Jump to content

Used computer that needs cleaning!

mhawkin6

By mhawkin6
in Resolved Malware Removal Logs

 Share

Recommended Posts

mhawkin6

mhawkin6

Posted
Posted

I have scanned using malwarebytes and found approx 330 detections. I have reviewed similar thread https://forums.malwarebytes.org/index.php?showtopic=138885, but do not want to delete something that is a false detection. Please advise as to what I can do make this computer usable again.

 

See below the log file with several trogan agents specified. Please advise what other reports need to be run.

 

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.12.27.01
 
Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 8.0.6001.19328
Lisa :: LISA-PC [administrator]
 
Protection: Disabled
 
12/27/2013 11:36:36 AM
mbam-log-2013-12-27 (11-36-36).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 254472
Time elapsed: 16 minute(s), 29 second(s)
 
Memory Processes Detected: 5
C:\ProgramData\InternetUpdater\InternetUpdaterService.exe (PUP.Optional.InternetUpdater.A) -> 3124 -> No action taken.
C:\ProgramData\Updater\updater.exe (Trojan.Agent) -> 3808 -> No action taken.
C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe (PUP.Optional.SearchDonkey.A) -> 5416 -> Delete on reboot.
C:\ProgramData\RHelpers\IeHelper\IeHelper.exe (PUP.Optional.SearchDonkey.A) -> 5148 -> Delete on reboot.
C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe (PUP.Optional.Adpeak) -> 2144 -> Delete on reboot.
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 89
HKLM\SYSTEM\CurrentControlSet\Services\InternetUpdater (PUP.Optional.InternetUpdater.A) -> No action taken.
HKCR\CLSID\{11111111-1111-1111-1111-110311961178} (PUP.Optional.PlusHD.A) -> No action taken.
HKCR\TypeLib\{44444444-4444-4444-4444-440344964478} (PUP.Optional.PlusHD.A) -> No action taken.
HKCR\Interface\{55555555-5555-5555-5555-550355965578} (PUP.Optional.PlusHD.A) -> No action taken.
HKCR\CrossriderApp0039678.BHO.1 (PUP.Optional.PlusHD.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311961178} (PUP.Optional.PlusHD.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311961178} (PUP.Optional.PlusHD.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311961178} (PUP.Optional.PlusHD.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311961178} (PUP.Optional.PlusHD.A) -> No action taken.
HKCR\CLSID\{11111111-1111-1111-1111-110411151152} (PUP.Optional.Lyrics.A) -> No action taken.
HKCR\TypeLib\{44444444-4444-4444-4444-440444154452} (PUP.Optional.Lyrics.A) -> No action taken.
HKCR\Interface\{55555555-5555-5555-5555-550455155552} (PUP.Optional.Lyrics.A) -> No action taken.
HKCR\CrossriderApp0041552.BHO.1 (PUP.Optional.Lyrics.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411151152} (PUP.Optional.Lyrics.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110411151152} (PUP.Optional.Lyrics.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411151152} (PUP.Optional.Lyrics.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110411151152} (PUP.Optional.Lyrics.A) -> No action taken.
HKCR\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007} (PUP.Optional.DefaultTab.A) -> No action taken.
HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> No action taken.
HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} (PUP.Optional.OptimzerPro.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InternetUpdater (PUP.Optional.InternetUpdater.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1 (PUP.Optional.RegCleanPro.A) -> No action taken.
HKCR\CrossriderApp0039678.BHO (PUP.Optional.CrossRider.A) -> No action taken.
HKCR\CrossriderApp0039678.Sandbox (PUP.Optional.CrossRider.A) -> No action taken.
HKCR\CrossriderApp0039678.Sandbox.1 (PUP.Optional.CrossRider.A) -> No action taken.
HKCR\CrossriderApp0041552.BHO (PUP.Optional.CrossRider.A) -> No action taken.
HKCR\CrossriderApp0041552.Sandbox (PUP.Optional.CrossRider.A) -> No action taken.
HKCR\CrossriderApp0041552.Sandbox.1 (PUP.Optional.CrossRider.A) -> No action taken.
HKCR\CrossriderApp0046762.BHO (PUP.Optional.CrossRider.A) -> No action taken.
HKCR\CrossriderApp0046762.BHO.1 (PUP.Optional.CrossRider.A) -> No action taken.
HKCR\CrossriderApp0046762.Sandbox (PUP.Optional.CrossRider.A) -> No action taken.
HKCR\CrossriderApp0046762.Sandbox.1 (PUP.Optional.CrossRider.A) -> No action taken.
HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> No action taken.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> No action taken.
HKCU\Software\InstalledBrowserExtensions\Lyrics (PUP.Optional.Lyrics.A) -> No action taken.
HKCU\Software\InstalledBrowserExtensions\Plus HD (PUP.Optional.PlusHD.A) -> No action taken.
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings (PUP.Optional.BProtector.A) -> No action taken.
HKCU\Software\Systweak\RegClean Pro (PUP.Optional.RegCleanerPro.A) -> No action taken.
HKLM\SOFTWARE\Adpeak, Inc. (PUP.Optional.AdpeakProxy) -> No action taken.
HKLM\SOFTWARE\Plus-HD-4.5 (PUP.Optional.PlusHD.A) -> No action taken.
HKLM\SOFTWARE\DATAMNGR\GENERAL (PUP.Optional.Datamngr.A) -> No action taken.
HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff (PUP.Optional.MySearchDial.A) -> No action taken.
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\LSNFD (PUP.Optional.Linksicle) -> No action taken.
HKLM\Software\LyricsSay-1 (PUP.Optional.LyricsSay.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-4.5 (PUP.Optional.PlusHD.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411671162} (PUP.Optional.CrossRider.M) -> No action taken.
HKCR\CLSID\{11111111-1111-1111-1111-110411671162} (PUP.Optional.CrossRider.M) -> No action taken.
HKCR\TypeLib\{44444444-4444-4444-4444-440444674462} (PUP.Optional.CrossRider.M) -> No action taken.
HKCR\Interface\{55555555-5555-5555-5555-550455675562} (PUP.Optional.CrossRider.M) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110411671162} (PUP.Optional.CrossRider.M) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411671162} (PUP.Optional.CrossRider.M) -> No action taken.
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8} (PUP.Optional.Delta) -> Quarantined and deleted successfully.
HKCR\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D} (PUP.Optional.Delta) -> Quarantined and deleted successfully.
HKCR\esrv.deltaESrvc.1 (PUP.Optional.Delta) -> Quarantined and deleted successfully.
HKCR\esrv.deltaESrvc (PUP.Optional.Delta) -> Quarantined and deleted successfully.
HKCR\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\delta.deltadskBnd.1 (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\delta.deltadskBnd (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\delta.deltaHlpr.1 (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\delta.deltaHlpr (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\Typelib\{4599D05A-D545-4069-BB42-5895B4EAE05B} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\Interface\{1231839B-064E-4788-B865-465A1B5266FD} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E} (PUP.Optional.BearshareTB.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\Level Quality Watcher (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
HKCR\BearshareIEHelper.DNSGuard (PUP.Optional.BearshareTB.A) -> Quarantined and deleted successfully.
HKCR\BearshareIEHelper.DNSGuard.1 (PUP.Optional.BearshareTB.A) -> Quarantined and deleted successfully.
HKCR\AppID\AdpeakProxy.exe (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
HKCR\Wow6432Node\AppID\AdpeakProxy.exe (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\DealPlyLive (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\glindorus (PUP.Optional.Glindorus.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\DELTA\DELTA (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCU\Software\mysearchdial.com (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCU\Software\AppDataLow\Software\Scorpion Saver (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
HKCU\Software\Conduit\FF (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
HKCU\Software\Conduit\ValueApps (PUP.Optional.ValueApps.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\DELTA\DELTA\IESTRG (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Delta\delta\Instl (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Adpeak, Inc. (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Wow6432Node\Adpeak, Inc. (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LyricsSay-1 (PUP.Optional.LyricsSay.A) -> Quarantined and deleted successfully.
 
Registry Values Detected: 14
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|bProtector Start Page (PUP.BProtector) -> Data: http://www.delta-search.com/?babsrc=HP_ss&mntrId=5E2300242B793A34&affID=119557&tsp=5025 -> No action taken.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|bProtectorDefaultScope (PUP.BProtector) -> Data: {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} -> No action taken.
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: 0X2O1C0R2R1R -> No action taken.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Updater (Trojan.Agent) -> Data: C:\ProgramData\Updater\updater.exe -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Updater (Trojan.Agent) -> Data: C:\ProgramData\Updater\Updater.exe -> No action taken.
HKLM\SOFTWARE\Datamngr\General|ie_hp_supported (PUP.Optional.Datamngr.A) -> Data: 1 -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|DictionaryBoss Search Scope Monitor (PUP.Optional.MindSpark) -> Data: "C:\PROGRA~2\DICTIO~2\bar\1.bin\v4srchmn.exe" /m=2 /w /h -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\InternetUpdater|ImagePath (PUP.Optional.InternetUpdater.A) -> Data: "C:\ProgramData\InternetUpdater\InternetUpdaterService.exe" -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\lsnfd|ImagePath (PUP.Optional.Linksicle) -> Data: system32\drivers\lsnfd.sys -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Data: Delta Toolbar -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Data:  -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Delta\Delta|tlbrSrchUrl (PUP.Optional.Delta.A) -> Data:  -> Quarantined and deleted successfully.
HKCU\Software\Delta\delta|lastB (PUP.Optional.Delta.A) -> Data: http://home.tb.ask.com/index.jhtml?n=77FD35DB&p2=^XQ^xdm003^S06946^us&ptb=EC1EE61E-C467-40FF-8ADC-DC525216AB7E&si=CMiO37H_9rkCFWZk7AodkzYABQ -> Quarantined and deleted successfully.
HKCU\Software\Delta\delta\iestrg|tlbrsrchurl (PUP.Optional.Delta.A) -> Data:  -> Quarantined and deleted successfully.
 
Registry Data Items Detected: 3
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.Datamngr.A) -> Bad: (c:\progra~3\wincert\win32c~1.dll) Good: () -> No action taken.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.AskWebSearch) -> Bad: (http://home.tb.ask.com/index.jhtml?n=77FD35DB&p2=^XQ^xdm003^S06946^us&ptb=EC1EE61E-C467-40FF-8ADC-DC525216AB7E&si=CMiO37H_9rkCFWZk7AodkzYABQ) Good: (http://www.google.com) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.MySearchDial.A) -> Bad: (http://start.mysearchdial.com/?f=1&a=dsites&cd=2XzuyEtN2Y1L1QzutDtDtByEtB0ByBzytA0AtAyEzy0BzzyCtN0D0Tzu0CyBtDyEtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1371120047&ir=) Good: (http://www.google.com) -> Quarantined and repaired successfully.
 
Folders Detected: 29
C:\ProgramData\InternetUpdater (PUP.Optional.InternetUpdater.A) -> No action taken.
C:\Users\Lisa\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> No action taken.
C:\Program Files (x86)\RegClean Pro (PUP.Optional.RegCleanPro.A) -> No action taken.
C:\Users\Lisa\Documents\Optimizer Pro (PUP.Optional.OptimizerPro.A) -> No action taken.
C:\Users\Lisa\AppData\Roaming\BabSolution (PUP.Optional.BabSolution.A) -> No action taken.
C:\Users\Lisa\AppData\Roaming\BabSolution\CR (PUP.Optional.BabSolution.A) -> No action taken.
C:\Users\Lisa\AppData\Roaming\BabSolution\Shared (PUP.Optional.BabSolution.A) -> No action taken.
C:\Program Files (x86)\Plus-HD-4.5 (PUP.Optional.PlusHD.A) -> No action taken.
C:\Users\Lisa\AppData\Roaming\Systweak\RegClean Pro (PUP.Optional.RegCleanerPro.A) -> No action taken.
C:\Users\Lisa\AppData\Roaming\Systweak\RegClean Pro\Version 6.1 (PUP.Optional.RegCleanerPro.A) -> No action taken.
C:\Users\Lisa\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups (PUP.Optional.RegCleanerPro.A) -> No action taken.
C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb (PUP.Optional.MultiIE) -> No action taken.
C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.49_0 (PUP.Optional.MultiIE) -> No action taken.
C:\Program Files\Level Quality Watcher\v1.01 (PUP.Optional.Adpeak) -> Delete on reboot.
C:\ProgramData\DealPlyLive (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\ProgramData\DealPlyLive\Update (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\ProgramData\DealPlyLive\Update\Log (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Users\Lisa\AppData\Roaming\Dealply (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Users\Lisa\AppData\Roaming\Dealply\UpdateProc (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Users\Lisa\AppData\Local\DealPlyLive (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Users\Lisa\AppData\Local\DealPlyLive\CrashReports (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Music Toolbar\Datamngr (PUP.Optional.MusicBoxToolBar.A) -> Delete on reboot.
C:\Program Files (x86)\Music Toolbar\Datamngr\x64 (PUP.Optional.MusicBoxToolBar.A) -> Delete on reboot.
C:\Program Files (x86)\LyricsSay-1 (PUP.Optional.LyricsSay.A) -> Quarantined and deleted successfully.
C:\ProgramData\Conduit\IE (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\ProgramData\Conduit\IE\CT3315826 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\ProgramData\RHelpers\ChromeHelper (PUP.Optional.Searchagent) -> Delete on reboot.
C:\ProgramData\RHelpers\IeHelper (PUP.Optional.Searchagent) -> Delete on reboot.
C:\ProgramData\Conduit\Multi\CT3306926 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
 
Files Detected: 185
C:\ProgramData\InternetUpdater\InternetUpdaterService.exe (PUP.Optional.InternetUpdater.A) -> No action taken.
C:\Program Files (x86)\Plus-HD-4.5\Plus-HD-4.5-bho.dll (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files (x86)\LyricsSay-1\LyricsSay-1-bho.dll (PUP.Optional.Lyrics.A) -> No action taken.
C:\Program Files (x86)\LyricsSay-1\LyricsSay-1-bho64.dll (PUP.Optional.Lyrics.A) -> No action taken.
C:\Users\Lisa\AppData\Roaming\BabSolution\Shared\BabMaint.exe (PUP.Optional.Babylon.A) -> No action taken.
C:\Users\Lisa\Downloads\google earth setup.exe (PUP.Optional.Soft32.A) -> No action taken.
C:\Users\Lisa\Downloads\Google%20Earth.exe (PUP.Optional.Firseria) -> No action taken.
C:\Users\Lisa\Downloads\iLividSetup-r1267-n-bf.exe (PUP.Optional.Bandoo) -> No action taken.
C:\Users\Lisa\Downloads\iMeshSetup-r221-w-bf(2).exe (PUP.Optional.Bandoo.A) -> No action taken.
C:\Users\Lisa\Downloads\java.exe (PUP.Optional.Smart) -> No action taken.
C:\Users\Lisa\Downloads\mozilla firefox setup.exe (PUP.Optional.Soft32.A) -> No action taken.
C:\Users\Lisa\Downloads\rcpsetup_r.exe (PUP.Optional.RegCleanerPro) -> No action taken.
C:\Users\Lisa\Downloads\Setup(1).exe (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Lisa\Downloads\Setup.exe (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Lisa\Downloads\SocialNetworksSetup.exe (PUP.Optional.Inbox) -> No action taken.
C:\Users\Lisa\Downloads\Updater_Setup.exe (PUP.Optional.iBryte) -> No action taken.
C:\ProgramData\InternetUpdater\InternetUpdater.ico (PUP.Optional.InternetUpdater.A) -> No action taken.
C:\ProgramData\InternetUpdater\app.dat (PUP.Optional.InternetUpdater.A) -> No action taken.
C:\ProgramData\InternetUpdater\data.dat (PUP.Optional.InternetUpdater.A) -> No action taken.
C:\ProgramData\InternetUpdater\InternetUpdaterService.exe.config (PUP.Optional.InternetUpdater.A) -> No action taken.
C:\ProgramData\InternetUpdater\Uninstall.exe (PUP.Optional.InternetUpdater.A) -> No action taken.
C:\Windows\Tasks\RegClean Pro_UPDATES.job (PUP.Optional.RegCleanerPro.J) -> No action taken.
C:\Windows\Tasks\Plus-HD-4.5-chromeinstaller.job (PUP.Optional.PlusHD.A) -> No action taken.
C:\Windows\Tasks\Plus-HD-4.5-codedownloader.job (PUP.Optional.PlusHD.A) -> No action taken.
C:\Windows\Tasks\Plus-HD-4.5-enabler.job (PUP.Optional.PlusHD.A) -> No action taken.
C:\Windows\Tasks\Plus-HD-4.5-firefoxinstaller.job (PUP.Optional.PlusHD.A) -> No action taken.
C:\Windows\Tasks\Plus-HD-4.5-updater.job (PUP.Optional.PlusHD.A) -> No action taken.
C:\Users\Lisa\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> No action taken.
C:\Program Files (x86)\RegClean Pro\TraditionalCn_rcp_zh-tw.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
C:\Program Files (x86)\RegClean Pro\Chinese_rcp.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
C:\Program Files (x86)\RegClean Pro\CleanSchedule.exe (PUP.Optional.RegCleanPro.A) -> No action taken.
C:\Program Files (x86)\RegClean Pro\Cloud_Backup_Setup.exe (PUP.Optional.RegCleanPro.A) -> No action taken.
C:\Program Files (x86)\RegClean Pro\Cloud_Backup_Setup_Intl.exe (PUP.Optional.RegCleanPro.A) -> No action taken.
C:\Program Files (x86)\RegClean Pro\Danish_rcp.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
C:\Program Files (x86)\RegClean Pro\Dutch_rcp.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
C:\Program Files (x86)\RegClean Pro\eng_rcp.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
C:\Program Files (x86)\RegClean Pro\Finnish_rcp_fi.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
C:\Program Files (x86)\RegClean Pro\French_rcp.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
C:\Program Files (x86)\RegClean Pro\German_rcp.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
C:\Program Files (x86)\RegClean Pro\greek_rcp_el.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
C:\Program Files (x86)\RegClean Pro\install_left_image.bmp (PUP.Optional.RegCleanPro.A) -> No action taken.
C:\Program Files (x86)\RegClean Pro\isxdl.dll (PUP.Optional.RegCleanPro.A) -> No action taken.
C:\Program Files (x86)\RegClean Pro\Italian_rcp.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
C:\Program Files (x86)\RegClean Pro\Japanese_rcp.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
C:\Program Files (x86)\RegClean Pro\korean_rcp_ko.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
C:\Program Files (x86)\RegClean Pro\Norwegian_rcp.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
C:\Program Files (x86)\RegClean Pro\polish_rcp_pl.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
C:\Program Files (x86)\RegClean Pro\portugese_rcp_pt.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
C:\Program Files (x86)\RegClean Pro\Portuguese_rcp.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
C:\Program Files (x86)\RegClean Pro\RCPUninstall.exe (PUP.Optional.RegCleanPro.A) -> No action taken.
C:\Program Files (x86)\RegClean Pro\RegCleanPro.dll (PUP.Optional.RegCleanPro.A) -> No action taken.
C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe (PUP.Optional.RegCleanPro.A) -> No action taken.
C:\Program Files (x86)\RegClean Pro\russian_rcp_ru.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
C:\Program Files (x86)\RegClean Pro\Spanish_rcp.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
C:\Program Files (x86)\RegClean Pro\Swedish_rcp.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
C:\Program Files (x86)\RegClean Pro\systweakasp.exe (PUP.Optional.RegCleanPro.A) -> No action taken.
C:\Program Files (x86)\RegClean Pro\turkish_rcp_tr.ini (PUP.Optional.RegCleanPro.A) -> No action taken.
C:\Program Files (x86)\RegClean Pro\unins000.dat (PUP.Optional.RegCleanPro.A) -> No action taken.
C:\Program Files (x86)\RegClean Pro\unins000.exe (PUP.Optional.RegCleanPro.A) -> No action taken.
C:\Program Files (x86)\RegClean Pro\unins000.msg (PUP.Optional.RegCleanPro.A) -> No action taken.
C:\Program Files (x86)\RegClean Pro\xmllite.dll (PUP.Optional.RegCleanPro.A) -> No action taken.
C:\Windows\Tasks\RegClean Pro_DEFAULT.job (PUP.Optional.RegCleanPro.A) -> No action taken.
C:\Users\Lisa\Documents\Optimizer Pro\CookiesException.txt (PUP.Optional.OptimizerPro.A) -> No action taken.
C:\ProgramData\Wincert\win32cert.dll (PUP.Optional.Datamngr.A) -> No action taken.
C:\ProgramData\Wincert\win64cert.dll (PUP.Optional.Datamngr.A) -> No action taken.
C:\ProgramData\Wincert\win32prop.dll (PUP.Optional.Datamngr.A) -> No action taken.
C:\ProgramData\Wincert\win64prop.dll (PUP.Optional.Datamngr.A) -> No action taken.
C:\Windows\Tasks\LyricsSay-1-codedownloader.job (PUP.Optional.Lyrics.A) -> No action taken.
C:\Windows\Tasks\LyricsSay-1-enabler.job (PUP.Optional.Lyrics.A) -> No action taken.
C:\Windows\Tasks\LyricsSay-1-firefoxinstaller.job (PUP.Optional.Lyrics.A) -> No action taken.
C:\Windows\Tasks\LyricsSay-1-updater.job (PUP.Optional.Lyrics.A) -> No action taken.
C:\ProgramData\Updater\updater.exe (Trojan.Agent) -> No action taken.
C:\Users\Lisa\AppData\Roaming\BabSolution\Shared\BUSolution.dll (PUP.Optional.BabSolution.A) -> No action taken.
C:\Users\Lisa\AppData\Roaming\BabSolution\Shared\chu.js (PUP.Optional.BabSolution.A) -> No action taken.
C:\Users\Lisa\AppData\Roaming\BabSolution\Shared\Delta.ico (PUP.Optional.BabSolution.A) -> No action taken.
C:\Users\Lisa\AppData\Roaming\BabSolution\Shared\GUninstaller.exe (PUP.Optional.BabSolution.A) -> No action taken.
C:\Users\Lisa\AppData\Roaming\BabSolution\Shared\SetupParams.ini (PUP.Optional.BabSolution.A) -> No action taken.
C:\Users\Lisa\AppData\Roaming\BabSolution\Shared\sqlite3.dll (PUP.Optional.BabSolution.A) -> No action taken.
C:\Program Files (x86)\Plus-HD-4.5\39678.crx (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files (x86)\Plus-HD-4.5\39678.xpi (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files (x86)\Plus-HD-4.5\background.html (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files (x86)\Plus-HD-4.5\Installer.log (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files (x86)\Plus-HD-4.5\Plus-HD-4.5-bg.exe (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files (x86)\Plus-HD-4.5\Plus-HD-4.5-bho64.dll (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files (x86)\Plus-HD-4.5\Plus-HD-4.5-buttonutil.dll (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files (x86)\Plus-HD-4.5\Plus-HD-4.5-buttonutil.exe (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files (x86)\Plus-HD-4.5\Plus-HD-4.5-buttonutil64.dll (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files (x86)\Plus-HD-4.5\Plus-HD-4.5-buttonutil64.exe (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files (x86)\Plus-HD-4.5\Plus-HD-4.5-chromeinstaller.exe (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files (x86)\Plus-HD-4.5\Plus-HD-4.5-codedownloader.exe (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files (x86)\Plus-HD-4.5\Plus-HD-4.5-enabler.exe (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files (x86)\Plus-HD-4.5\Plus-HD-4.5-firefoxinstaller.exe (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files (x86)\Plus-HD-4.5\Plus-HD-4.5-helper.exe (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files (x86)\Plus-HD-4.5\Plus-HD-4.5-updater.exe (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files (x86)\Plus-HD-4.5\Plus-HD-4.5.ico (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files (x86)\Plus-HD-4.5\Uninstall.exe (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files (x86)\Plus-HD-4.5\utils.exe (PUP.Optional.PlusHD.A) -> No action taken.
C:\Users\Lisa\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\1386718683.reg (PUP.Optional.RegCleanerPro.A) -> No action taken.
C:\Users\Lisa\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\bl.txt (PUP.Optional.RegCleanerPro.A) -> No action taken.
C:\Users\Lisa\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\eng_rcp.dat (PUP.Optional.RegCleanerPro.A) -> No action taken.
C:\Users\Lisa\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\ExcludeList.rcp (PUP.Optional.RegCleanerPro.A) -> No action taken.
C:\Users\Lisa\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_12-17-2013.log (PUP.Optional.RegCleanerPro.A) -> No action taken.
C:\Users\Lisa\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_12-18-2013.log (PUP.Optional.RegCleanerPro.A) -> No action taken.
C:\Users\Lisa\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_12-21-2013.log (PUP.Optional.RegCleanerPro.A) -> No action taken.
C:\Users\Lisa\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_12-25-2013.log (PUP.Optional.RegCleanerPro.A) -> No action taken.
C:\Users\Lisa\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_12-26-2013.log (PUP.Optional.RegCleanerPro.A) -> No action taken.
C:\Users\Lisa\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\rcpupdate.ini (PUP.Optional.RegCleanerPro.A) -> No action taken.
C:\Users\Lisa\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\results.rcp (PUP.Optional.RegCleanerPro.A) -> No action taken.
C:\Users\Lisa\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\summary2.bin (PUP.Optional.RegCleanerPro.A) -> No action taken.
C:\Users\Lisa\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\TempHLList.rcp (PUP.Optional.RegCleanerPro.A) -> No action taken.
C:\Users\Lisa\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000001.rmx (PUP.Optional.RegCleanerPro.A) -> No action taken.
C:\Users\Lisa\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000001.rxb (PUP.Optional.RegCleanerPro.A) -> No action taken.
C:\Users\Lisa\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000002.rmx (PUP.Optional.RegCleanerPro.A) -> No action taken.
C:\Users\Lisa\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000002.rxb (PUP.Optional.RegCleanerPro.A) -> No action taken.
C:\Users\Lisa\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000003.rmx (PUP.Optional.RegCleanerPro.A) -> No action taken.
C:\Users\Lisa\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000003.rxb (PUP.Optional.RegCleanerPro.A) -> No action taken.
C:\Users\Lisa\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000004.rmx (PUP.Optional.RegCleanerPro.A) -> No action taken.
C:\Users\Lisa\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000004.rxb (PUP.Optional.RegCleanerPro.A) -> No action taken.
C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.49_0\announce.js (PUP.Optional.MultiIE) -> No action taken.
C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.49_0\background.html (PUP.Optional.MultiIE) -> No action taken.
C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.49_0\common.js (PUP.Optional.MultiIE) -> No action taken.
C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.49_0\contentscript.js (PUP.Optional.MultiIE) -> No action taken.
C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.49_0\icon128.png (PUP.Optional.MultiIE) -> No action taken.
C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.49_0\icon16.png (PUP.Optional.MultiIE) -> No action taken.
C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.49_0\icon48.png (PUP.Optional.MultiIE) -> No action taken.
C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.49_0\iframecontentscript.js (PUP.Optional.MultiIE) -> No action taken.
C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.49_0\manifest.json (PUP.Optional.MultiIE) -> No action taken.
C:\Program Files (x86)\Video Recommendation\Video Recommendation-bho.dll (PUP.Optional.CrossRider.M) -> No action taken.
C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe (PUP.Optional.SearchDonkey.A) -> Delete on reboot.
C:\ProgramData\RHelpers\IeHelper\IeHelper.exe (PUP.Optional.SearchDonkey.A) -> Delete on reboot.
C:\Users\Lisa\AppData\Roaming\Dealply\UpdateProc\UpdateTask.exe (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Users\Lisa\AppData\Roaming\SearchProtect\Res\SPSetup.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\$RECYCLE.BIN\S-1-5-21-1284134332-2191118428-2470687600-1000\$RXPIN2W\prxtbGame.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\temp\000.exe (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
C:\temp\InstallServices64.msi (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
C:\temp\scorpionsaver.exe (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.
C:\temp\ScorpionSaver.msi (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
C:\Windows\System32\AdpeakProxy.dll (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
C:\Users\Lisa\AppData\Local\Temp\tbGame.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\Users\Lisa\AppData\Local\mysearchdial-speeddial.crx (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Lisa\Desktop\MySearchDial.url (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe (PUP.Optional.Adpeak) -> Delete on reboot.
C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher32.exe (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\AdpeakProxy.dll (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
C:\Users\Lisa\AppData\Local\Temp\AdpeakProxyr.log (PUP.Optional.AdpeakProxy) -> Quarantined and deleted successfully.
C:\Windows\Temp\AdpeakProxy.log (PUP.Optional.AdpeakProxy) -> Quarantined and deleted successfully.
C:\Windows\Temp\AdpeakProxyr.log (PUP.Optional.AdpeakProxy) -> Quarantined and deleted successfully.
C:\ProgramData\DealPlyLive\Update\Log\DealPlyLive.log (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Users\Lisa\AppData\Roaming\Dealply\UpdateProc\config.dat (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Users\Lisa\AppData\Roaming\Dealply\UpdateProc\TTL.DAT (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Music Toolbar\Datamngr\apcrtldr.dll (PUP.Optional.MusicBoxToolBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Music Toolbar\Datamngr\Datamngr.dll (PUP.Optional.MusicBoxToolBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Music Toolbar\Datamngr\DatamngrCoordinator.exe (PUP.Optional.MusicBoxToolBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Music Toolbar\Datamngr\DatamngrUI.exe (PUP.Optional.MusicBoxToolBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Music Toolbar\Datamngr\favicon.ico (PUP.Optional.MusicBoxToolBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Music Toolbar\Datamngr\Helper.dll (PUP.Optional.MusicBoxToolBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Music Toolbar\Datamngr\IEBHO.dll (PUP.Optional.MusicBoxToolBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Music Toolbar\Datamngr\Internet Explorer Settings.exe (PUP.Optional.MusicBoxToolBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Music Toolbar\Datamngr\mgrldr.dll (PUP.Optional.MusicBoxToolBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Music Toolbar\Datamngr\Uninstall.exe (PUP.Optional.MusicBoxToolBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Music Toolbar\Datamngr\x64\apcrtldr.dll (PUP.Optional.MusicBoxToolBar.A) -> Delete on reboot.
C:\Program Files (x86)\Music Toolbar\Datamngr\x64\Datamngr.dll (PUP.Optional.MusicBoxToolBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Music Toolbar\Datamngr\x64\IEBHO.dll (PUP.Optional.MusicBoxToolBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Music Toolbar\Datamngr\x64\Internet Explorer Settings.exe (PUP.Optional.MusicBoxToolBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Music Toolbar\Datamngr\x64\mgrldr.dll (PUP.Optional.MusicBoxToolBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\LyricsSay-1\41552.xpi (PUP.Optional.LyricsSay.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\LyricsSay-1\background.html (PUP.Optional.LyricsSay.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\LyricsSay-1\Installer.log (PUP.Optional.LyricsSay.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\LyricsSay-1\LyricsSay-1-bg.exe (PUP.Optional.LyricsSay.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\LyricsSay-1\LyricsSay-1-buttonutil.dll (PUP.Optional.LyricsSay.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\LyricsSay-1\LyricsSay-1-buttonutil.exe (PUP.Optional.LyricsSay.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\LyricsSay-1\LyricsSay-1-buttonutil64.dll (PUP.Optional.LyricsSay.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\LyricsSay-1\LyricsSay-1-buttonutil64.exe (PUP.Optional.LyricsSay.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\LyricsSay-1\LyricsSay-1-codedownloader.exe (PUP.Optional.LyricsSay.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\LyricsSay-1\LyricsSay-1-enabler.exe (PUP.Optional.LyricsSay.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\LyricsSay-1\LyricsSay-1-firefoxinstaller.exe (PUP.Optional.LyricsSay.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\LyricsSay-1\LyricsSay-1-helper.exe (PUP.Optional.LyricsSay.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\LyricsSay-1\LyricsSay-1-updater.exe (PUP.Optional.LyricsSay.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\LyricsSay-1\LyricsSay-1.ico (PUP.Optional.LyricsSay.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\LyricsSay-1\Uninstall.exe (PUP.Optional.LyricsSay.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\LyricsSay-1\utils.exe (PUP.Optional.LyricsSay.A) -> Quarantined and deleted successfully.
C:\ProgramData\Conduit\IE\CT3315826\UninstallerUI.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\ProgramData\Conduit\Multi\CT3306926\configutaion.json (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\ProgramData\Conduit\Multi\CT3306926\SetupIcon.ico (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\ProgramData\Conduit\Multi\CT3306926\UninstallerUI.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
 
(end)
 
Link to post
Share on other sites
MrCharlie

MrCharlie

Posted
Posted

Welcome to the forum, please make sure you have system restore running and create a new restore point before continuing.

Then:

Lets clean out any adware/spyware now: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

Make sure you click on download buttons that look similar to this, not "sponsored ad links":

bleep-crop.jpg

  • Double click on AdwCleaner.exe to run the tool.

    Vista/Windows 7/8 users right-click and select Run As Administrator

  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.
Then..................

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a FULL Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

Please let me know how computer is running now, MrC

Link to post
Share on other sites
mhawkin6

mhawkin6

Posted
  • Author
Posted

MrCharlie,

 

Thanks for helping, my computer is already running much much better. Below is the MWB report. I have not yet removed the detections from the full scan. See the report below. Is it safe to remove all detections? I am unsure about removing those detections in the directory HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\...

 

Please advise.

 

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.12.28.04
 
Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 8.0.6001.19489
Lisa :: LISA-PC [administrator]
 
Protection: Enabled
 
12/28/2013 10:49:23 PM
MBAM-log-2013-12-29 (02-23-47).txt
 
Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 505964
Time elapsed: 3 hour(s), 15 minute(s), 46 second(s)
 
Memory Processes Detected: 1
C:\ProgramData\InternetUpdater\InternetUpdaterService.exe (PUP.Optional.InternetUpdater.A) -> 2268 -> No action taken.
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 15
HKLM\SYSTEM\CurrentControlSet\Services\InternetUpdater (PUP.Optional.InternetUpdater.A) -> No action taken.
HKCR\CLSID\{D0C21091-FF8E-432C-9006-0540E81BA9D7} (PUP.Optional.GreatArcadeHits.A) -> No action taken.
HKCR\TypeLib\{5530C971-3D8F-471B-AC49-4CC23FA955E2} (PUP.Optional.GreatArcadeHits.A) -> No action taken.
HKCR\Interface\{7FBC7ADD-4D75-4685-9BD4-30D3FBDD3AB4} (PUP.Optional.GreatArcadeHits.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0C21091-FF8E-432C-9006-0540E81BA9D7} (PUP.Optional.GreatArcadeHits.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{D0C21091-FF8E-432C-9006-0540E81BA9D7} (PUP.Optional.GreatArcadeHits.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D0C21091-FF8E-432C-9006-0540E81BA9D7} (PUP.Optional.GreatArcadeHits.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InternetUpdater (PUP.Optional.InternetUpdater.A) -> No action taken.
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\LSNFD (PUP.Optional.Linksicle) -> No action taken.
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{856AD396-519D-4C7A-BED6-6785F64924BC} (PUP.Optional.GreatArcadeHits.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411151152} (PUP.Optional.CrossRider.M) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110411151152} (PUP.Optional.CrossRider.M) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411151152} (PUP.Optional.CrossRider.M) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110411151152} (PUP.Optional.CrossRider.M) -> No action taken.
 
Registry Values Detected: 4
HKCU\Software\Mozilla\Firefox\EXTENSIONS|{B21F5E31-B8E8-41CD-B74C-168A71A10E49} (PUP.Optional.GreatArcadeHits.A) -> Data: C:\Users\Lisa\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\ -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\InternetUpdater|ImagePath (PUP.Optional.InternetUpdater.A) -> Data: "C:\ProgramData\InternetUpdater\InternetUpdaterService.exe" -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\lsnfd|ImagePath (PUP.Optional.Linksicle) -> Data: system32\drivers\lsnfd.sys -> No action taken.
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: 1590556063558795263 -> No action taken.
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 8
C:\ProgramData\InternetUpdater (PUP.Optional.InternetUpdater.A) -> No action taken.
C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GreatArcadeHits (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Lisa\AppData\Local\Temp\CT3317209 (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Lisa\AppData\Local\Temp\CT3317212 (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Lisa\AppData\Local\GreatArcadeHits (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Lisa\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49} (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Lisa\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\chrome (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Lisa\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\chrome\content (PUP.Optional.GreatArcadeHits.A) -> No action taken.
 
Files Detected: 53
C:\ProgramData\InternetUpdater\InternetUpdaterService.exe (PUP.Optional.InternetUpdater.A) -> No action taken.
C:\Users\Lisa\AppData\Local\GreatArcadeHits\GreatArcadeHitsIE.dll (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\$RECYCLE.BIN\S-1-5-21-1284134332-2191118428-2470687600-1000\$R0X5LXZ\Community Alerts\Alert.dll (PUP.Optional.Conduit) -> No action taken.
C:\$RECYCLE.BIN\S-1-5-21-1284134332-2191118428-2470687600-1000\$RRXEZ6G\delta\1.8.24.6\deltaApp.dll (PUP.Optional.Delta) -> No action taken.
C:\$RECYCLE.BIN\S-1-5-21-1284134332-2191118428-2470687600-1000\$RRXEZ6G\delta\1.8.24.6\deltaEng.dll (PUP.Optional.Delta) -> No action taken.
C:\$RECYCLE.BIN\S-1-5-21-1284134332-2191118428-2470687600-1000\$RRXEZ6G\delta\1.8.24.6\deltasrv.exe (PUP.Optional.Delta) -> No action taken.
C:\$RECYCLE.BIN\S-1-5-21-1284134332-2191118428-2470687600-1000\$RRXEZ6G\delta\1.8.24.6\deltaTlbr.dll (PUP.Optional.Delta) -> No action taken.
C:\$RECYCLE.BIN\S-1-5-21-1284134332-2191118428-2470687600-1000\$RRXEZ6G\delta\1.8.24.6\bh\delta.dll (PUP.Optional.Delta) -> No action taken.
C:\AdwCleaner\Quarantine\C\Users\Lisa\AppData\Roaming\BabSolution\Shared\BabMaint.exe.vir (PUP.Optional.Babylon.A) -> No action taken.
C:\Users\Lisa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2YWJEXDB\SPSetup[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Lisa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DU9UPDXC\spstub[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Lisa\AppData\Local\Temp\nsaAA01.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Lisa\AppData\Local\Temp\nsq78A6.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Lisa\AppData\Local\Temp\nsv9348.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Lisa\AppData\Local\Temp\nsvA37B.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Lisa\AppData\Local\Temp\nsx22D7.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\Lisa\Downloads\Hitman_Pro_TSV2KVFR.exe (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\Lisa\Downloads\iLividSetup-r1267-n-bf.exe (PUP.Optional.Bandoo) -> No action taken.
C:\Users\Lisa\Downloads\iMeshSetup-r221-w-bf(2).exe (PUP.Optional.Bandoo.A) -> No action taken.
C:\Users\Lisa\Downloads\java.exe (PUP.Optional.Smart) -> No action taken.
C:\Users\Lisa\Downloads\rcpsetup_r.exe (PUP.Optional.RegCleanerPro) -> No action taken.
C:\Users\Lisa\Downloads\SocialNetworksSetup.exe (PUP.Optional.Inbox) -> No action taken.
C:\Users\Lisa\Downloads\Updater_Setup.exe (PUP.Optional.iBryte) -> No action taken.
C:\ProgramData\InternetUpdater\InternetUpdater.ico (PUP.Optional.InternetUpdater.A) -> No action taken.
C:\ProgramData\InternetUpdater\app.dat (PUP.Optional.InternetUpdater.A) -> No action taken.
C:\ProgramData\InternetUpdater\data.dat (PUP.Optional.InternetUpdater.A) -> No action taken.
C:\ProgramData\InternetUpdater\InternetUpdaterService.exe.config (PUP.Optional.InternetUpdater.A) -> No action taken.
C:\ProgramData\InternetUpdater\Uninstall.exe (PUP.Optional.InternetUpdater.A) -> No action taken.
C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GreatArcadeHits\Play Games online on GreatArcadeHits.com.url (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GreatArcadeHits\Uninstall GreatArcadeHits.lnk (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Windows\Tasks\GreatArcadeHits.job (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Windows\Tasks\LyricsSay-1-codedownloader.job (PUP.Optional.Lyrics.A) -> No action taken.
C:\Windows\Tasks\LyricsSay-1-enabler.job (PUP.Optional.Lyrics.A) -> No action taken.
C:\Windows\Tasks\LyricsSay-1-firefoxinstaller.job (PUP.Optional.Lyrics.A) -> No action taken.
C:\Windows\Tasks\LyricsSay-1-updater.job (PUP.Optional.Lyrics.A) -> No action taken.
C:\Users\Lisa\AppData\Local\Temp\CT3317209\ddt.csf (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Lisa\AppData\Local\Temp\CT3317212\ddt.csf (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Lisa\AppData\Local\GreatArcadeHits\application.ico (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Lisa\AppData\Local\GreatArcadeHits\cookies.js (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Lisa\AppData\Local\GreatArcadeHits\gahff.xpi (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Lisa\AppData\Local\GreatArcadeHits\GAHUninstaller.exe (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Lisa\AppData\Local\GreatArcadeHits\GAHUpdate.exe (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Lisa\AppData\Local\GreatArcadeHits\Play Games online on GreatArcadeHits.com.url (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Lisa\AppData\Local\GreatArcadeHits\PopupBroker.exe (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Lisa\AppData\Local\GreatArcadeHits\premium.pem (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Lisa\AppData\Local\GreatArcadeHits\static.js (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Lisa\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\chrome.manifest (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Lisa\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\icon.png (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Lisa\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\install.rdf (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Lisa\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\chrome\content\application.js (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Lisa\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\chrome\content\overlay.xul (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Lisa\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\chrome\content\page.js (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Lisa\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\chrome\content\static.js (PUP.Optional.GreatArcadeHits.A) -> No action taken.
 
(end)
Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.