an older version and then follow the instructions below to scan.

 

Step#1 - Malwarebytes Scan


  • Download Malwarebytes to your desktop from here.
  • Right-click on the file that is downloaded to your desktop and select Run as administrator. Answer Yes when asked to Allow.
  • Select the appropriate language and click OK.
  • Click Next.
  • Select "I accept the agreement" and click Next.
  • Click Next
  • Change the install path if desired. Normally you will keep this as is. Click Next.
  • Click Next again.
  • Click Next again.
  • Click Install.
  • Uncheck "Enable free trial of Malwarebytes Anti-Malware Premium".
  • Click Finish
  • If an update is found you will be prompted to download and install. Go ahead.
  • Click the Settings button and then the Detection and Protection tab. Then check the box to Scan for rootkits. as shown below.
  • ScanForRootkits.JPG
     
  • Click the Scan button at the top of the form and then click Start Scan button and let complete.
  • If malware was detected you can now click the Remove Selected Button. If no malware was detected you can skip the rest of these bullet items and go to the next step which is to retrieve the Malwarebytes log.
  • RemoveSelected.JPG
  • Once the malware is removed you may get a prompt asking you to reboot. Note: Please answer Yes.
  • Restart.JPG.

 
Step#2 - Retrieve Malwarebytes Log
1. Open up the Malwarebytes program again if it's not already. You can simply double click on the shortcut on your desktop that says "Malwarebytes Anti-Malware".
2. Click the History button as shown in the picture below.
3. Click Application Logs as shown in the picture below.
4. Click on the most recent Scan Log as shown in the picture below.
ApplicationLog.JPG
 
5. The Scanning History Log screen will open. Click the Export button in the lower left and choose Copy to Clipboard. Paste the info into your next post (Right-click your mouse in the post and select Paste).
ScanningHistory.JPG

 


  • 0

Advertisements


#11
kepayne228

kepayne228

    Member

  • Topic Starter
  • Member
  • PipPip
  • 79 posts

Hi Brian!

 

Here is the Malware Bytes log

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 5/18/2015
Scan Time: 5:29:37 PM
Logfile:
Administrator: Yes

Version: 2.01.6.1022
Malware Database: v2015.05.18.06
Rootkit Database: v2015.05.16.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Tonis

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 359276
Time Elapsed: 17 min, 38 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 74
PUP.Optional.DefaultTab.A, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{7F6AFBF1-E065-4627-A2FD-810366367D01}, Quarantined, [46d84451a6e451e56cbf2c31b74c847c],
PUP.Optional.AppGraffiti.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}, Quarantined, [a47a187d226812240fb8256941c210f0],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{0400EBCA-042C-4000-AA89-9713FBEDB671}, Quarantined, [ac729ff6d1b90d295adae8a861a27090],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\TypeLib\{FBC322D5-407E-4854-8C0B-555B951FD8E3}, Quarantined, [3ae4d9bcc2c88bab77bd028e847faa56],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{0BD19251-4B4B-4B94-AB16-617106245BB7}, Quarantined, [3ae4d9bcc2c88bab77bd028e847faa56],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}, Quarantined, [3ae4d9bcc2c88bab77bd028e847faa56],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}, Quarantined, [3ae4d9bcc2c88bab77bd028e847faa56],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{44B29DDD-CF7A-454A-A275-A322A398D93F}, Quarantined, [3ae4d9bcc2c88bab77bd028e847faa56],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}, Quarantined, [3ae4d9bcc2c88bab77bd028e847faa56],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}, Quarantined, [3ae4d9bcc2c88bab77bd028e847faa56],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{B2DB115C-8278-4947-9A07-57B53D1C4215}, Quarantined, [3ae4d9bcc2c88bab77bd028e847faa56],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{B97FC455-DB33-431D-84DB-6F1514110BD5}, Quarantined, [3ae4d9bcc2c88bab77bd028e847faa56],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}, Quarantined, [3ae4d9bcc2c88bab77bd028e847faa56],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{E72E9312-0367-4216-BFC7-21485FA8390B}, Quarantined, [3ae4d9bcc2c88bab77bd028e847faa56],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}, Quarantined, [3ae4d9bcc2c88bab77bd028e847faa56],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}, Quarantined, [3ae4d9bcc2c88bab77bd028e847faa56],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{0BD19251-4B4B-4B94-AB16-617106245BB7}, Quarantined, [3ae4d9bcc2c88bab77bd028e847faa56],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}, Quarantined, [3ae4d9bcc2c88bab77bd028e847faa56],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}, Quarantined, [3ae4d9bcc2c88bab77bd028e847faa56],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{44B29DDD-CF7A-454A-A275-A322A398D93F}, Quarantined, [3ae4d9bcc2c88bab77bd028e847faa56],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}, Quarantined, [3ae4d9bcc2c88bab77bd028e847faa56],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}, Quarantined, [3ae4d9bcc2c88bab77bd028e847faa56],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B2DB115C-8278-4947-9A07-57B53D1C4215}, Quarantined, [3ae4d9bcc2c88bab77bd028e847faa56],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B97FC455-DB33-431D-84DB-6F1514110BD5}, Quarantined, [3ae4d9bcc2c88bab77bd028e847faa56],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}, Quarantined, [3ae4d9bcc2c88bab77bd028e847faa56],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E72E9312-0367-4216-BFC7-21485FA8390B}, Quarantined, [3ae4d9bcc2c88bab77bd028e847faa56],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}, Quarantined, [3ae4d9bcc2c88bab77bd028e847faa56],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}, Quarantined, [3ae4d9bcc2c88bab77bd028e847faa56],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{0BD19251-4B4B-4B94-AB16-617106245BB7}, Quarantined, [3ae4d9bcc2c88bab77bd028e847faa56],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}, Quarantined, [3ae4d9bcc2c88bab77bd028e847faa56],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}, Quarantined, [3ae4d9bcc2c88bab77bd028e847faa56],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{44B29DDD-CF7A-454A-A275-A322A398D93F}, Quarantined, [3ae4d9bcc2c88bab77bd028e847faa56],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}, Quarantined, [3ae4d9bcc2c88bab77bd028e847faa56],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}, Quarantined, [3ae4d9bcc2c88bab77bd028e847faa56],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{B2DB115C-8278-4947-9A07-57B53D1C4215}, Quarantined, [3ae4d9bcc2c88bab77bd028e847faa56],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{B97FC455-DB33-431D-84DB-6F1514110BD5}, Quarantined, [3ae4d9bcc2c88bab77bd028e847faa56],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}, Quarantined, [3ae4d9bcc2c88bab77bd028e847faa56],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{E72E9312-0367-4216-BFC7-21485FA8390B}, Quarantined, [3ae4d9bcc2c88bab77bd028e847faa56],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}, Quarantined, [3ae4d9bcc2c88bab77bd028e847faa56],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}, Quarantined, [3ae4d9bcc2c88bab77bd028e847faa56],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TypeLib\{FBC322D5-407E-4854-8C0B-555B951FD8E3}, Quarantined, [cc520095f1998bab6fc51e7258abca36],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TypeLib\{FBC322D5-407E-4854-8C0B-555B951FD8E3}, Quarantined, [1509abea0a802b0b87ad523e0ff43ac6],
PUP.Optional.AdPeak.A, HKLM\SOFTWARE\LevelQualityWatcher, Quarantined, [ae709ff6107a67cfeae311f5ed1708f8],
PUP.Optional.Vosteran.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\oilkkkefbalmbfppgjmgjoefbclebkce, Quarantined, [9589a2f331593ff7df38ab40a85b52ae],
PUP.Optional.InstallBrain.A, HKLM\SOFTWARE\WOW6432NODE\InstallIQ, Quarantined, [ab735342d3b746f0a1ac6eb2c63e1be5],
PUP.Optional.DownloadTerms.A, HKLM\SOFTWARE\WOW6432NODE\DOWNLOADTERMS, Quarantined, [c856870e25652610ec570958957003fd],
PUP.Optional.Vosteran.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\oilkkkefbalmbfppgjmgjoefbclebkce, Quarantined, [1e001283f991e0565fb8915a679c8b75],
PUP.Optional.DefaultTab.A, HKU\S-1-5-18\SOFTWARE\DefaultTab, Quarantined, [011dc9ccf49647ef886195587093c937],
PUP.Optional.ClickNMark.A, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\click-n-mark-4, Quarantined, [5dc15e3796f43df9306569b05ca83ac6],
PUP.Optional.DefaultTab.A, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\DefaultTab, Quarantined, [7f9fa2f35c2e65d15f6fc464ff0517e9],
PUP.Optional.Adpeak, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\Scorpion Saver, Quarantined, [8e90682dc4c63df98ff3d551a65e6898],
PUP.Optional.Vosteran.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\Vosteran Browser, Quarantined, [e539f3a2c8c220161d116d7b7e85b050],
PUP.Optional.DownloadTerms.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\DOWNLOADTERMS, Quarantined, [42dc0a8b424868ce7bc92e3354b1ab55],
PUP.Optional.Vosteran.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\oilkkkefbalmbfppgjmgjoefbclebkce, Quarantined, [8896ddb8e4a6bb7b8d8b5f8c9b6854ac],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\INSTALLCORE\1I1T1Q1S, Quarantined, [54cab5e0494132048b6362c3867e738d],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\INSTALLCORE, Quarantined, [19054550b1d974c24671b5868f76748c],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3118EDE7-FA3F-4BFE-ACC1-10F1F9ECD262}, Quarantined, [70aee8ad8505b1859f5cb9b65baa6898],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{32B6B063-F747-480B-81CC-D71BF26F7122}, Quarantined, [64bad7becdbd3402708ae58aee17926e],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4279A2C4-7F38-4CC8-9D11-28E6AD1CDB9C}, Quarantined, [51cd563f6129d0661ae1650a13f2f40c],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5CA301C6-96AB-43B9-8C6E-D445DCE5A8DE}, Quarantined, [3fdf3c5971198caa9c5e294614f144bc],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{70B660CC-5C73-4A3E-8FAE-BFAD9DE916E4}, Quarantined, [829cbfd61b6fa294fffba5ca37ce9e62],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7ABBF4FA-3866-4DD0-8EFC-E9B96B937519}, Quarantined, [031b96ff533780b6807a224dd82d6c94],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7EAD7DCF-F8D8-4C36-9048-7E4E45CC29EF}, Quarantined, [c05e45500c7ee6500af194dbef16fd03],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{920D20A6-B63B-4798-B28B-45E57415107A}, Quarantined, [1509ddb8107a56e0c13a99d67a8b629e],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{95B82DA4-7955-45D2-80B3-3F1772B38CD4}, Quarantined, [44daace9d6b4290d4bb0bab5b84de818],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A76A305A-3A46-40B2-9A35-7F3EFC61A5AE}, Quarantined, [d945ccc933571e1805f647285ea7629e],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AA3FDC37-40B4-4EB5-8326-AE5A15E0D099}, Quarantined, [819d0590b8d264d227d4beb1ac59aa56],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B5D1E3C0-6397-4B36-866F-42FC304841DF}, Quarantined, [d6480293236737ffdf1bd996a065e51b],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C67572F3-F3E7-404B-B0EA-51A7888B50B9}, Quarantined, [b668a1f4bfcbf93d9f5c412ec73ec23e],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C95AF3BF-B223-408D-BDD7-8E3D66BF787A}, Quarantined, [7da14a4b8efcf73fef0c0966a461ac54],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CAC6A7C7-6D09-49F8-82CD-4BE8C2CC8CA2}, Quarantined, [51cd02933f4b8aac85754e210df8f50b],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CD35DFF5-3988-47B6-B516-75A63356D7C0}, Quarantined, [77a71b7ab3d780b6af4b0867867ffe02],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D1793F9B-1F9D-44BA-B55F-E98EC78DA756}, Quarantined, [74aa3263800a37ffbd3d56197b8a5ea2],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E564D066-87A5-4381-B298-CE8A371344A0}, Quarantined, [0e10880dcebcc2746497fb7408fd42be],

Registry Values: 22
PUP.Optional.DownloadTerms.A, HKLM\SOFTWARE\WOW6432NODE\DOWNLOADTERMS|age, 1369540800, Quarantined, [c856870e25652610ec570958957003fd]
PUP.Optional.Vosteran.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\WSE_Vosteran\\, Quarantined, [1d0171248802f343b935ab2ca85b57a9]
PUP.Optional.DownloadTerms.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\DOWNLOADTERMS|age, 1369540800, Quarantined, [42dc0a8b424868ce7bc92e3354b1ab55]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\INSTALLCORE|tb, 0M2P0U0F0B1O1O1G, Quarantined, [19054550b1d974c24671b5868f76748c]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3118EDE7-FA3F-4BFE-ACC1-10F1F9ECD262}|AppName, click-n-mark-4-enabler.exe-codedownloader.exe, Quarantined, [70aee8ad8505b1859f5cb9b65baa6898]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{32B6B063-F747-480B-81CC-D71BF26F7122}|AppName, click-n-mark-4-enabler.exe-buttonutil.exe, Quarantined, [64bad7becdbd3402708ae58aee17926e]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4279A2C4-7F38-4CC8-9D11-28E6AD1CDB9C}|AppName, click-n-mark-4-enabler.exe-codedownloader.exe, Quarantined, [51cd563f6129d0661ae1650a13f2f40c]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5CA301C6-96AB-43B9-8C6E-D445DCE5A8DE}|AppName, click-n-mark-4-enabler.exe-buttonutil.exe, Quarantined, [3fdf3c5971198caa9c5e294614f144bc]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{70B660CC-5C73-4A3E-8FAE-BFAD9DE916E4}|AppName, click-n-mark-4-enabler.exe-buttonutil.exe, Quarantined, [829cbfd61b6fa294fffba5ca37ce9e62]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7ABBF4FA-3866-4DD0-8EFC-E9B96B937519}|AppName, click-n-mark-4-enabler.exe-buttonutil.exe, Quarantined, [031b96ff533780b6807a224dd82d6c94]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7EAD7DCF-F8D8-4C36-9048-7E4E45CC29EF}|AppName, click-n-mark-4-enabler.exe-codedownloader.exe, Quarantined, [c05e45500c7ee6500af194dbef16fd03]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{920D20A6-B63B-4798-B28B-45E57415107A}|AppName, click-n-mark-4-enabler.exe-codedownloader.exe, Quarantined, [1509ddb8107a56e0c13a99d67a8b629e]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{95B82DA4-7955-45D2-80B3-3F1772B38CD4}|AppName, click-n-mark-4-enabler.exe-codedownloader.exe, Quarantined, [44daace9d6b4290d4bb0bab5b84de818]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A76A305A-3A46-40B2-9A35-7F3EFC61A5AE}|AppName, click-n-mark-4-enabler.exe-codedownloader.exe, Quarantined, [d945ccc933571e1805f647285ea7629e]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AA3FDC37-40B4-4EB5-8326-AE5A15E0D099}|AppName, click-n-mark-4-enabler.exe-codedownloader.exe, Quarantined, [819d0590b8d264d227d4beb1ac59aa56]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B5D1E3C0-6397-4B36-866F-42FC304841DF}|AppName, click-n-mark-4-enabler.exe-buttonutil.exe, Quarantined, [d6480293236737ffdf1bd996a065e51b]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C67572F3-F3E7-404B-B0EA-51A7888B50B9}|AppName, click-n-mark-4-enabler.exe-codedownloader.exe, Quarantined, [b668a1f4bfcbf93d9f5c412ec73ec23e]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C95AF3BF-B223-408D-BDD7-8E3D66BF787A}|AppName, click-n-mark-4-enabler.exe-codedownloader.exe, Quarantined, [7da14a4b8efcf73fef0c0966a461ac54]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CAC6A7C7-6D09-49F8-82CD-4BE8C2CC8CA2}|AppName, click-n-mark-4-enabler.exe-buttonutil.exe, Quarantined, [51cd02933f4b8aac85754e210df8f50b]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CD35DFF5-3988-47B6-B516-75A63356D7C0}|AppName, click-n-mark-4-enabler.exe-buttonutil.exe, Quarantined, [77a71b7ab3d780b6af4b0867867ffe02]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D1793F9B-1F9D-44BA-B55F-E98EC78DA756}|AppName, click-n-mark-4-enabler.exe-buttonutil.exe, Quarantined, [74aa3263800a37ffbd3d56197b8a5ea2]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2912795306-1733492519-829098707-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E564D066-87A5-4381-B298-CE8A371344A0}|AppName, click-n-mark-4-enabler.exe-codedownloader.exe, Quarantined, [0e10880dcebcc2746497fb7408fd42be]

Registry Data: 0
(No malicious items detected)

Folders: 135
PUP.Optional.ClickNMark.A, C:\Users\Tonis\AppData\LocalLow\click-n-mark-4, Quarantined, [27f710853d4db58154659c0e1ee519e7],
PUP.Optional.CrossRider.A, C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fbmjnghkkijbdbiibkjehjhkioonamgn, Quarantined, [3fdf4352bbcf21153de34d67946f1ee2],
PUP.Optional.PayByAds.A, C:\Users\Tonis\AppData\Local\Pay-By-Ads, Quarantined, [c05e5c395337f34300bf6c4bc53ef907],
PUP.Optional.PayByAds.A, C:\Users\Tonis\AppData\Local\Pay-By-Ads\Yahoo! Search, Quarantined, [c05e5c395337f34300bf6c4bc53ef907],
PUP.Optional.PayByAds.A, C:\Users\Tonis\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.24.4, Quarantined, [c05e5c395337f34300bf6c4bc53ef907],
PUP.Optional.Conduit.A, C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_kldbiondcoemmofebkcgcnbigliglcnl_0, Quarantined, [c25cdabb0387ab8b32eb596716edc13f],
PUP.Optional.Conduit.A, C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kldbiondcoemmofebkcgcnbigliglcnl, Quarantined, [9688f4a15139cd69e03eab15af54a45c],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\databases, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\IndexedDB, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\IndexedDB\chrome-extension_bjaelnipcipenlfdoncdclohekeglkac_0.indexeddb.leveldb, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\JumpListIcons, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\JumpListIconsOld, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Extension Settings, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Session Storage, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\User StyleSheets, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\facebook, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\facebook\images, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\facebook\images\carousel, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\facebook\images\carousel\screenshots, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\data, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\blackfriday, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\weather, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\weather\images, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\css, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\about, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\apps, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\clean, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\discovery, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\favorites, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\ftue, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\icons, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\icons\pageAction, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\image-upload, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\loaders, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\notifications, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\phone, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\review-gifs, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\review-gifs\cat, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\search, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\bubbles, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\buttons, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\city, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\clean, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\disco, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\fishing, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\forest, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\mountains, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\planets, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\sea, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\space, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\strips, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\sunset, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\user, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\js, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\lib, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\locales, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\_locales, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\_locales\ar, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\_locales\de, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\_locales\en, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\_locales\es, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\_locales\fr, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\_locales\he, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\_locales\it, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\_locales\ja, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\_locales\nl, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\_locales\pl, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\_locales\pt_BR, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\_locales\ru, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\_locales\tr, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\css, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\html, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\images, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\bg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ca, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\cs, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\da, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\de, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\el, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\en, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\en_GB, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\es, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\es_419, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\et, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\fi, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\fil, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\fr, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\hi, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\hr, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\hu, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\id, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\it, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ja, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ko, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\lt, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\lv, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\nb, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\nl, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\pl, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\pt_BR, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\pt_PT, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ro, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ru, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sk, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sl, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sr, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sv, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\th, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\tr, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\uk, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\vi, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\zh_CN, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\zh_TW, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_metadata, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\GPUCache, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\pnacl, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.SolutionReal.A, C:\Program Files (x86)\Solution Real, Quarantined, [7da1c9ccfa90db5b973636962bd88878],
PUP.Optional.SolutionReal.A, C:\Program Files (x86)\Solution Real\bin, Quarantined, [7da1c9ccfa90db5b973636962bd88878],

Files: 709
PUP.Optional.AdvancedSystemProtector, C:\Windows\System32\sasnative64.exe, Quarantined, [140a266f38520234538b9837d42d3dc3],
PUP.Optional.SafeInstall.A, C:\Users\Tonis\Downloads\adobeflashplayerinstaller_setup.exe, Quarantined, [d24c01945f2b8babe296354bd42d4db3],
PUP.Optional.InstallCore.SID.A, C:\Users\Tonis\Downloads\installer_adobe_flash_player_English(1).exe, Quarantined, [59c502931c6efb3b6fc305578680fc04],
PUP.Optional.InstallCore.SID.A, C:\Users\Tonis\Downloads\installer_adobe_flash_player_English.exe, Quarantined, [68b66332a6e4e84e6fc3d08ce32347b9],
PUP.Optional.SafeInstall.A, C:\Users\Tonis\Downloads\java.exe, Quarantined, [f02e078e197122147602e0a04eb35ca4],
PUP.Optional.iBryte, C:\Users\Tonis\AppData\Local\d333b3b2-ef01-4015-90c0-a9100211db09\install_temp.exe, Quarantined, [55c900959eec2d093bdca7aa976b6a96],
PUP.Optional.ClickNMark.A, C:\Users\Tonis\AppData\LocalLow\click-n-mark-4\DTFProxyToServerSect_bCrossriderApp0045180_p10524.dat, Quarantined, [27f710853d4db58154659c0e1ee519e7],
PUP.Optional.ClickNMark.A, C:\Users\Tonis\AppData\LocalLow\click-n-mark-4\DTFProxyToServerSect_bCrossriderApp0045180_p12316.dat, Quarantined, [27f710853d4db58154659c0e1ee519e7],
PUP.Optional.ClickNMark.A, C:\Users\Tonis\AppData\LocalLow\click-n-mark-4\DTFProxyToServerSect_bCrossriderApp0045180_p14676.dat, Quarantined, [27f710853d4db58154659c0e1ee519e7],
PUP.Optional.ClickNMark.A, C:\Users\Tonis\AppData\LocalLow\click-n-mark-4\DTFProxyToServerSect_bCrossriderApp0045180_p4276.dat, Quarantined, [27f710853d4db58154659c0e1ee519e7],
PUP.Optional.ClickNMark.A, C:\Users\Tonis\AppData\LocalLow\click-n-mark-4\DTFProxyToServerSect_bCrossriderApp0045180_p5456.dat, Quarantined, [27f710853d4db58154659c0e1ee519e7],
PUP.Optional.ClickNMark.A, C:\Users\Tonis\AppData\LocalLow\click-n-mark-4\DTFProxyToServerSect_bCrossriderApp0045180_p8256.dat, Quarantined, [27f710853d4db58154659c0e1ee519e7],
PUP.Optional.CrossRider.A, C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fbmjnghkkijbdbiibkjehjhkioonamgn\000005.ldb, Quarantined, [3fdf4352bbcf21153de34d67946f1ee2],
PUP.Optional.CrossRider.A, C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fbmjnghkkijbdbiibkjehjhkioonamgn\000008.ldb, Quarantined, [3fdf4352bbcf21153de34d67946f1ee2],
PUP.Optional.CrossRider.A, C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fbmjnghkkijbdbiibkjehjhkioonamgn\000017.ldb, Quarantined, [3fdf4352bbcf21153de34d67946f1ee2],
PUP.Optional.CrossRider.A, C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fbmjnghkkijbdbiibkjehjhkioonamgn\000024.log, Quarantined, [3fdf4352bbcf21153de34d67946f1ee2],
PUP.Optional.CrossRider.A, C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fbmjnghkkijbdbiibkjehjhkioonamgn\CURRENT, Quarantined, [3fdf4352bbcf21153de34d67946f1ee2],
PUP.Optional.CrossRider.A, C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fbmjnghkkijbdbiibkjehjhkioonamgn\LOCK, Quarantined, [3fdf4352bbcf21153de34d67946f1ee2],
PUP.Optional.CrossRider.A, C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fbmjnghkkijbdbiibkjehjhkioonamgn\LOG, Quarantined, [3fdf4352bbcf21153de34d67946f1ee2],
PUP.Optional.CrossRider.A, C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fbmjnghkkijbdbiibkjehjhkioonamgn\LOG.old, Quarantined, [3fdf4352bbcf21153de34d67946f1ee2],
PUP.Optional.CrossRider.A, C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fbmjnghkkijbdbiibkjehjhkioonamgn\MANIFEST-000022, Quarantined, [3fdf4352bbcf21153de34d67946f1ee2],
PUP.Optional.Conduit.A, C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_kldbiondcoemmofebkcgcnbigliglcnl_0\3, Quarantined, [c25cdabb0387ab8b32eb596716edc13f],
PUP.Optional.Conduit.A, C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kldbiondcoemmofebkcgcnbigliglcnl\000028.log, Quarantined, [9688f4a15139cd69e03eab15af54a45c],
PUP.Optional.Conduit.A, C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kldbiondcoemmofebkcgcnbigliglcnl\000029.ldb, Quarantined, [9688f4a15139cd69e03eab15af54a45c],
PUP.Optional.Conduit.A, C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kldbiondcoemmofebkcgcnbigliglcnl\CURRENT, Quarantined, [9688f4a15139cd69e03eab15af54a45c],
PUP.Optional.Conduit.A, C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kldbiondcoemmofebkcgcnbigliglcnl\LOCK, Quarantined, [9688f4a15139cd69e03eab15af54a45c],
PUP.Optional.Conduit.A, C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kldbiondcoemmofebkcgcnbigliglcnl\LOG, Quarantined, [9688f4a15139cd69e03eab15af54a45c],
PUP.Optional.Conduit.A, C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kldbiondcoemmofebkcgcnbigliglcnl\LOG.old, Quarantined, [9688f4a15139cd69e03eab15af54a45c],
PUP.Optional.Conduit.A, C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kldbiondcoemmofebkcgcnbigliglcnl\MANIFEST-000026, Quarantined, [9688f4a15139cd69e03eab15af54a45c],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Certificate Revocation Lists, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Local State, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\History-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\QuotaManager-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Archived History, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Archived History-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Bookmarks, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Bookmarks.bak, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cookies, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cookies-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Current Session, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Current Tabs, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Last Session, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Last Tabs, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Network Action Predictor, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Network Action Predictor-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Origin Bound Certs, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Origin Bound Certs-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Preferences, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\QuotaManager, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\README, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Shortcuts, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Shortcuts-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Top Sites, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Top Sites-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Visited Links, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Web Data, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Web Data-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extension Cookies, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extension Cookies-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Favicons, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Favicons-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Google Profile.ico, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\History, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\History Provider Cache, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_000011, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\data_0, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\data_1, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\data_2, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\data_3, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_000001, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_000002, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_000003, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_000004, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_000005, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_000006, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_000008, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_000009, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_00000a, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_00000b, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_00000c, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_00000d, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_00000e, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_00000f, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_000010, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_000012, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_000013, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_000014, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_000015, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_000016, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_000017, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_000018, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_000019, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_00001a, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_00001b, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_00001c, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_00001d, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_00001f, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_000020, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_000021, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_000022, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_000023, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_000024, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_000025, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_000026, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_000027, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_000028, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_000029, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_00002a, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_00002b, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_00002c, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_00002d, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\f_00002e, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Cache\index, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\databases\Databases.db, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\databases\Databases.db-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\IndexedDB\chrome-extension_bjaelnipcipenlfdoncdclohekeglkac_0.indexeddb.leveldb\000029.ldb, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\IndexedDB\chrome-extension_bjaelnipcipenlfdoncdclohekeglkac_0.indexeddb.leveldb\000031.ldb, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\IndexedDB\chrome-extension_bjaelnipcipenlfdoncdclohekeglkac_0.indexeddb.leveldb\000032.log, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\IndexedDB\chrome-extension_bjaelnipcipenlfdoncdclohekeglkac_0.indexeddb.leveldb\CURRENT, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\IndexedDB\chrome-extension_bjaelnipcipenlfdoncdclohekeglkac_0.indexeddb.leveldb\LOCK, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\IndexedDB\chrome-extension_bjaelnipcipenlfdoncdclohekeglkac_0.indexeddb.leveldb\LOG, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\IndexedDB\chrome-extension_bjaelnipcipenlfdoncdclohekeglkac_0.indexeddb.leveldb\LOG.old, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\IndexedDB\chrome-extension_bjaelnipcipenlfdoncdclohekeglkac_0.indexeddb.leveldb\MANIFEST-000030, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\JumpListIcons\F96C.tmp, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\JumpListIcons\F96D.tmp, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\JumpListIconsOld\8544.tmp, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\JumpListIconsOld\8545.tmp, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\chrome-extension_bjaelnipcipenlfdoncdclohekeglkac_0.localstorage, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\chrome-extension_cbjibcbpmbcabnfnohhgjjmkgkimajko_0.localstorage, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\chrome-extension_cbjibcbpmbcabnfnohhgjjmkgkimajko_0.localstorage-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\chrome-extension_fbmjnghkkijbdbiibkjehjhkioonamgn_0.localstorage, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\chrome-extension_fbmjnghkkijbdbiibkjehjhkioonamgn_0.localstorage-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\chrome-extension_fnopmpmeehlabkfhidnechiihgpfoaif_0.localstorage, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\chrome-extension_hphehadppenpmajgnkjdcopcfijjegaf_0.localstorage, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\chrome-extension_kldbiondcoemmofebkcgcnbigliglcnl_0.localstorage, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\chrome-extension_kldbiondcoemmofebkcgcnbigliglcnl_0.localstorage-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\chrome-extension_klibnahbojhkanfgaglnlalfkgpcppfi_0.localstorage, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\chrome-extension_klibnahbojhkanfgaglnlalfkgpcppfi_0.localstorage-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\chrome-extension_oilkkkefbalmbfppgjmgjoefbclebkce_0.localstorage, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\https_www.youtube-nocookie.com_0.localstorage, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\https_www.youtube-nocookie.com_0.localstorage-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_aartemis.com_0.localstorage, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_aartemis.com_0.localstorage-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_api28.starwebnet.com_0.localstorage, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_api28.starwebnet.com_0.localstorage-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_api29.starwebnet.com_0.localstorage, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_api29.starwebnet.com_0.localstorage-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\chrome-extension_fnopmpmeehlabkfhidnechiihgpfoaif_0.localstorage-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\https_www.google.com_0.localstorage-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_api30.starwebnet.com_0.localstorage, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_disqus.com_0.localstorage-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_www.anvisoft.com_0.localstorage-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_api30.starwebnet.com_0.localstorage-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_api31.starwebnet.com_0.localstorage, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_api31.starwebnet.com_0.localstorage-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_api32.starwebnet.com_0.localstorage, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_api32.starwebnet.com_0.localstorage-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_bh.contextweb.com_0.localstorage, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_bh.contextweb.com_0.localstorage-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_bossip.com_0.localstorage, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_bossip.com_0.localstorage-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_cap1.conduit-apps.com_0.localstorage, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_cap1.conduit-apps.com_0.localstorage-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_connexity.net_0.localstorage, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_connexity.net_0.localstorage-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_ddts0bzupd01y.cloudfront.net_0.localstorage, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_ddts0bzupd01y.cloudfront.net_0.localstorage-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_disqus.com_0.localstorage, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_java.com_0.localstorage, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_java.com_0.localstorage-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_pstatic.eshopcomp.com_0.localstorage, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_pstatic.eshopcomp.com_0.localstorage-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_store.apple.com_0.localstorage, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_store.apple.com_0.localstorage-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_www.22find.com_0.localstorage, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_www.22find.com_0.localstorage-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_www.anvisoft.com_0.localstorage, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\https_api.solutionreal.com_0.localstorage, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\https_api.solutionreal.com_0.localstorage-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\https_connexity.net_0.localstorage, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\https_connexity.net_0.localstorage-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\https_facebook.conduitapps.com_0.localstorage, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\https_facebook.conduitapps.com_0.localstorage-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\https_hdapp1008-a.akamaihd.net_0.localstorage, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\https_hdapp1008-a.akamaihd.net_0.localstorage-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\https_www.facebook.com_0.localstorage, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\https_www.facebook.com_0.localstorage-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\https_www.google.com_0.localstorage, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_www.bing.com_0.localstorage, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_www.bing.com_0.localstorage-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_www.geekstogo.com_0.localstorage, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_www.geekstogo.com_0.localstorage-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_www.socialgrowthtechnologies.com_0.localstorage, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_www.socialgrowthtechnologies.com_0.localstorage-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Session Storage\000032.ldb, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Session Storage\000034.ldb, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Session Storage\000037.ldb, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Session Storage\000040.ldb, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Session Storage\000041.log, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Session Storage\CURRENT, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Session Storage\LOCK, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Session Storage\LOG, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Session Storage\LOG.old, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Session Storage\MANIFEST-000039, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\User StyleSheets\Custom.css, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\background.html, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\manifest.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\newtab.html, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\opentab.html, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\facebook\images\carousel\comp.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\facebook\images\carousel\phone-frame.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\facebook\images\carousel\phone.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\facebook\images\carousel\screenshots\0-mobile.jpg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\facebook\images\carousel\screenshots\0.jpg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\facebook\images\carousel\screenshots\1-mobile.jpg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\facebook\images\carousel\screenshots\1.jpg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\facebook\images\carousel\screenshots\2-mobile.jpg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\facebook\images\carousel\screenshots\2.jpg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\facebook\images\carousel\screenshots\3-mobile.jpg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\facebook\images\carousel\screenshots\3.jpg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\facebook\images\carousel\screenshots\4-mobile.jpg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\facebook\images\carousel\screenshots\4.jpg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\facebook\images\carousel\screenshots\5-mobile.jpg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\facebook\images\carousel\screenshots\5.jpg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\data\gallery.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\9gag.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\afterDownload.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\aim.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\aim_alt.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\aliexpress.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\amazon.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\apple.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\app_store.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\arto.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\aws.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\baidu.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\basecamp.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\bebo.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\behance.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\bing.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\blip.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\blogger.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\bnter.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\booking.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\brightkite.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\castPlatform.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\cinch.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\cloudapp.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\coroflot.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\creative_commons.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\dailybooth.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\delicious.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\designfloat.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\designmoo.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\deviantart.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\digg.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\digg_alt.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\diigo.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\dribbble.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\dropbox.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\drupal.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\dx.jpg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\dzone.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\ebay.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\ember.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\etsy.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\expedia.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\facebook.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\facebook.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\facebook_alt.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\facebook_places.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\facto.me.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\feedburner.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\flickr.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\folkd.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\formspring.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\forrst.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\foursquare.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\foxtab.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\friendfeed.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\friendster.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\funmoods.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\gameo.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\gameo.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\gdgt.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\github.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\github_alt.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\gmail.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\goodreads.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\goodWeather.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\google-drive.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\google_buzz.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\google_talk.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\gowalla.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\gowalla_alt.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\grooveshark.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\hacker_news.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\hi5.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\hype_machine.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\hyves.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\icq.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\identi.ca.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\designbump.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\evernote.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\google.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\iS-linkedin.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\livejournal.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\newsvine.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\playstation.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\whatsapp.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\installCore.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\instapaper.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\ironSource.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\iS-bizcards.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\iS-confluence.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\iS-employeeGuide.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\iS-facebook.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\iS-googleplus.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\iS-jira.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\iS-news.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\iS-presence.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\iS-signature.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\iS-twitter.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\itunes.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\jira.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\kik.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\krop.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\kudosKit.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\last.fm.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\linkedin.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\linkedin_alt.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\lovedsgn.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\meetup.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\metacafe.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\ming.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\mister_wong.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\mixx.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\mixx_alt.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\mobileCore.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\mobileme.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\msn_messenger.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\myspace.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\myspace_alt.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\netflix.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\noaa.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\nytimes.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\official.fm.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\openid.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\orkut.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\pandora.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\path.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\paypal.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\photobucket.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\picasa.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\picassa.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\pinboard.in.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\ping.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\pingchat.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\pivotal.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\plixi.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\plurk.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\podcast.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\posterous.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\qik.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\quik.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\quora.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\rdio.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\readernaut.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\reddit.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\retweet.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\robo.to.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\rss.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\salesforce.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\savefront.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\savefront.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\scribd.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\sharethis.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\simplenote.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\skype.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\slashdot.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\slideshare.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\smugmug.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\soundcloud.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\spearmintBrowser.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\spotify.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\spotsMagic.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\squarespace.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\squidoo.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\steam.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\stumbleupon.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\technorati.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\theweatherchannel.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\threewords.me.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\trello.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\tribe.net.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\tripadvisor.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\tripit.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\tumblr.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\tweaks-soft.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\twitter.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\twitter_alt.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\twitter_old.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\vcard.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\viddler.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\vimeo.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\virb.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\w3.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\weatherbug.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\wikipedia.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\windows.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\wists.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\wordpress.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\wordpress_alt.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\xing.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\yahoo!_buzz.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\yahoo!_messenger.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\yahoo.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\yelp.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\youtube.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\youtube_alt.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\zerply.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\zootool.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\zynga.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\blackfriday\amazon.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\blackfriday\bestbuy.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\blackfriday\kmart.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\blackfriday\newegg.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\blackfriday\overstock.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\blackfriday\samsung.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\blackfriday\target.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\gallery\images\blackfriday\wallmart.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\weather\images\clock-icon-small-black.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\weather\images\clock-icon-small.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\weather\images\cloud-icon-small-black.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\weather\images\cloud-icon-small.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\weather\images\icons-black.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\app\spots\weather\images\icons.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\css\jquery-ui-1.10.3.custom.min.css, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\css\newtab.css, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\css\normalize.css, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\css\opentab.css, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\css\opentab_global.css, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\close-btn.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\close_80x80.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\default-image-grey.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\default-image.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\default-image.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\powered-by-google.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\about\spotsbeta.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\apps\android-white.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\apps\download.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\apps\star.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\apps\star_full.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\clean\add.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\clean\chrome_apps.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\clean\menu-icon.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\clean\profile.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\clean\recently.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\clean\search.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\clean\searchb.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\clean\sms.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\discovery\arrow-down-active.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\discovery\arrow-down.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\discovery\discovery_facebook.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\favorites\add-item-icon-black.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\favorites\add-item-icon.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\favorites\arrow-down.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\favorites\arrow-up.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\favorites\edit-item-icon.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\favorites\new-tab.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\favorites\plus-black.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\favorites\plus-white.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\favorites\remove-item-icon.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\ftue\arrow-up.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\ftue\ftue-finish-icon.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\ftue\ftue-phone.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\ftue\search-bar.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\icons\128.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\icons\16.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\icons\48.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\icons\arrow-down.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\icons\logo.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\icons\v-icon.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\icons\whitelogo.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\icons\x-icon.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\icons\pageAction\19x19.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\icons\pageAction\19x19b.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\icons\pageAction\38x38.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\icons\pageAction\38x38b.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\image-upload\computer.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\image-upload\screenshot1.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\image-upload\screenshot2.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\image-upload\screenshot3.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\image-upload\screenshot4.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\image-upload\warning.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\loaders\loader.swf, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\loaders\loader_white.swf, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\notifications\birthday-black.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\notifications\birthday.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\notifications\dismiss-icon-black.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\notifications\dismiss-icon.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\notifications\event-black.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\notifications\event.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\notifications\minimize.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\phone\em-clean.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\phone\!.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\phone\android-clean.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\phone\android.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\phone\call-clean.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\phone\call.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\phone\close-chat-clean.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\phone\close-chat.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\phone\contact-default-clean.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\phone\contact-default.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\phone\contact-opacity.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\phone\hangup-black.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\phone\hangup-clean.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\phone\hangup.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\phone\phone-welcome-dismiss-icon-clean.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\phone\phone-welcome-dismiss-icon.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\phone\phone_icon-clean.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\phone\phone_icon.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\phone\phone_preview-clean.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\phone\phone_preview.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\phone\search-call-black.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\phone\search-call-clean.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\phone\search-call.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\phone\search-clean.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\phone\search.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\phone\sms-black.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\phone\sms-clean.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\phone\sms.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\review-gifs\plane.gif, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\review-gifs\rating-star.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\review-gifs\cat\cat_1.gif, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\review-gifs\cat\cat_2.gif, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\review-gifs\cat\cat_3.gif, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\review-gifs\cat\cat_4.gif, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\review-gifs\cat\cat_5.gif, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\search\bookmark-icon-black.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\search\bookmark-icon-white.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\search\calculator-icon-black.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\search\calculator-icon-white.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\search\hangup.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\search\navigation-icon-black.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\search\navigation-icon-white.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\search\phone_preview.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\search\plus-dark-sm.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\search\remove-dark-sm.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\search\search-black.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\search\search-icon-black.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\search\search-icon-white.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\search\search.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\search\sms.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\search\web-result-icon-black.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\search\web-result-icon-white.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\bubbles\bg.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\bubbles\footer.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\bubbles\thumb.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\buttons\bg.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\buttons\footer.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\buttons\thumb.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\city\bg.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\city\footer.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\city\thumb.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\clean\thumb.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\disco\bg.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\disco\footer.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\disco\thumb.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\fishing\bg.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\fishing\footer.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\fishing\thumb.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\forest\bg.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\forest\footer.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\forest\thumb.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\mountains\bg.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\mountains\footer.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\mountains\thumb.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\planets\bg.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\planets\footer.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\planets\thumb.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\sea\bg.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\sea\footer.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\sea\thumb.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\space\bg.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\space\footer.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\space\thumb.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\strips\bg.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\strips\footer.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\strips\thumb.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\sunset\bg.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\sunset\footer.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\themes\sunset\thumb.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\user\login.svg, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\img\user\menu-icon.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\js\background.js, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\js\bootstrap.js, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\js\newtab.js, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\js\opentab.js, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\lib\jquery.inview.min.js, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\lib\aes.js, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\lib\angular-animate.min.js, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\lib\angular-route.min.js, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\lib\angular.min.js, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\lib\async.min.js, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\lib\aws-sdk-2.0.0-rc9.min.js, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\lib\eventsource.min.js, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\lib\idbstore.min.js, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\lib\jquery-2.1.1.min.js, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\lib\jquery-ui-1.10.3.custom.min.js, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\lib\js-canvas-to-blob.js, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\lib\lodash.underscore.min.js, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\lib\md5.js, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\lib\mixins.loadash.js, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\lib\moment-with-langs.min.js, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\lib\moment.min.js, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\lib\phoneformat.js, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\lib\sortable.js, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\lib\TweenMax.min.js, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\lib\utils.js, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\locales\i18n_de.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\locales\i18n_en.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\locales\i18n_es.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\locales\i18n_fr.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\locales\i18n_he.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\locales\i18n_it.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\locales\i18n_ja.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\locales\i18n_nl.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\locales\i18n_pl.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\locales\i18n_pt.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\locales\i18n_ru.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\locales\i18n_tr.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\_locales\ar\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\_locales\de\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\_locales\en\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\_locales\es\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\_locales\fr\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\_locales\he\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\_locales\it\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\_locales\ja\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\_locales\nl\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\_locales\pl\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\_locales\pt_BR\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\_locales\ru\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\bjaelnipcipenlfdoncdclohekeglkac\0.3.8_0\_locales\tr\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\craw_background.js, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\craw_window.js, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\manifest.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\css\craw_window.css, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\html\craw_window.html, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\images\flapper.gif, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\images\icon_128.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\images\icon_16.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\images\topbar_floating_button.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\images\topbar_floating_button_close.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\images\topbar_floating_button_hover.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\images\topbar_floating_button_maximize.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\images\topbar_floating_button_pressed.png, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\bg\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ca\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\cs\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\da\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\de\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\el\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\en\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\en_GB\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\es\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\es_419\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\et\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\fi\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\fil\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\fr\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\hi\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\hr\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\hu\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\id\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\it\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ja\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ko\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\lt\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\lv\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\nb\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\nl\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\pl\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\pt_BR\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\pt_PT\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ro\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ru\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sk\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sl\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sr\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sv\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\th\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\tr\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\uk\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\vi\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\zh_CN\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\zh_TW\messages.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_metadata\verified_contents.json, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\GPUCache\data_0, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\GPUCache\data_1, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\GPUCache\data_2, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\GPUCache\data_3, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.Vosteran.A, C:\Users\Tonis\AppData\Local\Vosteran\User Data\Default\GPUCache\index, Quarantined, [b866fc997614d85eceac1daabe454fb1],
PUP.Optional.SolutionReal.A, C:\Program Files (x86)\Solution Real\bin\utilSolutionReal.exe, Quarantined, [7da1c9ccfa90db5b973636962bd88878],
PUP.Optional.SearchSimple.A, C:\Users\Tonis\AppData\Roaming\Mozilla\Firefox\Profiles\b9gxxi44.default\prefs.js, Good: (), Bad: (user_pref("browser.startup.homepage", "http://q.search-simp.../?affID=na");),Replaced,[a975dabbfd8da393a9abafb5d1351ee2]

Physical Sectors: 0
(No malicious items detected)


(end)


  • 0

#12
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Excellent. Let's try AdwCleaner again. It should take no more than 10 minutes to run and that's on the very high side. If it gets stuck we'll do it in Safe mode. Let me know. Thanks.

 

AdWCleaner
1. Please download AdwCleaner by Xplode onto your desktop.
2. Close all open programs and internet browsers.
3. Right-click on AdwCleaner.exe and select Run as administrator to run the tool.
4. Click on Scan.
5. After the scan is complete click on "Cleaning"
6. Confirm each time with Ok.
7. Your computer will be rebooted automatically. A text file will open after the restart.
8. Please post the content of that logfile with your next answer.
9. If need be, you can also find the logfile at C:\AdwCleaner\AdwCleaner[S0].txt as well.


  • 0

#13
kepayne228

kepayne228

    Member

  • Topic Starter
  • Member
  • PipPip
  • 79 posts

HI,

 

ADW log

 

# AdwCleaner v4.204 - Logfile created 18/05/2015 at 20:39:37
# Updated 12/05/2015 by Xplode
# Database : 2015-05-12.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Tonis - TONIS-PC
# Running from : C:\Users\Tonis\Desktop\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\UpdateCommon
Folder Deleted : C:\ProgramData\Fighters
Folder Deleted : C:\ProgramData\Winferno
Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Fighters
Folder Deleted : C:\Program Files\Uninstaller
Folder Deleted : C:\Users\Tonis\AppData\LocalLow\HPAppData
Folder Deleted : C:\Users\Tonis\AppData\LocalLow\visi_coupon
Folder Deleted : C:\Users\Tonis\AppData\LocalLow\YahooCouponAddOn
File Deleted : C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_klibnahbojhkanfgaglnlalfkgpcppfi_0
File Deleted : C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\klibnahbojhkanfgaglnlalfkgpcppfi
File Deleted : C:\Users\Tonis\daemonprocess.txt

***** [ Scheduled tasks ] *****

Task Deleted : Advanced System Protector_startup
Task Deleted : PC-Mechanic Maintenance
Task Deleted : PC-Mechanic Startup

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ggebenakhmhfdkmkemdmllecchcldgec
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eefhnbpnnaaokmclnihgajdnlgljajjg
Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Activities\Search\ask.com
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCEE70C6-FA43-4B67-A889-80AF260D2435}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2FF49ED5-A3EF-410B-918E-97DECEB5996D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2FF49ED5-A3EF-410B-918E-97DECEB5996D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E7F49ED-8C94-4AAA-A407-3010D099B11A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B8445FED-900C-4137-AD15-DDD2F6306B62}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BB27DF2F-6F05-4A42-9FFD-14696D795750}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C00F4B2B-A33C-40FC-8E47-4D18DCD4B01E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9989BC14-9B5B-4B3B-8040-478FD1685E34}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{42CB7963-EFE0-4737-A927-CE076FAA3BA0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4B8E39FD-ED07-4A41-9681-3D78DAFCEE66}
Key Deleted : HKCU\Software\CoinisRS
Key Deleted : HKCU\Software\Fighters
Key Deleted : HKCU\Software\Winferno
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\aartemis.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\blekko.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mystart.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\reimageplus.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\vosteran.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.ask.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.reimageplus.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\yourtango.com
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17801


-\\ Mozilla Firefox v38.0.1 (x86 en-US)

[b9gxxi44.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://q.search-simple.com/?affID=na");
[b9gxxi44.default\prefs.js] - Line Deleted : user_pref("extensions.srchvstrn.hmpgUrl", "hxxp://vosteran.com/?f=1&a=vst_coinis_15_03_ff&cd=2XzuyEtN2Y1L1Qzu0CyEtCyB0F0EtCzz0AzyyB0E0E0CtBtDtN0D0Tzu0StCtCtCtBtN1L2XzutAtFyBtFtBtFtCtN1L1CzutCyEtBzytDy[...]
[b9gxxi44.default\prefs.js] - Line Deleted : user_pref("extensions.srchvstrn.newTabUrl", "hxxp://vosteran.com/?f=2&a=vst_coinis_15_03_ff&cd=2XzuyEtN2Y1L1Qzu0CyEtCyB0F0EtCzz0AzyyB0E0E0CtBtDtN0D0Tzu0StCtCtCtBtN1L2XzutAtFyBtFtBtFtCtN1L1CzutCyEtBzyt[...]
[b9gxxi44.default\prefs.js] - Line Deleted : user_pref("extensions.srchvstrn.tlbrSrchUrl", "hxxp://vosteran.com/?f=3&a=vst_coinis_15_03_ff&cd=2XzuyEtN2Y1L1Qzu0CyEtCyB0F0EtCzz0AzyyB0E0E0CtBtDtN0D0Tzu0StCtCtCtBtN1L2XzutAtFyBtFtBtFtCtN1L1CzutCyEtBz[...]

-\\ Google Chrome v42.0.2311.152

[C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=100000031&locale=en_US&apn_uid=5ABC77AE-7205-4FCD-A057-BED2C86B77EA&apn_ptnrs=TV&apn_sauid=1D3D05A5-AD32-4841-B18A-FA4FC4AD44AF&apn_dtid=OSJ000YYUS&q={searchTerms}
[C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN11815418621528293&ctid=CT3298570&UM=2
[C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
[C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites0101&cd=2XzuyEtN2Y1L1Qzu0CyEtCyB0F0EtCzz0AzyyB0E0E0CtBtDtN0D0Tzu0SyByEzztN1L2XzutBtFtBtFtCyDtFtCyDzytBtN1L1CzutDzytDtCtG1T&cr=1890211539&ir=
[C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://vosteran.com/results.php?f=4&q={searchTerms}&a=vst_coinis_15_03_ff&cd=2XzuyEtN2Y1L1Qzu0CyEtCyB0F0EtCzz0AzyyB0E0E0CtBtDtN0D0Tzu0StCtCtCtBtN1L2XzutAtFyBtFtBtFtCtN1L1CzutCyEtBzytDyD1V1BtAtN1L1G1B1V1N2Y1L1Qzu2StC0Czz0Dzz0FyC0DtG0EzzyEyBtGyCtD0EyBtG0AyCzztDtGtCyCyB0F0C0E0AtA0DtDyE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtA0E0D0Bzz0CyCtGtBtD0FtBtGyEtD0AtAtG0BzzyEyEtGtA0EyEtDzy0BtBtAyCtB0E0D2Q&cr=1182803608&ir=
[C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : ggebenakhmhfdkmkemdmllecchcldgec
[C:\Users\Tonis\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : eefhnbpnnaaokmclnihgajdnlgljajjg

*************************

AdwCleaner[R0].txt - [14734 bytes] - [18/05/2015 11:43:12]
AdwCleaner[R1].txt - [14850 bytes] - [18/05/2015 11:57:16]
AdwCleaner[R2].txt - [12002 bytes] - [18/05/2015 20:38:25]
AdwCleaner[S0].txt - [373 bytes] - [18/05/2015 11:44:42]
AdwCleaner[S1].txt - [371 bytes] - [18/05/2015 11:58:28]
AdwCleaner[S2].txt - [11900 bytes] - [18/05/2015 20:39:37]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [11960  bytes] ##########
 


  • 0

#14
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Much better. It was very infected with Adware. Now let's do the Junkware and a Security Check.

 

Step#1 - JRT
1. Download Junkware Removal Tool to your desktop.
1. Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
2. The tool will open and start scanning your system.
3. Please be patient as this can take a while to complete depending on your system's specifications.
4. On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
5. Close the text file and reboot your machine.
6. Post the contents of JRT.txt into your next message.

 

Step#2 - Security Check
1. Download Security Check from here or here or here.
2. Save it to your Desktop.
3. Right-click SecurityCheck.exe and select Run as administrator. Follow the onscreen instructions inside of the black box.
4. A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: Don't be alarmed if the process runs for 10 to 15 minutes before completing. If it runs for over 30 minutes, just close the program and try running it again.

NOTE: If SecurityCheck aborts and you get the following message: UNSUPPORTED OPERATING SYSTEM! ABORTED! try rebooting the system and then run SecurityCheck again.

 

 

Items for your next post

1. Junkware log

2. Security Check log


  • 0

#15
kepayne228

kepayne228

    Member

  • Topic Starter
  • Member
  • PipPip
  • 79 posts

Hello,

 

Below are the JRT and Security check logs

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.7.3 (05.18.2015:1)
OS: Windows 7 Home Premium x64
Ran by Tonis on Mon 05/18/2015 at 20:55:49.86
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{986E686F-22FB-4833-9656-50F52D7FF244}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update Jump Flip
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update Solution Real
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Util Jump Flip



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Tonis\appdata\local\{712B2299-9BC4-49CA-A91C-D941D07346C5}



~~~ FireFox

Successfully deleted the following from C:\Users\Tonis\AppData\Roaming\mozilla\firefox\profiles\b9gxxi44.default\prefs.js

user_pref(extensions.srchvstrn.prtnrId, WSE_Vosteran);
user_pref(extensions.srchvstrn.srchPrvdr, Vosteran);





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 05/18/2015 at 20:59:18.45
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

 

 

 

 

 Results of screen317's Security Check version 1.002  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Microsoft Security Essentials   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
 JavaFX 2.1.1    
 Java version 32-bit out of Date!
 Adobe Flash Player 17.0.0.169  
 Adobe Reader 9 Adobe Reader out of Date!
 Mozilla Firefox (38.0.1)
 Google Chrome (42.0.2311.135)
 Google Chrome (42.0.2311.152)
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe
 Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 2%
````````````````````End of Log``````````````````````
 


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP