Jump to content

Search the Community

Showing results for tags 'system optimizer'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Nebula
    • Malwarebytes Nebula Modules
    • Malwarebytes Endpoint Security
    • Other Malwarebytes Business Products
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 3 results

  1. What is PC Health Advisor? The Malwarebytes research team has determined that PC Health Advisor is a "system optimizer". These so-called "system optimizers" sometimes use intentional false positives to convince users that their systems have problems. Then they try to sell you their software, claiming it will remove these problems. More information can be found on our Malwarebytes Labs blog. How do I know if I am infected with PC Health Advisor? This is how the main screen of the sytem optimizer looks: You will find these icons in your taskbar, startmenu, and on your desktop: and see these warnings during install: and this screen when you try to remediate the alleged problems: You may see this entry in your list of installed programs: How did PC Health Advisor get on my computer? These so-called system optimizers use different methods of getting installed. This particular one was downloaded from an affiliate site. How do I remove PC Health Advisor? Our program Malwarebytes can detect and remove this potentially unwanted application. Please download Malwarebytes to your desktop. Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program. Then click Finish. Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu. If another update of the definitions is available, it will be implemented before the rest of the scanning procedure. When the scan is complete, make sure that all Threats are selected, and click Remove Selected. Restart your computer when prompted to do so. Is there anything else I need to do to get rid of PC Health Advisor? No, Malwarebytes removes PC Health Advisor completely. This PUP creates some scheduled tasks. You can read here how to check for and, if necessary, remove Scheduled Tasks. How would the full version of Malwarebytes help protect me? We hope our application and this guide have helped you eradicate this system optimizer. As you can see below the full version of Malwarebytes would have protected you against the PC Health Advisor installer. It would have warned you before the application could install itself, giving you a chance to stop it before it became too late. and we block access to their domains and some of their affiliates. Technical details for experts You may see these entries in FRST logs: (ParetoLogic) C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe (Digital Care Solutions) C:\Program Files\BDServices\BitDefenderCOM.exe R2 BitDefenderCOM; C:\Program Files\BDServices\BitDefenderCom.exe [1028096 2016-12-12] (Digital Care Solutions) [File not signed] S3 scan; C:\Program Files\BDServices\scan.dll [627688 2016-12-12] (Bitdefender) R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [485512 2016-12-12] (BitDefender S.R.L.) C:\Users\{username}\AppData\Roaming\ParetoLogic C:\Windows\System32\Tasks\PC Health Advisor Startup C:\Program Files\BDServices C:\Windows\System32\Tasks\PC Health Advisor Update C:\Windows\System32\Tasks\PC Health Advisor C:\Windows\System32\Tasks\PC Health Advisor Defrag C:\Users\{username}\Desktop\ParetoLogic PC Health Advisor.lnk C:\Windows\Tasks\PC Health Advisor Update.job C:\Windows\Tasks\PC Health Advisor Startup.job C:\Windows\Tasks\PC Health Advisor Defrag.job C:\Windows\Tasks\PC Health Advisor.job C:\Users\{username}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic C:\ProgramData\ParetoLogic C:\Program Files (x86)\ParetoLogic ParetoLogic PC Health Advisor (HKLM-x32\...\{3CBF3EBB-235D-4c29-A68B-2BB1F428586E}) (Version: 3.2.8.0 - ParetoLogic, Inc.) Task: {6ABE739A-C6A0-47ED-B812-C3A6BC0361C3} - System32\Tasks\PC Health Advisor => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe [2017-01-18] (ParetoLogic) Task: {7E46AA87-95F8-4504-8034-B0F3724BE6B0} - System32\Tasks\PC Health Advisor Startup => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe [2017-01-18] (ParetoLogic) Task: {90E98E78-6DBD-4513-8FA6-FD1767EDC04F} - System32\Tasks\PC Health Advisor Update => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe [2017-01-18] (ParetoLogic) Task: {DF8FAF9B-104D-438F-955F-57D3CECF7060} - System32\Tasks\PC Health Advisor Defrag => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe [2017-01-18] (ParetoLogic) Task: C:\Windows\Tasks\PC Health Advisor Defrag.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe Task: C:\Windows\Tasks\PC Health Advisor Startup.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe1C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe Task: C:\Windows\Tasks\PC Health Advisor Update.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe Task: C:\Windows\Tasks\PC Health Advisor.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe () C:\Program Files (x86)\ParetoLogic\PCHA\LiteZip.dll () C:\Program Files (x86)\ParetoLogic\PCHA\ExtensionManager.dll () C:\Program Files (x86)\ParetoLogic\PCHA\CommonLoggingExtension.pxt () C:\Program Files (x86)\ParetoLogic\PCHA\CommonSpecialist.pxt () C:\Program Files (x86)\ParetoLogic\PCHA\RegHookSpecialist.pxt () C:\Program Files (x86)\ParetoLogic\PCHA\Utility.pxt () C:\Program Files (x86)\ParetoLogic\PCHA\LiteUnzip.dll The most significant alterations made by the installer: File system details [View: All details] (Selection) --------------------------------------------------- Adds the folder C:\Program Files (x86)\ParetoLogic\PCHA Adds the file 7ZipDLL.dll"="1/18/2017 10:48 PM, 563712 bytes, A Adds the file colors.xml"="1/18/2017 10:48 PM, 5980 bytes, A Adds the file CommonLoggingExtension.pxt"="1/18/2017 10:48 PM, 176640 bytes, A Adds the file CommonSpecialist.pxt"="1/18/2017 10:48 PM, 177664 bytes, A Adds the file DC_offer.exe"="1/18/2017 10:48 PM, 5382144 bytes, A Adds the file ExtensionManager.dll"="1/18/2017 10:48 PM, 117760 bytes, A Adds the file HandleUpdate.dll"="1/18/2017 10:48 PM, 1802752 bytes, A Adds the file libeay32.dll"="1/18/2017 10:48 PM, 2047488 bytes, A Adds the file License.rdat"="3/16/2017 9:05 AM, 0 bytes, A Adds the file License_Time.rdat"="3/16/2017 9:05 AM, 48 bytes, A Adds the file LiteUnzip.dll"="1/18/2017 10:48 PM, 47616 bytes, A Adds the file LiteZip.dll"="1/18/2017 10:48 PM, 39936 bytes, A Adds the file LogSettings.xml"="1/18/2017 10:48 PM, 992 bytes, A Adds the file msvcp120.dll"="1/18/2017 10:48 PM, 455328 bytes, A Adds the file msvcr120.dll"="1/18/2017 10:48 PM, 970912 bytes, A Adds the file MyResources.dll"="1/18/2017 10:49 PM, 590848 bytes, A Adds the file noapp.exe"="1/18/2017 10:49 PM, 1938944 bytes, A Adds the file PCHA.exe"="1/18/2017 10:49 PM, 4653048 bytes, A Adds the file privacy.db"="1/18/2017 10:48 PM, 44832 bytes, A Adds the file RB.rdat"="3/16/2017 9:05 AM, 48 bytes, A Adds the file RegHookSpecialist.pxt"="1/18/2017 10:48 PM, 166912 bytes, A Adds the file SandBoxer.dll"="1/18/2017 10:48 PM, 230912 bytes, A Adds the file settings.xml"="1/18/2017 10:48 PM, 1145 bytes, A Adds the file sqlite3.dll"="1/18/2017 10:48 PM, 333043 bytes, A Adds the file ssleay32.dll"="1/18/2017 10:48 PM, 498176 bytes, A Adds the file uninstall.exe"="1/18/2017 10:49 PM, 260360 bytes, A Adds the file UNS.xml"="1/18/2017 10:48 PM, 950 bytes, A Adds the file Utility.pxt"="1/18/2017 10:48 PM, 928256 bytes, A Adds the file whitelist.dat"="1/18/2017 10:48 PM, 7528 bytes, A Adds the folder C:\Program Files (x86)\ParetoLogic\PCHA\bin\HTML Adds the file 0_days.htm"="1/18/2017 10:48 PM, 2671 bytes, A Adds the file 1_days.htm"="1/18/2017 10:48 PM, 2691 bytes, A Adds the file 15_days.htm"="1/18/2017 10:48 PM, 2765 bytes, A Adds the file 2_days.htm"="1/18/2017 10:48 PM, 2645 bytes, A Adds the file 30_days.htm"="1/18/2017 10:48 PM, 2684 bytes, A Adds the file 5_days.htm"="1/18/2017 10:48 PM, 2687 bytes, A Adds the file main.css"="1/18/2017 10:48 PM, 2051 bytes, A Adds the file main_error.css"="1/18/2017 10:48 PM, 4223 bytes, A Adds the folder C:\Program Files (x86)\ParetoLogic\PCHA\bin\HTML\images Adds the folder C:\Program Files (x86)\ParetoLogic\PCHA\HTML Adds the folder C:\Program Files (x86)\ParetoLogic\PCHA\HTML\images Adds the folder C:\Program Files (x86)\ParetoLogic\PCHA\images Adds the folder C:\ProgramData\ParetoLogic\PC Health Advisor Adds the file License.rdat"="3/16/2017 9:06 AM, 0 bytes, A Adds the file License_FirstRun.rdat"="3/16/2017 9:06 AM, 48 bytes, A Adds the file License_Time.rdat"="3/16/2017 9:06 AM, 48 bytes, A Adds the file RB.rdat"="3/16/2017 9:06 AM, 48 bytes, A Adds the folder C:\Users\{username}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic\PC Health Advisor Adds the file ParetoLogic PC Health Advisor.lnk"="3/16/2017 9:05 AM, 1145 bytes, A Adds the folder C:\Users\{username}\AppData\Roaming\ParetoLogic\PC Health Advisor In the existing folder C:\Users\{username}\Desktop Adds the file ParetoLogic PC Health Advisor.lnk"="3/16/2017 9:05 AM, 1097 bytes, A In the existing folder C:\Windows\System32\drivers Adds the file Trufos.sys"="12/12/2016 6:42 PM, 485512 bytes, A In the existing folder C:\Windows\System32\Tasks Adds the file PC Health Advisor"="3/16/2017 9:05 AM, 3318 bytes, A Adds the file PC Health Advisor Defrag"="3/16/2017 9:05 AM, 3286 bytes, A Adds the file PC Health Advisor Startup"="3/16/2017 9:06 AM, 2616 bytes, A Adds the file PC Health Advisor Update"="3/16/2017 9:05 AM, 3318 bytes, A In the existing folder C:\Windows\Tasks Adds the file PC Health Advisor Defrag.job"="3/16/2017 9:05 AM, 408 bytes, A Adds the file PC Health Advisor Startup.job"="3/16/2017 9:05 AM, 428 bytes, A Adds the file PC Health Advisor Update.job"="3/16/2017 9:05 AM, 438 bytes, A Adds the file PC Health Advisor.job"="3/16/2017 9:05 AM, 390 bytes, A Registry details [View: All details] (Selection) ------------------------------------------------ [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures] "PC Health Advisor Defrag.job"="REG_BINARY, ................................ "PC Health Advisor Defrag.job.fp"="REG_DWORD", 1563359978 "PC Health Advisor Startup.job"="REG_BINARY, ................................ "PC Health Advisor Startup.job.fp"="REG_DWORD", -1319655084 "PC Health Advisor Update.job"="REG_BINARY, ................................ "PC Health Advisor Update.job.fp"="REG_DWORD", 111415083 "PC Health Advisor.job"="REG_BINARY, ................................ "PC Health Advisor.job.fp"="REG_DWORD", 1838827531 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost] "bdx"="REG_MULTI_SZ, "scan sysagent " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\bdx] "AuthenticationCapabilities"="REG_DWORD", 0 "AuthenticationLevel"="REG_DWORD", 2 "CoInitializeSecurityParam"="REG_DWORD", 1 "DefaultRpcStackSize"="REG_DWORD", 1024 "ImpersonationLevel"="REG_DWORD", 3 [HKEY_LOCAL_MACHINE\SOFTWARE\Softwin\BitDefender Threat Scanner] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\BDServices] "InstallDir"="REG_SZ", "C:\Program Files\BDServices\" "Uninstall"="REG_SZ", "C:\Program Files\BDServices\uninstall.exe" "Version"="REG_DWORD", 8 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\BDServices\apps\{3CBF3EBB-235D-4c29-A68B-2BB1F428586E}] "(Default)"="REG_SZ", "" "launch"="REG_SZ", "C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe" "shutdown"="REG_SZ", ""C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe" -shutdown" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3CBF3EBB-235D-4c29-A68B-2BB1F428586E}] "DisplayIcon"="REG_SZ", "C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe" "DisplayName"="REG_SZ", "ParetoLogic PC Health Advisor" "DisplayVersion"="REG_SZ", "3.2.8.0" "InstallLocation"="REG_SZ", "C:\Program Files (x86)\ParetoLogic\PCHA" "Publisher"="REG_SZ", "ParetoLogic, Inc." "UninstallString"="REG_SZ", "C:\Program Files (x86)\ParetoLogic\PCHA\uninstall.exe" "URLInfoAbout"="REG_SZ", "http://www.paretologic.com" "VersionMajor"="REG_DWORD", 3 "VersionMinor"="REG_DWORD", 2 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\ParetoLogic\PC Health Advisor] "AutoScan"="REG_DWORD", 0 "Desktop"="REG_DWORD", 1 "InstallTime"="REG_QWORD, .... "Login"="REG_DWORD", 1 "Quick"="REG_DWORD", 0 "ShowWebPageAfterScanLicense"="REG_DWORD", 7 "Silent"="REG_DWORD", 0 "Updates"="REG_DWORD", 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BitDefenderCOM] "DependOnService"="REG_MULTI_SZ, "RPCSS " "DisplayName"="REG_SZ", "BitDefenderCOM" "ErrorControl"="REG_DWORD", 1 "ImagePath"="REG_EXPAND_SZ, ""C:\Program Files\BDServices\BitDefenderCom.exe"" "ObjectName"="REG_SZ", "LocalSystem" "Start"="REG_DWORD", 2 "Type"="REG_DWORD", 16 [HKEY_LOCAL_MACHINE\SYSTEM\gzflt] [HKEY_LOCAL_MACHINE\SYSTEM\Trufos] [HKEY_CURRENT_USER\Software\ParetoLogic\PC Health Advisor] "DUPLICATE_SCAN_RADIO"="REG_DWORD", 1 "FROMSCHEDULE"="REG_DWORD", 1 "Height"="REG_DWORD", 580 "INSTALLDATE"="REG_SZ", "08:07:40 16-03-2017" "INSTALLDATELOCAL"="REG_SZ", "09:07:40 16-03-2017" "LaunchOnStartup"="REG_DWORD", 1 "MALWARE_COUNT"="REG_DWORD", 0 "OUTDATED_COUNT"="REG_DWORD", 66 "RunCount"="REG_DWORD", 1 "UPDATESTATE"="REG_DWORD", 1 "Width"="REG_DWORD", 800 "XPos"="REG_DWORD", 427 "YPos"="REG_DWORD", 160 [HKEY_CURRENT_USER\Software\ParetoLogic\PC Health Advisor\HomeScreenIcons] "0"="REG_SZ", "Browser Object Manager" "1"="REG_SZ", "Process Manager" "2"="REG_SZ", "Startup Manager" "3"="REG_SZ", "File Extension Manager" "4"="REG_SZ", "Duplicate Finder" "5"="REG_SZ", "Defrag" Malwarebytes log: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 3/16/17 Scan Time: 9:28 AM Logfile: mbamPCHA.txt Administrator: Yes -Software Information- Version: 3.0.5.1299 Components Version: 1.0.43 Update Package Version: 1.0.1513 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: {computername}\{username} -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 365015 Time Elapsed: 2 min, 23 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled -Scan Details- Process: 1 PUP.Optional.ParetoLogic, C:\PROGRAM FILES (X86)\PARETOLOGIC\PCHA\PCHA.EXE, Quarantined, [2431], [366058],1.0.1513 Module: 9 PUP.Optional.ParetoLogic, C:\PROGRAM FILES (X86)\PARETOLOGIC\PCHA\COMMONLOGGINGEXTENSION.PXT, Quarantined, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\PROGRAM FILES (X86)\PARETOLOGIC\PCHA\REGHOOKSPECIALIST.PXT, Quarantined, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\PROGRAM FILES (X86)\PARETOLOGIC\PCHA\LITEZIP.DLL, Quarantined, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\PROGRAM FILES (X86)\PARETOLOGIC\PCHA\EXTENSIONMANAGER.DLL, Quarantined, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\PROGRAM FILES (X86)\PARETOLOGIC\PCHA\PCHA.EXE, Quarantined, [2431], [366058],1.0.1513 PUP.Optional.ParetoLogic, C:\PROGRAM FILES (X86)\PARETOLOGIC\PCHA\LITEUNZIP.DLL, Quarantined, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\PROGRAM FILES (X86)\PARETOLOGIC\PCHA\UTILITY.PXT, Quarantined, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\PROGRAM FILES (X86)\PARETOLOGIC\PCHA\MYRESOURCES.DLL, Quarantined, [2431], [366058],1.0.1513 PUP.Optional.ParetoLogic, C:\PROGRAM FILES (X86)\PARETOLOGIC\PCHA\COMMONSPECIALIST.PXT, Quarantined, [2431], [366050],1.0.1513 Registry Key: 12 PUP.Optional.ParetoLogic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{3CBF3EBB-235D-4c29-A68B-2BB1F428586E}, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{6ABE739A-C6A0-47ED-B812-C3A6BC0361C3}, Delete-on-Reboot, [2431], [366056],1.0.1513 PUP.Optional.ParetoLogic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{7E46AA87-95F8-4504-8034-B0F3724BE6B0}, Delete-on-Reboot, [2431], [366056],1.0.1513 PUP.Optional.ParetoLogic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{90E98E78-6DBD-4513-8FA6-FD1767EDC04F}, Delete-on-Reboot, [2431], [366056],1.0.1513 PUP.Optional.ParetoLogic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{DF8FAF9B-104D-438F-955F-57D3CECF7060}, Delete-on-Reboot, [2431], [366056],1.0.1513 PUP.Optional.ParetoLogic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\PC Health Advisor, Delete-on-Reboot, [2431], [366055],1.0.1513 PUP.Optional.ParetoLogic, HKLM\SOFTWARE\WOW6432NODE\BDSERVICES\APPS\{3CBF3EBB-235D-4c29-A68B-2BB1F428586E}, Delete-on-Reboot, [2431], [366345],1.0.1513 PUP.Optional.ParetoLogic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\PC Health Advisor Defrag, Delete-on-Reboot, [2431], [366055],1.0.1513 PUP.Optional.ParetoLogic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\PC Health Advisor Startup, Delete-on-Reboot, [2431], [366055],1.0.1513 PUP.Optional.ParetoLogic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\PC Health Advisor Update, Delete-on-Reboot, [2431], [366055],1.0.1513 PUP.Optional.ParetoLogic, HKLM\SOFTWARE\WOW6432NODE\PARETOLOGIC\PC Health Advisor, Delete-on-Reboot, [2431], [366346],1.0.1513 PUP.Optional.ParetoLogic, HKCU\SOFTWARE\PARETOLOGIC\PC Health Advisor, Delete-on-Reboot, [2431], [366347],1.0.1513 Registry Value: 4 PUP.Optional.ParetoLogic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{6ABE739A-C6A0-47ED-B812-C3A6BC0361C3}|PATH, Delete-on-Reboot, [2431], [366056],1.0.1513 PUP.Optional.ParetoLogic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{7E46AA87-95F8-4504-8034-B0F3724BE6B0}|PATH, Delete-on-Reboot, [2431], [366056],1.0.1513 PUP.Optional.ParetoLogic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{90E98E78-6DBD-4513-8FA6-FD1767EDC04F}|PATH, Delete-on-Reboot, [2431], [366056],1.0.1513 PUP.Optional.ParetoLogic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{DF8FAF9B-104D-438F-955F-57D3CECF7060}|PATH, Delete-on-Reboot, [2431], [366056],1.0.1513 Data Stream: 0 (No malicious items detected) Folder: 28 PUP.Optional.ParetoLogic, C:\PROGRAMDATA\ParetoLogic\PC Health Advisor, Delete-on-Reboot, [2431], [366052],1.0.1513 PUP.Optional.ParetoLogic, C:\USERS\{username}\APPDATA\ROAMING\ParetoLogic\PC Health Advisor, Delete-on-Reboot, [2431], [366052],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\list\recommendations, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\health rating, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\home settings, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\top nav icons, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\list\drivers, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\list\process, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\results page, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Start Anim, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Main\tabs, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\tab icons, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\bin\HTML\images, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\progress, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\scanning, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\general, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\defrag, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\group, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\HTML\images, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\list, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Main, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\bin\HTML, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\HTML, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\bin, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\PROGRAM FILES (X86)\PARETOLOGIC\PCHA, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\USERS\{username}\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\PARETOLOGIC\PC HEALTH ADVISOR, Delete-on-Reboot, [2431], [366051],1.0.1513 File: 319 PUP.Optional.ParetoLogic, C:\ProgramData\ParetoLogic\PC Health Advisor\License.rdat, Delete-on-Reboot, [2431], [366052],1.0.1513 PUP.Optional.ParetoLogic, C:\ProgramData\ParetoLogic\PC Health Advisor\License_FirstRun.rdat, Delete-on-Reboot, [2431], [366052],1.0.1513 PUP.Optional.ParetoLogic, C:\ProgramData\ParetoLogic\PC Health Advisor\License_Time.rdat, Delete-on-Reboot, [2431], [366052],1.0.1513 PUP.Optional.ParetoLogic, C:\ProgramData\ParetoLogic\PC Health Advisor\RB.rdat, Delete-on-Reboot, [2431], [366052],1.0.1513 PUP.Optional.ParetoLogic, C:\PROGRAM FILES (X86)\PARETOLOGIC\PCHA\COMMONLOGGINGEXTENSION.PXT, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\PROGRAM FILES (X86)\PARETOLOGIC\PCHA\REGHOOKSPECIALIST.PXT, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\PROGRAM FILES (X86)\PARETOLOGIC\PCHA\LITEZIP.DLL, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\PROGRAM FILES (X86)\PARETOLOGIC\PCHA\EXTENSIONMANAGER.DLL, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\PROGRAM FILES (X86)\PARETOLOGIC\PCHA\PCHA.EXE, Delete-on-Reboot, [2431], [366058],1.0.1513 PUP.Optional.ParetoLogic, C:\PROGRAM FILES (X86)\PARETOLOGIC\PCHA\LITEUNZIP.DLL, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\PROGRAM FILES (X86)\PARETOLOGIC\PCHA\UTILITY.PXT, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\PROGRAM FILES (X86)\PARETOLOGIC\PCHA\MYRESOURCES.DLL, Delete-on-Reboot, [2431], [366058],1.0.1513 PUP.Optional.ParetoLogic, C:\PROGRAM FILES (X86)\PARETOLOGIC\PCHA\COMMONSPECIALIST.PXT, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\bin\HTML\images\10x10.gif, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\bin\HTML\images\10x10tile.gif, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\bin\HTML\images\contentwrapper.gif, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\bin\HTML\images\error_internet.jpg, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\bin\HTML\images\footerbarfill.gif, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\bin\HTML\images\info_bubble.jpg, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\bin\HTML\images\pcha_background.jpg, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\bin\HTML\images\tile_footerbarbase.jpg, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\bin\HTML\images\tile_subheadbarbase.jpg, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\bin\HTML\images\tile_titlebarbase.jpg, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\bin\HTML\0_days.htm, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\bin\HTML\15_days.htm, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\bin\HTML\1_days.htm, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\bin\HTML\2_days.htm, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\bin\HTML\30_days.htm, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\bin\HTML\5_days.htm, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\bin\HTML\main.css, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\bin\HTML\main_error.css, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\HTML\images\10x10.gif, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\HTML\images\10x10tile.gif, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\HTML\images\contentwrapper.gif, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\HTML\images\error_internet.jpg, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\HTML\images\footerbarfill.gif, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\HTML\images\info_bubble.jpg, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\HTML\images\pcha_background.jpg, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\HTML\images\tile_footerbarbase.jpg, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\HTML\images\tile_subheadbarbase.jpg, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\HTML\images\tile_titlebarbase.jpg, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\HTML\0_days.htm, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\HTML\15_days.htm, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\HTML\1_days.htm, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\HTML\2_days.htm, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\HTML\30_days.htm, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\HTML\5_days.htm, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\HTML\container_content_bkimg.gif, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\HTML\container_content_leftimg.gif, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\HTML\container_content_rightimg.gif, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\HTML\error_connect.html, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\HTML\main.css, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\HTML\main_error.css, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\HTML\package_titlebar_bkimg.jpg, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\button.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\button_bho_mgr.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\button_defrag.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\button_defrag_schedule.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\button_driver.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\button_extmgr.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\button_generalsettings.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\button_icons.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\button_ignore.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\button_optimize.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\button_over.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\button_privacy.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\button_process_mgr.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\button_registry.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\button_restore.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\button_scansettings.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\button_schedule.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\button_startup_mgr.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\button_update.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\header_about.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\header_bho.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\header_clean.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\header_defrag.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\header_disk.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\header_duplicate.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\header_extmgr.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\header_optimize.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\header_privacy.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\header_process.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\header_processes.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\header_registry.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\header_restore.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\header_settings.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\header_startup.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\header_summary.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\settings_defrag_schedule.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\settings_general.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\settings_icons.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\settings_ignore.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\settings_privacy.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\settings_registry.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\settings_scan.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\settings_schedule.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\settings_update.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\startbg.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\startbg_over.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\update_later.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\update_later_over.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\update_now.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\update_now_over.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\vdb.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\button_duplicate.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\buttons and headers\header_driver.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\defrag\c_frag.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\defrag\c_unfrag.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\defrag\c_unknown.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\defrag\c_unmove.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\general\close.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\general\close_over.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\general\collapse.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\general\delete.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\general\expand.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\general\open.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\general\progress_glow.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\general\recycle.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\general\x.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\group\bho.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\group\dup_audio.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\group\dup_doc.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\group\dup_image.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\group\dup_other.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\group\dup_video.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\group\ig_drivers.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\group\ig_proc.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\group\ig_reg.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\group\priv_3rd.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\group\priv_browser.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\group\priv_email.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\group\priv_fs.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\group\priv_im.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\group\priv_multi.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\group\priv_office.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\group\priv_other.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\group\priv_windows.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\group\reg_apppath.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\group\reg_com.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\group\reg_dll.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\group\reg_empty.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\group\reg_extensions.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\group\reg_filepath.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\group\reg_font.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\group\reg_help.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\group\reg_shortcut.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\group\reg_startup.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\group\reg_uninstall.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\group\startup.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\health rating\pchealth_high.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\health rating\pchealth_high_short.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\health rating\pchealth_low.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\health rating\pchealth_low_short.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\health rating\pchealth_medium.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\health rating\pchealth_medium_short.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\health rating\pchealth_unrated.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\health rating\pchealth_unrated_short.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\home settings\button_outline.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\home settings\no_1.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\home settings\no_2.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\home settings\no_3.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\home settings\no_4.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\home settings\no_5.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\home settings\no_6.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\list\drivers\cd.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\list\drivers\cpu.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\list\drivers\disk.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\list\drivers\display.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\list\drivers\driver_outdated.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\list\drivers\driver_uptodate.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\list\drivers\floppy.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\list\drivers\mouse_key.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\list\drivers\other.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\list\drivers\outdated.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\list\drivers\power.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\list\drivers\printer.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\list\drivers\software.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\list\drivers\system.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\list\drivers\uptodate.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\list\drivers\usb.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\list\process\bho.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\list\process\process.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\list\process\startup.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\list\recommendations\rec_malware16.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\list\recommendations\rec_malware24.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\list\recommendations\rec_malware32.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\list\recommendations\rec_system16.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\list\recommendations\rec_system24.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\list\recommendations\rec_system32.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\list\recommendations\rec_unknown16.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\list\recommendations\rec_unknown24.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\list\recommendations\rec_unknown32.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\list\recommendations\rec_unwanted16.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\list\recommendations\rec_unwanted24.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\list\recommendations\rec_unwanted32.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\list\recommendations\rec_userapp16.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\list\recommendations\rec_userapp24.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\list\recommendations\rec_userapp32.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\list\other.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Main\tabs\active_tab_left.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Main\tabs\active_tab_right.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Main\tabs\active_tab_stretch.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Main\tabs\tab_left.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Main\tabs\tab_right.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Main\tabs\tab_stretch.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Main\bg.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Main\bg_logo.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Main\left_stretch.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Main\lower_left.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Main\lower_right.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Main\lower_stretch.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Main\nav_back.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Main\nav_bg.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Main\nav_forward.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Main\right_stretch.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Main\upper_left.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Main\upper_right.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Main\upper_stretch.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\progress\add_check.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\progress\add_error.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\progress\add_unknown.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\progress\scan.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\progress\small_driver.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\progress\small_md5.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\progress\small_privacy.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\progress\small_registry.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\results page\drivers_green.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\results page\drivers_red.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\results page\drivers_yellow.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\results page\malware_green.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\results page\malware_red.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\results page\privacy_green.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\results page\privacy_red.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\results page\processes_green.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\results page\processes_red.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\results page\registry_green.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\results page\registry_red.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\results page\startup_green.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\results page\startup_red.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\scanning\driver.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\scanning\privacy.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\scanning\process.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\scanning\registry.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Start Anim\1.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Start Anim\10.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Start Anim\11.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Start Anim\12.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Start Anim\13.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Start Anim\14.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Start Anim\15.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Start Anim\16.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Start Anim\17.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Start Anim\18.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Start Anim\19.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Start Anim\2.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Start Anim\20.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Start Anim\21.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Start Anim\22.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Start Anim\23.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Start Anim\24.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Start Anim\25.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Start Anim\3.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Start Anim\4.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Start Anim\5.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Start Anim\6.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Start Anim\7.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Start Anim\8.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\Start Anim\9.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\tab icons\nav-disk.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\tab icons\nav-optimize.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\tab icons\nav-scan.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\tab icons\nav-settings.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\top nav icons\help_down.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\top nav icons\help_normal.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\top nav icons\help_over.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\top nav icons\info_down.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\top nav icons\info_normal.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\top nav icons\info_over.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\detected_items.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\email_logo.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\info.jpg, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\register.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\register_over.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\registration.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\tfn_email.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\tfn_frame.png, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\images\warning.jpg, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\7ZipDLL.dll, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\colors.xml, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\DC_offer.exe, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\HandleUpdate.dll, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\libeay32.dll, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\License.rdat, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\License_Time.rdat, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\LogSettings.xml, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\msvcp120.dll, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\msvcr120.dll, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\noapp.exe, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\privacy.db, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\RB.rdat, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\SandBoxer.dll, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\settings.xml, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\sqlite3.dll, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\ssleay32.dll, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\uninstall.exe, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\UNS.xml, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Program Files (x86)\ParetoLogic\PCHA\whitelist.dat, Delete-on-Reboot, [2431], [366050],1.0.1513 PUP.Optional.ParetoLogic, C:\Users\{username}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic\PC Health Advisor\ParetoLogic PC Health Advisor.lnk, Delete-on-Reboot, [2431], [366051],1.0.1513 PUP.Optional.ParetoLogic, C:\USERS\{username}\DESKTOP\PARETOLOGIC PC HEALTH ADVISOR.LNK, Delete-on-Reboot, [2431], [366049],1.0.1513 PUP.Optional.ParetoLogic, C:\USERS\{username}\DESKTOP\PARETOLOGIC PC HEALTH ADVISOR.EXE, Delete-on-Reboot, [2431], [366058],1.0.1513 PUP.Optional.ParetoLogic, C:\WINDOWS\TASKS\PC HEALTH ADVISOR DEFRAG.JOB, Delete-on-Reboot, [2431], [366053],1.0.1513 PUP.Optional.ParetoLogic, C:\WINDOWS\TASKS\PC HEALTH ADVISOR UPDATE.JOB, Delete-on-Reboot, [2431], [366053],1.0.1513 PUP.Optional.ParetoLogic, C:\WINDOWS\TASKS\PC HEALTH ADVISOR.JOB, Delete-on-Reboot, [2431], [366053],1.0.1513 PUP.Optional.ParetoLogic, C:\WINDOWS\TASKS\PC HEALTH ADVISOR STARTUP.JOB, Delete-on-Reboot, [2431], [366053],1.0.1513 PUP.Optional.ParetoLogic, C:\WINDOWS\SYSTEM32\TASKS\PC Health Advisor, Delete-on-Reboot, [2431], [366054],1.0.1513 PUP.Optional.ParetoLogic, C:\WINDOWS\SYSTEM32\TASKS\PC Health Advisor Defrag, Delete-on-Reboot, [2431], [366054],1.0.1513 PUP.Optional.ParetoLogic, C:\WINDOWS\SYSTEM32\TASKS\PC Health Advisor Startup, Delete-on-Reboot, [2431], [366054],1.0.1513 PUP.Optional.ParetoLogic, C:\WINDOWS\SYSTEM32\TASKS\PC Health Advisor Update, Delete-on-Reboot, [2431], [366054],1.0.1513 Physical Sector: 0 (No malicious items detected) (end) As mentioned before the full version of Malwarebytes could have protected your computer against this threat. We use different ways of protecting your computer(s): Dynamically Blocks Malware Sites & Servers Malware Execution Prevention Save yourself the hassle and get protected.
  2. What is Driver Updater Plus? The Malwarebytes research team has determined that Driver Updater Plus is a "system optimizer". These so-called "system optimizers" sometimes use intentional false positives to convince users that their systems have problems. Then they try to sell you their software, claiming it will remove these problems. More information can be found on our Malwarebytes Labs blog. How do I know if I am infected with Driver Updater Plus? This is how the main screen of the sytem optimizer looks: You will find these icons in your taskbar and on your desktop: and see these warnings during install: and these screens during "operations": You may see this entry in your list of installed programs: and these tasks in your Task Scheduler: How did Driver Updater Plus get on my computer? These so-called system optimizers use different methods of getting installed. This particular one was downloaded from their site. How do I remove Driver Updater Plus? Our program Malwarebytes Anti-Malware can detect and remove this potentially unwanted application. Please download Malwarebytes Anti-Malware to your desktop. Double-click mbam-setup-{version}.exe and follow the prompts to install the program. At the end, be sure a check-mark is placed next to: Launch Malwarebytes Anti-Malware Then click Finish. Once the program has loaded, select Scan Now. Or select the Threat Scan from the Scan menu. If an update is available, it will be implemented before the rest of the scanning procedure. When the scan is complete, make sure that all Threats are selected, and click Remove Selected. Restart your computer when prompted to do so. Is there anything else I need to do to get rid of Driver Updater Plus? No, Malwarebytes' Anti-Malware removes Driver Updater Plus completely. This PUP creates some scheduled tasks. You can read here how to check for and, if necessary, remove Scheduled Tasks. How would the full version of Malwarebytes Anti-Malware help protect me? We hope our application and this guide have helped you eradicate this system optimizer. As you can see below the full version of Malwarebytes Anti-Malware would have protected you against the Driver Updater Plus installer. It would have warned you before the application could install itself, giving you a chance to stop it before it became too late. and we block access to their domain: Technical details for experts You may see these entries in FRST logs: (Jawego Partners LLC) C:\Program Files (x86)\Driver Updater Plus\dup.exe C:\Windows\System32\Tasks\DriverUpdaterPlusRunAtStartup C:\Windows\System32\Tasks\DriverUpdaterPlus_UPDATES C:\Users\Public\Desktop\Driver Updater Plus.lnk C:\Windows\Tasks\DriverUpdaterPlus_UPDATES.job C:\Users\{username}\AppData\Roaming\jawego C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Updater Plus C:\Program Files (x86)\Driver Updater Plus C:\Users\{username}\AppData\Roaming\Driver Updater Plus Driver Updater Plus (HKLM-x32\...\Driver Updater Plus_is1) (Version: 2.7.1086.16907 - Jawego Partners LLC) Task: {96E5FA20-26D9-4BD2-A8C7-8BB479706477} - System32\Tasks\DriverUpdaterPlus_UPDATES => C:\Program Files (x86)\Driver Updater Plus\dup.exe [2016-06-22] (Jawego Partners LLC) Task: {98E16E97-6AF7-442D-B0C6-ADDB110368D7} - System32\Tasks\DriverUpdaterPlusRunAtStartup => C:\Program Files (x86)\Driver Updater Plus\dup.exe [2016-06-22] (Jawego Partners LLC) Task: C:\Windows\Tasks\DriverUpdaterPlus_UPDATES.job => C:\Program Files (x86)\Driver Updater Plus\dup.exe Alterations made by the installer: File system details [View: All details] (Selection) --------------------------------------------------- Adds the folder C:\Program Files (x86)\Driver Updater Plus Adds the file Danish_uninst.ini"="1/20/2016 3:42 PM, 2948 bytes, A Adds the file difxapi.dll"="6/23/2015 4:19 PM, 323464 bytes, A Adds the file difxapi64.dll"="6/23/2015 4:19 PM, 519048 bytes, A Adds the file DSTPJb4u.exe"="4/15/2016 2:39 PM, 572336 bytes, A Adds the file dup.exe"="6/22/2016 3:59 PM, 17917904 bytes, A Adds the file Dutch_rcp.ini"="4/29/2016 8:21 PM, 149952 bytes, A Adds the file install_left_image.bmp"="12/16/2015 3:48 PM, 156296 bytes, A Adds the file isxdl.dll"="6/22/2016 3:59 PM, 156624 bytes, A Adds the file unins000.dat"="12/6/2016 9:06 AM, 61533 bytes, A Adds the file unins000.exe"="12/6/2016 9:05 AM, 1193936 bytes, A Adds the file unins000.msg"="12/6/2016 9:06 AM, 22357 bytes, A Adds the file unrar.dll"="6/23/2015 4:19 PM, 168448 bytes, A Adds the folder C:\Program Files (x86)\Driver Updater Plus\updater\amd64Helper Adds the file difxapi.dll"="6/23/2015 4:19 PM, 519048 bytes, A Adds the file DriverUpdateHelper64.exe"="6/22/2016 3:59 PM, 316368 bytes, A Adds the file DriverUpdateHelper64.manifest"="6/23/2015 4:19 PM, 689 bytes, A Adds the folder C:\Program Files (x86)\Driver Updater Plus\updater\extract Adds the file 7z.dll"="6/22/2016 3:59 PM, 732112 bytes, A Adds the file 7z.exe"="6/22/2016 3:59 PM, 156112 bytes, A Adds the file copying.txt"="6/23/2015 4:19 PM, 26948 bytes, A Adds the file History.txt"="6/23/2015 4:19 PM, 29037 bytes, A Adds the file license.txt"="6/23/2015 4:19 PM, 2049 bytes, A Adds the file readme.txt"="6/23/2015 4:19 PM, 1616 bytes, A Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Updater Plus Adds the file Driver Updater Plus.lnk"="12/6/2016 9:06 AM, 1071 bytes, A Adds the file Register Driver Updater Plus.lnk"="12/6/2016 9:06 AM, 1097 bytes, A Adds the file Uninstall Driver Updater Plus.lnk"="12/6/2016 9:06 AM, 1118 bytes, A Adds the folder C:\Users\{username}\AppData\Roaming\Driver Updater Plus Adds the folder C:\Users\{username}\AppData\Roaming\jawego\Driver Updater Plus Adds the file Download.dat"="12/6/2016 9:06 AM, 6 bytes, A Adds the file ininotfound0.ini"="12/6/2016 9:06 AM, 236 bytes, A Adds the file log_12-06-2016.log"="12/6/2016 9:06 AM, 0 bytes, A Adds the file results.du"="12/6/2016 9:10 AM, 62884 bytes, A Adds the folder C:\Users\{username}\AppData\Roaming\jawego\Driver Updater Plus\Backup Adds the folder C:\Users\{username}\AppData\Roaming\jawego\Driver Updater Plus\Download In the existing folder C:\Users\Public\Desktop Adds the file Driver Updater Plus.lnk"="12/6/2016 9:06 AM, 1053 bytes, A In the existing folder C:\Windows\System32\Tasks Adds the file DriverUpdaterPlus_UPDATES"="12/6/2016 9:06 AM, 3048 bytes, A Adds the file DriverUpdaterPlusRunAtStartup"="12/6/2016 9:06 AM, 3162 bytes, A In the existing folder C:\Windows\Tasks Adds the file DriverUpdaterPlus_UPDATES.job"="12/6/2016 9:06 AM, 290 bytes, A Registry details [View: All details] (Selection) ------------------------------------------------ [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures] "DriverUpdaterPlus_UPDATES.job"="REG_BINARY, ................................ "DriverUpdaterPlus_UPDATES.job.fp"="REG_DWORD", 407894245 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\jawego] "MachineID"="REG_BINARY, (zero length data) [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\jawego\duplus] "AppVersion"="REG_SZ", "2.7.1086.16907" "bShowCongratsAfterUpdateRestart"="REG_DWORD", 0 "BUILD_FOR"="REG_SZ", "jawego" "BuyNowURL"="REG_SZ", "http://www.driverupdaterplus.com/buynow?" "dwIsPCHelpOnlineBuild"="REG_DWORD", 0 "dwIsSilentBuildForRC_P"="REG_DWORD", 0 "Expired"="REG_DWORD", 0 "InstalledPath"="REG_SZ", "C:\Program Files (x86)\Driver Updater Plus" "IsIPBuild"="REG_DWORD", 1 "IsPbEnabled"="REG_DWORD", 0 "IsTelNoEnabled"="REG_DWORD", 1 "MaxFixLimit"="REG_DWORD", 50 "nAppendParamsFromReg"="REG_DWORD", 1 "RawId"="REG_BINARY, -3804995083000885380 "RenewNowURL"="REG_SZ", "http://www.driverupdaterplus.com/renewal?" "TELNO"="REG_SZ", "(844) 944-0918" "TELNODE"="REG_SZ", "(800) 180-6512" "TELNOFR"="REG_SZ", "01.76.54.27.59" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\jawego\duplus\LANG] "LangID"="REG_DWORD", 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\jawego\params] "DUP"="REG_DWORD", 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Driver Updater Plus_is1] "DisplayIcon"="REG_SZ", "C:\Program Files (x86)\Driver Updater Plus\dup.exe" "DisplayName"="REG_SZ", "Driver Updater Plus" "DisplayVersion"="REG_SZ", "2.7.1086.16907" "EstimatedSize"="REG_DWORD", 24193 "HelpLink"="REG_SZ", "http://www.driverupdaterplus.com/duplus/" "Inno Setup: App Path"="REG_SZ", "C:\Program Files (x86)\Driver Updater Plus" "Inno Setup: Icon Group"="REG_SZ", "Driver Updater Plus" "Inno Setup: Language"="REG_SZ", "en" "Inno Setup: Setup Version"="REG_SZ", "5.5.1 (u)" "Inno Setup: User"="REG_SZ", "{username}" "InstallDate"="REG_SZ", "20161206" "InstallLocation"="REG_SZ", "C:\Program Files (x86)\Driver Updater Plus\" "MajorVersion"="REG_DWORD", 2 "MinorVersion"="REG_DWORD", 7 "NoModify"="REG_DWORD", 1 "NoRepair"="REG_DWORD", 1 "Publisher"="REG_SZ", "Jawego Partners LLC" "QuietUninstallString"="REG_SZ", ""C:\Program Files (x86)\Driver Updater Plus\unins000.exe" /SILENT" "UninstallString"="REG_SZ", ""C:\Program Files (x86)\Driver Updater Plus\unins000.exe" /silent" "URLInfoAbout"="REG_SZ", "http://www.driverupdaterplus.com/duplus/" [HKEY_CURRENT_USER\Software\jawego] "MachineID"="REG_BINARY, (zero length data) [HKEY_CURRENT_USER\Software\jawego\duplus] "1stInstalled_Time"="REG_SZ", "12/6/2016 9:06:27 AM" "AppDriverScanStatus"="REG_DWORD", 1 "Backup Path"="REG_SZ", "C:\Users\{username}\AppData\Roaming\jawego\Driver Updater Plus\Backup\" "CurrentScanTime"="REG_BINARY, ........ "Download Path"="REG_SZ", "C:\Users\{username}\AppData\Roaming\jawego\Driver Updater Plus\Download\" "DriverAge"="REG_DWORD", 1 "FirstRun"="REG_DWORD", 1 "GoToSystemTrayOnClose"="REG_DWORD", 1 "ImprovementProgram"="REG_DWORD", 1 "InstalledPath"="REG_SZ", "C:\Program Files (x86)\Driver Updater Plus" "NumTimesRCPRunned"="REG_DWORD", 1 "OldestDriverAgeInYears"="REG_DWORD", 2996 "RawId"="REG_BINARY, -3804995083000885380 "ScheduledTime"="REG_SZ", "" "SetChkDontShowRedTrayPopup"="REG_DWORD", 0 "StartAutoScanOnLaunch"="REG_DWORD", 0 "StartAutoScanPMUI"="REG_DWORD", 0 "StartAutoTutorial"="REG_DWORD", 1 "StartMinimized"="REG_DWORD", 0 "StartScan"="REG_DWORD", 0 "StartWhenWinBoots"="REG_DWORD", 1 "StrLastScan"="REG_SZ", "Tue. December 06, 2016. 09:10 AM" "StrLastScanResults"="REG_SZ", "1" "StrLatestRestorePoint"="REG_SZ", "" "TotalOutOfDateDrivers"="REG_DWORD", 1 "TotalScannedDrivers"="REG_DWORD", 35 "TotalUpToDateDrivers"="REG_DWORD", 34 "TrialType"="REG_DWORD", 0 [HKEY_CURRENT_USER\Software\jawego\duplus\LANG] "LangCode"="REG_SZ", "en" "LangID"="REG_DWORD", 0 [HKEY_CURRENT_USER\Software\jawego\params] "DUP"="REG_DWORD", 1 Malwarebytes Anti-Malware log: Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 12/6/2016 Scan Time: 9:47 AM Logfile: mbamDriverUpdaterPlus.txt Administrator: Yes Version: 2.2.1.1043 Malware Database: v2016.12.06.05 Rootkit Database: v2016.11.20.01 License: Premium Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Enabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: {username} Scan Type: Threat Scan Result: Completed Objects Scanned: 304314 Time Elapsed: 9 min, 21 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 1 PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\dup.exe, 3572, Delete-on-Reboot, [0914a3418d0df3432dac8b0e7f818a76] Modules: 1 PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\isxdl.dll, Delete-on-Reboot, [1a038a5a930777bfa1b865352ed2f10f], Registry Keys: 5 PUP.Optional.Jawego, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{96A10E5C-1EB6-4958-B52A-F68386815DB2}, Delete-on-Reboot, [b865f8ec6535ca6c13587c1eaf5151af], PUP.Optional.Jawego, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{EB70035E-6B98-4623-AF59-A2A338E6D8AB}, Delete-on-Reboot, [60bd984c0c8e52e45d0e9dfd847c8a76], PUP.Optional.Jawego, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\DriverUpdaterPlusRunAtStartup, Delete-on-Reboot, [fc21e1037426d1658456900925db04fc], PUP.Optional.Jawego, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\DriverUpdaterPlus_UPDATES, Delete-on-Reboot, [59c4469eefab2d0939a1abeec8387b85], PUP.Optional.Jawego, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Driver Updater Plus_is1, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], Registry Values: 2 PUP.Optional.Jawego, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{96A10E5C-1EB6-4958-B52A-F68386815DB2}|Path, \DriverUpdaterPlusRunAtStartup, Delete-on-Reboot, [b865f8ec6535ca6c13587c1eaf5151af] PUP.Optional.Jawego, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{EB70035E-6B98-4623-AF59-A2A338E6D8AB}|Path, \DriverUpdaterPlus_UPDATES, Delete-on-Reboot, [60bd984c0c8e52e45d0e9dfd847c8a76] Registry Data: 0 (No malicious items detected) Folders: 10 PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus, Delete-on-Reboot, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\updater, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\updater\amd64Helper, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\updater\extract, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Users\{username}\AppData\Roaming\jawego, Delete-on-Reboot, [958844a04357cd692b30f6a4b947b848], PUP.Optional.Jawego, C:\Users\{username}\AppData\Roaming\jawego\Driver Updater Plus, Delete-on-Reboot, [958844a04357cd692b30f6a4b947b848], PUP.Optional.Jawego, C:\Users\{username}\AppData\Roaming\jawego\Driver Updater Plus\Backup, Quarantined, [958844a04357cd692b30f6a4b947b848], PUP.Optional.Jawego, C:\Users\{username}\AppData\Roaming\jawego\Driver Updater Plus\Download, Quarantined, [958844a04357cd692b30f6a4b947b848], PUP.Optional.Jawego, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Updater Plus, Quarantined, [f528bd27c9d1ae88fa749dfd1ee26a96], PUP.Optional.Jawego, C:\Users\{username}\AppData\Roaming\Driver Updater Plus, Quarantined, [1ffe29bb207a25114230cdcd1be524dc], Files: 66 PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\dup.exe, Delete-on-Reboot, [0914a3418d0df3432dac8b0e7f818a76], PUP.Optional.Jawego, C:\Users\{username}\Desktop\setup.exe, Quarantined, [a07d04e0267476c07b5e44557b8557a9], PUP.Optional.Jawego, C:\Users\Public\Desktop\Driver Updater Plus.lnk, Quarantined, [71ac18ccddbdc57186d4cbcff50bdf21], PUP.Optional.Jawego, C:\Windows\System32\Tasks\DriverUpdaterPlusRunAtStartup, Quarantined, [150811d3ddbdee4896d69703ed13649c], PUP.Optional.Jawego, C:\Windows\System32\Tasks\DriverUpdaterPlus_UPDATES, Quarantined, [fa235d875b3f81b5a9c38218b34d2bd5], PUP.Optional.Jawego, C:\Windows\Tasks\DriverUpdaterPlus_UPDATES.job, Quarantined, [3ce1c3213e5cce681d50d9c1c23e55ab], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\install_left_image.bmp, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\Chinese_rcp.ini, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\Chinese_uninst.ini, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\Danish_rcp.ini, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\Danish_uninst.ini, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\difxapi.dll, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\difxapi64.dll, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\DSTPJb4u.exe, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\Dutch_rcp.ini, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\Dutch_uninst.ini, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\eng_rcp.ini, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\eng_uninst.ini, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\Finnish_rcp_fi.ini, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\Finnish_uninst_fi.ini, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\French_rcp.ini, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\French_uninst.ini, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\German_rcp.ini, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\German_uninst.ini, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\greek_uninst_el.ini, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\isxdl.dll, Delete-on-Reboot, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\Italian_rcp.ini, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\Italian_uninst.ini, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\Japanese_rcp.ini, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\Japanese_uninst.ini, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\korean_uninst_ko.ini, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\Norwegian_rcp.ini, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\Norwegian_uninst.ini, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\polish_uninst_pl.ini, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\portugese_uninst_pt.ini, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\Portuguese_rcp.ini, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\Portuguese_uninst.ini, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\russian_rcp_ru.ini, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\russian_uninst_ru.ini, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\Spanish_rcp.ini, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\spanish_uninst.ini, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\Swedish_rcp.ini, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\swedish_uninst.ini, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\traditionalcn_uninst_zh-tw.ini, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\Turkish_uninst_tr.ini, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\unins000.dat, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\unins000.exe, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\unins000.msg, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\unrar.dll, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\updater\amd64Helper\difxapi.dll, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\updater\amd64Helper\DriverUpdateHelper64.exe, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\updater\amd64Helper\DriverUpdateHelper64.manifest, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\updater\extract\7z.dll, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\updater\extract\7z.exe, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\updater\extract\copying.txt, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\updater\extract\History.txt, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\updater\extract\license.txt, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Program Files (x86)\Driver Updater Plus\updater\extract\readme.txt, Quarantined, [1a038a5a930777bfa1b865352ed2f10f], PUP.Optional.Jawego, C:\Users\{username}\AppData\Roaming\jawego\Driver Updater Plus\Download.dat, Quarantined, [958844a04357cd692b30f6a4b947b848], PUP.Optional.Jawego, C:\Users\{username}\AppData\Roaming\jawego\Driver Updater Plus\ininotfound0.ini, Quarantined, [958844a04357cd692b30f6a4b947b848], PUP.Optional.Jawego, C:\Users\{username}\AppData\Roaming\jawego\Driver Updater Plus\log_12-06-2016.log, Delete-on-Reboot, [958844a04357cd692b30f6a4b947b848], PUP.Optional.Jawego, C:\Users\{username}\AppData\Roaming\jawego\Driver Updater Plus\results.du, Quarantined, [958844a04357cd692b30f6a4b947b848], PUP.Optional.Jawego, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Updater Plus\Driver Updater Plus.lnk, Quarantined, [f528bd27c9d1ae88fa749dfd1ee26a96], PUP.Optional.Jawego, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Updater Plus\Register Driver Updater Plus.lnk, Quarantined, [f528bd27c9d1ae88fa749dfd1ee26a96], PUP.Optional.Jawego, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Updater Plus\Uninstall Driver Updater Plus.lnk, Quarantined, [f528bd27c9d1ae88fa749dfd1ee26a96], PUP.Optional.Jawego, C:\Users\{username}\AppData\Roaming\Driver Updater Plus\ipini.ini, Quarantined, [1ffe29bb207a25114230cdcd1be524dc], Physical Sectors: 0 (No malicious items detected) (end) As mentioned before the full version of Malwarebytes Anti-Malware could have protected your computer against this threat. We use different ways of protecting your computer(s): Dynamically Blocks Malware Sites & Servers Malware Execution Prevention Save yourself the hassle and get protected.
  3. What is GoPCPro? The Malwarebytes research team has determined that GoPCPro is a fake system optimizer. These so-called "system optimizers" use intentional false positives to convince users that their systems have problems. Then they try to sell you their software, claiming it will remove these problems. More information can be found on our Malwarebytes Unpacked blog. How do I know if I am infected with GoPCPro? This is how the main screen of the registry cleaning application looks: You will see these warnings during install: and these screens during "operations": You may see this entry in your list of installed programs: and this task in your Task Scheduler: How did GoPCPro get on my computer? These so-called system optimizers use different methods of getting installed. This particular one is advertized as the #1 registry optimizer.. How do I remove GoPCPro? Our program Malwarebytes Anti-Malware can detect and remove this potentially unwanted application. Please download Malwarebytes Anti-Malware to your desktop. Double-click mbam-setup-{version}.exe and follow the prompts to install the program. At the end, be sure a check-mark is placed next to: Launch Malwarebytes Anti-Malware Then click Finish. Once the program has loaded, select Scan Now. Or select the Threat Scan from the Scan menu. If an update is available, it will be implemented before the rest of the scanning procedure. When the scan is complete, make sure that all Threats are selected, and click Remove Selected. Restart your computer when prompted to do so. Is there anything else I need to do to get rid of GoPCPro? No, Malwarebytes' Anti-Malware removes GoPCPro completely. This PUP creates a scheduled task. You can read here how to check for and, if necessary, remove Scheduled Tasks. How would the full version of Malwarebytes Anti-Malware help protect me? We hope our application and this guide have helped you eradicate this system optimizer. As you can see below the full version of Malwarebytes Anti-Malware would have protected you against the GoPCPro installer. It would have warned you before the application could install itself, giving you a chance to stop it before it became too late. and it stops some of the connections it tries to make: Technical details for experts You may see these entries in FRST logs: (GoPcPro) C:\Program Files (x86)\GoPcPro\GoPcPro\GoPcPro.exe Startup: C:\Users\{username}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GoPcPro.lnk [2016-09-16] ShortcutTarget: GoPcPro.lnk -> C:\Windows\System32\schtasks.exe (Microsoft Corporation) S2 Service1; C:\Program Files (x86)\GoPcPro\GoPcPro\updater.exe [51200 2015-09-10] () [File not signed] C:\Windows\System32\Tasks\GoPcPro C:\Users\{username}\Desktop\GoPcPro.lnk C:\Program Files (x86)\GoPcPro GoPcPro (HKLM-x32\...\GoPcPro) (Version: 2.1.0 - GoPcPro) Task: {D899F01E-2606-4FB8-810D-7C360EDD439F} - System32\Tasks\GoPcPro => C:\Program Files (x86)\GoPcPro\GoPcPro\GoPcPro.exe [2015-09-11] (GoPcPro) Alterations made by the installer: File system details [View: All details] (Selection) --------------------------------------------------- Adds the folder C:\Program Files (x86)\GoPcPro\GoPcPro Adds the file CircularProgressBar.dll"="2/4/2015 4:57 AM, 33792 bytes, A Adds the file CircularProgressBar.pdb"="2/4/2015 4:57 AM, 67072 bytes, A Adds the file ColourSliderLibrary.dll"="2/19/2015 12:20 AM, 12800 bytes, A Adds the file ColourSliderLibrary.pdb"="2/19/2015 5:28 AM, 26112 bytes, A Adds the file Comparers.dll"="4/17/2015 11:00 PM, 6144 bytes, A Adds the file cpupdates.exe"="9/10/2015 1:30 AM, 12288 bytes, A Adds the file cpupdates.exe.config"="3/11/2015 10:26 PM, 174 bytes, A Adds the file cpupdates.pdb"="3/12/2015 4:36 AM, 13824 bytes, A Adds the file DesktopAlert.dll"="5/14/2015 1:49 AM, 10752 bytes, A Adds the file DesktopAlert.pdb"="5/14/2015 1:49 AM, 24064 bytes, A Adds the file GetCurrentDirectory.dat"="5/13/2015 10:59 PM, 125 bytes, A Adds the file GoPcPro.application"="5/14/2015 1:50 AM, 1800 bytes, A Adds the file GoPcPro.exe"="9/11/2015 4:35 AM, 8693760 bytes, A Adds the file GoPcPro.exe.config"="3/31/2015 9:37 PM, 1508 bytes, A Adds the file GoPcPro.exe.manifest"="9/11/2015 4:35 AM, 23201 bytes, A Adds the file GoPcPro.pdb"="5/14/2015 1:50 AM, 1365504 bytes, A Adds the file GoPcPro.vshost.application"="5/13/2015 9:21 AM, 1800 bytes, A Adds the file GoPcPro.vshost.exe"="5/13/2015 10:55 PM, 22984 bytes, A Adds the file GoPcPro.vshost.exe.config"="3/31/2015 9:37 PM, 1508 bytes, A Adds the file GoPcPro.vshost.exe.manifest"="5/13/2015 9:21 AM, 23489 bytes, A Adds the file Hashing.dll"="4/17/2015 11:00 PM, 24576 bytes, A Adds the file InstallUtil.InstallLog"="9/16/2016 8:44 AM, 652 bytes, A Adds the file instservice.exe"="5/14/2015 1:58 AM, 38912 bytes, A Adds the file instservice.exe.config"="1/28/2015 12:16 AM, 613 bytes, A Adds the file instservice.pdb"="1/31/2015 1:24 AM, 110080 bytes, A Adds the file instservice.vshost.exe"="1/30/2015 12:09 AM, 22472 bytes, A Adds the file Ionic.Zip.Reduced.dll"="7/14/2014 5:36 PM, 253440 bytes, A Adds the file LedControl.dll"="3/6/2012 7:14 PM, 13824 bytes, A Adds the file LedControl.pdb"="3/6/2012 7:14 PM, 38400 bytes, A Adds the file license.txt"="7/22/2014 1:55 PM, 20597 bytes, A Adds the file log.txt"="9/16/2016 8:45 AM, 603 bytes, A Adds the file Logger.dll"="4/14/2003 2:06 PM, 7168 bytes, A Adds the file logo.ico"="2/3/2015 12:57 AM, 43737 bytes, A Adds the file Microsoft.Win32.TaskScheduler.dll"="7/14/2014 5:36 PM, 185856 bytes, A Adds the file Microsoft.Windows.Shell.dll"="10/19/2010 9:00 PM, 167808 bytes, A Adds the file mindscape.wpfelements.dll"="6/9/2014 3:36 PM, 3036672 bytes, A Adds the file mindscape.wpfelements.xml"="6/9/2014 3:36 PM, 1634501 bytes, A Adds the file MyWpfLibrary.dll"="4/5/2011 7:38 AM, 10752 bytes, A Adds the file MyWpfLibrary.pdb"="4/5/2011 7:38 AM, 28160 bytes, A Adds the file outputfilePath"="9/4/2015 2:23 AM, 0 bytes, A Adds the file pan.txt"="1/21/2015 2:28 AM, 3 bytes, A Adds the file passuac.exe"="6/9/2015 4:39 AM, 63488 bytes, A Adds the file passuac.exe.config"="5/12/2015 12:49 PM, 239 bytes, A Adds the file passuac.pdb"="2/26/2015 4:11 AM, 26112 bytes, A Adds the file passuac.vshost.exe"="2/26/2015 4:09 AM, 21464 bytes, A Adds the file PDSA.Common.dll"="2/19/2015 12:20 AM, 9728 bytes, A Adds the file PDSA.Common.pdb"="2/19/2015 5:28 AM, 26112 bytes, A Adds the file PDSA.WPF.dll"="2/19/2015 12:20 AM, 45056 bytes, A Adds the file PDSA.WPF.pdb"="2/19/2015 5:28 AM, 97792 bytes, A Adds the file RibbonControlsLibrary.dll"="12/9/2011 2:11 AM, 737280 bytes, A Adds the file ScanResults.Xml"="9/10/2015 12:30 AM, 1040 bytes, A Adds the file System.Windows.Controls.DataVisualization.Toolkit.dll"="3/2/2010 11:09 AM, 278872 bytes, A Adds the file System.Windows.Controls.Input.Toolkit.dll"="4/30/2015 10:15 PM, 109400 bytes, A Adds the file System.Windows.Controls.Layout.Toolkit.dll"="4/30/2015 10:15 PM, 95064 bytes, A Adds the file telerik.windows.controls.chart.dll"="10/16/2013 3:30 AM, 1308672 bytes, A Adds the file telerik.windows.controls.chart.pdb"="10/16/2013 3:30 AM, 2973184 bytes, A Adds the file telerik.windows.controls.chart.xml"="10/16/2013 3:30 AM, 819680 bytes, A Adds the file telerik.windows.controls.datavisualization.dll"="10/16/2013 3:32 AM, 4346368 bytes, A Adds the file telerik.windows.controls.datavisualization.pdb"="10/16/2013 3:32 AM, 6338048 bytes, A Adds the file telerik.windows.controls.datavisualization.xml"="10/16/2013 3:32 AM, 2527518 bytes, A Adds the file telerik.windows.controls.dll"="10/16/2013 3:27 AM, 3376640 bytes, A Adds the file telerik.windows.controls.pdb"="10/16/2013 3:27 AM, 4128256 bytes, A Adds the file telerik.windows.controls.xml"="10/16/2013 3:27 AM, 1882790 bytes, A Adds the file Telerik.Windows.Data.dll"="10/16/2013 3:28 AM, 453632 bytes, A Adds the file Telerik.Windows.Data.pdb"="10/16/2013 3:28 AM, 1607168 bytes, A Adds the file Telerik.Windows.Data.xml"="10/16/2013 3:28 AM, 351104 bytes, A Adds the file testwcf.exe"="10/5/2015 11:12 AM, 27648 bytes, A Adds the file testwcf.exe.config"="1/21/2015 1:56 AM, 614 bytes, A Adds the file testwcf.pdb"="2/20/2015 12:09 AM, 71168 bytes, A Adds the file testwcf.vshost.exe"="2/20/2015 12:10 AM, 22472 bytes, A Adds the file UIAutomationProvider.dll"="3/18/2010 6:31 PM, 21352 bytes, A Adds the file Uninstall.exe"="9/16/2016 8:44 AM, 145604 bytes, A Adds the file Uninstall.ini"="9/16/2016 8:44 AM, 8999 bytes, A Adds the file Update.exe"="8/25/2014 12:44 PM, 19968 bytes, A Adds the file updater.exe"="9/10/2015 1:30 AM, 51200 bytes, A Adds the file updater.exe.config"="3/18/2015 12:13 AM, 590 bytes, A Adds the file updater.InstallLog"="9/16/2016 8:44 AM, 669 bytes, A Adds the file updater.InstallState"="9/16/2016 8:44 AM, 7466 bytes, A Adds the file updater.pdb"="3/19/2015 11:40 PM, 134656 bytes, A Adds the file UpdateVersionId.dat"="4/29/2015 4:45 AM, 2 bytes, A Adds the file UrlHistoryLibrary.dll"="2/3/2015 11:12 PM, 24576 bytes, A Adds the file UrlHistoryLibrary.pdb"="2/3/2015 11:12 PM, 24064 bytes, A Adds the file VTRegScan.dll"="1/30/2015 11:29 PM, 75264 bytes, A Adds the file VTRegScan.pdb"="1/30/2015 11:29 PM, 93696 bytes, A Adds the file WpfAnimatedGif.dll"="5/2/2015 4:35 AM, 40448 bytes, A Adds the file WpfAnimatedGif.xml"="5/2/2015 4:35 AM, 11068 bytes, A Adds the file WPFToolkit.dll"="3/2/2010 11:09 AM, 467288 bytes, A Adds the folder C:\Program Files (x86)\GoPcPro\GoPcPro\ServerUpdate Adds the file Update.exe"="8/25/2014 12:44 PM, 19968 bytes, A Adds the folder C:\Program Files (x86)\GoPcPro\GoPcPro\Xml Adds the file GetCurrentDirectory.dat"="1/11/2015 7:57 AM, 28 bytes, A Adds the file log.txt"="1/21/2015 2:28 AM, 307 bytes, A Adds the file pan.txt"="1/21/2015 2:28 AM, 3 bytes, A Adds the file ScanResults.xml"="2/17/2015 4:16 AM, 1040 bytes, A Adds the file UpdateVersionId.dat"="3/11/2015 10:53 PM, 1 bytes, A Adds the folder C:\Program Files (x86)\GoPcPro\GoPcPro\Xml\Img Adds the file logo.png"="7/14/2014 5:36 PM, 26506 bytes, A In the existing folder C:\Users\{username}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Adds the file GoPcPro.lnk"="9/16/2016 8:44 AM, 1845 bytes, A In the existing folder C:\Users\{username}\Desktop Adds the file GoPcPro.lnk"="9/16/2016 8:44 AM, 1809 bytes, A In the existing folder C:\Windows\System32\Tasks Adds the file GoPcPro"="9/16/2016 8:44 AM, 3270 bytes, A Registry details [View: All details] (Selection) ------------------------------------------------ [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\GoPcPro] "DisplayIcon"="REG_SZ", "C:\Program Files (x86)\GoPcPro\GoPcPro\Uninstall.exe" "DisplayName"="REG_SZ", "GoPcPro" "DisplayVersion"="REG_SZ", "2.1.0" "EstimatedSize"="REG_DWORD", 47735 "HelpLink"="REG_SZ", "mailto:support@gopcpro.com" "InstallDate"="REG_SZ", "20160916" "InstallLocation"="REG_SZ", "C:\Program Files (x86)\GoPcPro\GoPcPro\" "InstallSource"="REG_SZ", "C:\Users\{username}\Desktop\" "Language"="REG_DWORD", 1033 "NoModify"="REG_DWORD", 1 "NoRepair"="REG_DWORD", 1 "Publisher"="REG_SZ", "GoPcPro" "UninstallString"="REG_SZ", "C:\Program Files (x86)\GoPcPro\GoPcPro\Uninstall.exe" "URLInfoAbout"="REG_SZ", "http://www.gopcpro.com/" "VersionMajor"="REG_DWORD", 2 "VersionMinor"="REG_DWORD", 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\Service1] "EventMessageFile"="REG_EXPAND_SZ, "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\EventLogMessages.dll" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Service1] "DelayedAutostart"="REG_DWORD", 0 "Description"="REG_SZ", "Plugins Update Service" "DisplayName"="REG_SZ", "Plugins Service" "ErrorControl"="REG_DWORD", 1 "ImagePath"="REG_EXPAND_SZ, ""C:\Program Files (x86)\GoPcPro\GoPcPro\updater.exe"" "ObjectName"="REG_SZ", "LocalSystem" "Start"="REG_DWORD", 2 "Type"="REG_DWORD", 16 Malwarebytes Anti-Malware log: Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 9/16/2016 Scan Time: 8:53 AM Logfile: mbamGoPCPro.txt Administrator: Yes Version: 2.2.1.1043 Malware Database: v2016.09.16.03 Rootkit Database: v2016.08.15.01 License: Premium Malware Protection: Disabled Malicious Website Protection: Enabled Self-protection: Enabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: {username} Scan Type: Threat Scan Result: Completed Objects Scanned: 320836 Time Elapsed: 9 min, 9 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 1 PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\GoPcPro.exe, 3384, Delete-on-Reboot, [488bdd954b4fd85e1db4d81741c3857b] Modules: 0 (No malicious items detected) Registry Keys: 3 PUP.Optional.GoPcPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\GoPcPro, Delete-on-Reboot, [f1e291e19dfdc3735d7bbd3246be3fc1], PUP.Optional.GoPcPro, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SERVICE1, Quarantined, [08cba3cf356568ce2ca711defa0a19e7], PUP.Optional.GoPcPro, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GoPcPro, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], Registry Values: 1 PUP.Optional.GoPcPro, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SERVICE1|ImagePath, "C:\Program Files (x86)\GoPcPro\GoPcPro\updater.exe", Quarantined, [08cba3cf356568ce2ca711defa0a19e7] Registry Data: 0 (No malicious items detected) Folders: 5 PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro, Delete-on-Reboot, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro, Delete-on-Reboot, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\ServerUpdate, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\Xml, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\Xml\Img, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], Files: 98 PUP.Optional.GoPcPro, C:\Users\{username}\Desktop\setup.exe, Quarantined, [43905022247681b5efeb8b645ca8d030], PUP.Optional.GoPcPro, C:\Users\{username}\Desktop\GoPcPro.lnk, Quarantined, [24af353dd5c5ce68ad230ce3c53f926e], PUP.Optional.GoPcPro, C:\Users\{username}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GoPcPro.lnk, Quarantined, [51824c263b5f340299394fa0947019e7], PUP.Optional.GoPcPro, C:\Windows\System32\Tasks\GoPcPro, Quarantined, [3b98d69c683246f06373c9269371e11f], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\updater.exe, Quarantined, [08cba3cf356568ce2ca711defa0a19e7], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\CircularProgressBar.dll, Delete-on-Reboot, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\CircularProgressBar.pdb, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\ColourSliderLibrary.dll, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\ColourSliderLibrary.pdb, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\Comparers.dll, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\cpupdates.exe, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\cpupdates.exe.config, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\cpupdates.pdb, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\DesktopAlert.dll, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\GetCurrentDirectory.dat, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\GoPcPro.application, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\GoPcPro.exe, Delete-on-Reboot, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\GoPcPro.exe.config, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\GoPcPro.exe.manifest, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\GoPcPro.pdb, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\GoPcPro.vshost.application, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\GoPcPro.vshost.exe, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\GoPcPro.vshost.exe.config, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\GoPcPro.vshost.exe.manifest, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\Hashing.dll, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\InstallUtil.InstallLog, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\instservice.exe, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\instservice.exe.config, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\instservice.pdb, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\instservice.vshost.exe, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\Ionic.Zip.Reduced.dll, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\LedControl.dll, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\LedControl.pdb, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\license.txt, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\log.txt, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\Logger.dll, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\logo.ico, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\Microsoft.Win32.TaskScheduler.dll, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\Microsoft.Windows.Shell.dll, Delete-on-Reboot, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\mindscape.wpfelements.dll, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\mindscape.wpfelements.xml, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\MyWpfLibrary.dll, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\MyWpfLibrary.pdb, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\outputfilePath, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\pan.txt, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\passuac.exe, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\passuac.exe.config, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\passuac.pdb, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\passuac.vshost.exe, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\PDSA.Common.dll, Delete-on-Reboot, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\PDSA.Common.pdb, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\PDSA.WPF.dll, Delete-on-Reboot, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\PDSA.WPF.pdb, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\RibbonControlsLibrary.dll, Delete-on-Reboot, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\System.Windows.Controls.DataVisualization.Toolkit.dll, Delete-on-Reboot, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\System.Windows.Controls.Input.Toolkit.dll, Delete-on-Reboot, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\System.Windows.Controls.Layout.Toolkit.dll, Delete-on-Reboot, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\telerik.windows.controls.chart.dll, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\telerik.windows.controls.chart.pdb, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\telerik.windows.controls.chart.xml, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\telerik.windows.controls.datavisualization.dll, Delete-on-Reboot, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\DesktopAlert.pdb, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\ScanResults.Xml, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\telerik.windows.controls.datavisualization.pdb, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\UpdateVersionId.dat, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\telerik.windows.controls.datavisualization.xml, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\telerik.windows.controls.dll, Delete-on-Reboot, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\telerik.windows.controls.pdb, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\telerik.windows.controls.xml, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\Telerik.Windows.Data.dll, Delete-on-Reboot, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\Telerik.Windows.Data.pdb, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\Telerik.Windows.Data.xml, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\testwcf.exe, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\testwcf.exe.config, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\testwcf.pdb, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\testwcf.vshost.exe, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\UIAutomationProvider.dll, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\Uninstall.exe, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\Uninstall.ini, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\Update.exe, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\updater.exe.config, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\updater.InstallLog, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\updater.InstallState, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\updater.pdb, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\UrlHistoryLibrary.dll, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\UrlHistoryLibrary.pdb, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\VTRegScan.dll, Delete-on-Reboot, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\VTRegScan.pdb, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\WpfAnimatedGif.dll, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\WpfAnimatedGif.xml, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\WPFToolkit.dll, Delete-on-Reboot, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\ServerUpdate\Update.exe, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\Xml\GetCurrentDirectory.dat, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\Xml\log.txt, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\Xml\pan.txt, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\Xml\ScanResults.xml, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\Xml\UpdateVersionId.dat, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], PUP.Optional.GoPcPro, C:\Program Files (x86)\GoPcPro\GoPcPro\Xml\Img\logo.png, Quarantined, [488bdd954b4fd85e1db4d81741c3857b], Physical Sectors: 0 (No malicious items detected) (end) As mentioned before the full version of Malwarebytes Anti-Malware could have protected your computer against this threat. We use different ways of protecting your computer(s): Dynamically Blocks Malware Sites & Servers Malware Execution Prevention Save yourself the hassle and get protected.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.