why does SuperShield block this file

[DBatt]

At 24 minutes after each hour my computer is on I get a message that SuperShield has blocked the file "WINDOWS\SYSTEM32\WSCRIPT.EXE". The protection is set to SuperShield protection. If I set it at industry standard I do not get the message, BUT, what is happening? This has been going on now for about a month. I have followed directions and downloaded Adware by TSA, Malware, PC Magnum, replaced SuperShield, & Farbar Recovery Scan Tool. Done 2 scans with PCmatic.

Frustrating! Computer seems to work but there is a reason for SS to be blocking this file. Does anyone know what it is?

[Y kawika]

Please post the Farbar Recovery Scan Tool log file in this thread.

 

You have scripted malware that is being prevented from running and ruining your computer.

 

Thank you.

 

Y

[Juliet]

When you used Farbar Recovery Scan Tool, it should had created logs FRST.txt & Addition.txt

if you could please search for and post those 2 logs in your next reply.

[DBatt]

not too experienced in this stuff so hope it has gone somewhere near where it is intended to go.FRST.txt

[Juliet]

While I look over the FRST txt, can you search for and post Addition.txt, it was created at the same time.

 

Go to this folder

Running from C:\Users\Dick\Downloads

open that and see if the Addition.txt is located there.

Edited February 5, 2017 by Juliet

[DBatt]

I have access to the file but cannot figure out how to transfer it to this reply section. does not seem to want to paste, drag or move anywhere. sorry for the problem.

[Juliet]

• If necessary click the Attach this file button in the lower left hand corner of the Reply to this topic section of the Post
• In the lower left hand corner you should see a Browse button under Attach Files
• Click the Browse button and a new window will open
• Navigate to and double click on the file you want to attach Addition.txt
• Once the file path is entered into the box click Attach This File
• If successful, you will see the file name appear above Attach Files with a green check mark to the left
• When you are done with your message and hit Reply the file will automatically be attached to your reply

==========

[DBatt]

why is it skipping upload of addition it gives an error code of 403FRST.txt

[Juliet]

Addition.txt

open it, then:

CTRL + A = Select All
CTRL + C = Copy

come here to this topic
CTRL + V = Paste

~~~

Let's see if we can get this tool to run.

Please download the Malwarebytes Anti-Malware setup file to your Desktop.

OR from this location Here

• After the installation IS complete let it update if it asks.

• Under SETTINGS.....APPLICATIONS leave everything at default

• Under SETTINGS.....PROTECTION make sure AUTOMATIC QUARANTINE is on.

• Then go to the Dashboard and click on SCAN NOW

• When the scan is finished click on EXPORT SUMMARY......COPY TO CLIPBOARD

• Then come back to this thread and and under REPLY TO THIS TOPIC, right click in the reply and select Paste

• Then click on POST

• Exit Malwarebytes

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`

[DBatt]

gotMalwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 2/7/17
Scan Time: 10:59 AM
Logfile:
Administrator: Yes

-Software Information-
Version: 3.0.6.1469
Components Version: 1.0.50
Update Package Version: 1.0.1064
License: Trial

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Dick-toshiba\Dick

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 402464
Time Elapsed: 11 min, 18 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 44
PUP.Optional.PricePeep, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}, No Action By User, [8678], [168651],1.0.1064
PUP.Optional.PricePeep, HKLM\SOFTWARE\CLASSES\PricePeep.PricePeepBho, No Action By User, [8678], [168651],1.0.1064
PUP.Optional.PricePeep, HKLM\SOFTWARE\CLASSES\PricePeep.PricePeepBho.1, No Action By User, [8678], [168651],1.0.1064
PUP.Optional.PricePeep, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}, No Action By User, [8678], [168651],1.0.1064
PUP.Optional.PricePeep, HKLM\SOFTWARE\CLASSES\TYPELIB\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408}, No Action By User, [8678], [168651],1.0.1064
PUP.Optional.PricePeep, HKLM\SOFTWARE\CLASSES\INTERFACE\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}, No Action By User, [8678], [168651],1.0.1064
PUP.Optional.PricePeep, HKLM\SOFTWARE\CLASSES\INTERFACE\{75BF416E-4326-45B5-8A2D-AE32D05B930B}, No Action By User, [8678], [168651],1.0.1064
PUP.Optional.PricePeep, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408}, No Action By User, [8678], [168651],1.0.1064
PUP.Optional.PricePeep, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408}, No Action By User, [8678], [168651],1.0.1064
PUP.Optional.PricePeep, HKU\S-1-5-21-2850075346-2245016049-747838122-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}, No Action By User, [8678], [168651],1.0.1064
PUP.Optional.PricePeep, HKU\S-1-5-21-2850075346-2245016049-747838122-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}, No Action By User, [8678], [168651],1.0.1064
PUP.Optional.PricePeep, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}, No Action By User, [8678], [168651],1.0.1064
PUP.Optional.PCPOptimize, HKLM\SOFTWARE\CLASSES\PCPitstopErase2.SQLite, No Action By User, [2321], [352588],1.0.1064
PUP.Optional.PCPOptimize, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{AB7CDB6E-4F65-49F2-A2AB-704A6BA8DACC}, No Action By User, [2321], [352588],1.0.1064
PUP.Optional.PCPOptimize, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{AB7CDB6E-4F65-49F2-A2AB-704A6BA8DACC}, No Action By User, [2321], [352588],1.0.1064
PUP.Optional.PCPOptimize, HKLM\SOFTWARE\CLASSES\PCPitstopErase2.IE, No Action By User, [2321], [352593],1.0.1064
PUP.Optional.PCPOptimize, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{CAABE140-E960-4A2F-A026-A2C84C6049E4}, No Action By User, [2321], [352593],1.0.1064
PUP.Optional.PCPOptimize, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CAABE140-E960-4A2F-A026-A2C84C6049E4}, No Action By User, [2321], [352593],1.0.1064
PUP.Optional.Wajam, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}, No Action By User, [131], [168990],1.0.1064
PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}, No Action By User, [131], [168990],1.0.1064
PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\APPID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}, No Action By User, [131], [168990],1.0.1064
PUP.Optional.Wajam, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, No Action By User, [131], [-1],0.0.0
PUP.Optional.PricePeep, HKLM\SOFTWARE\CLASSES\APPID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}, No Action By User, [8678], [168650],1.0.1064
PUP.Optional.PricePeep, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}, No Action By User, [8678], [168650],1.0.1064
PUP.Optional.PricePeep, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}, No Action By User, [8678], [168650],1.0.1064
PUP.Optional.PCPOptimize, HKLM\SOFTWARE\CLASSES\PCPitstopErase2.Updater, No Action By User, [2321], [352587],1.0.1064
PUP.Optional.PCPOptimize, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{5D20261F-EEDF-3E74-88B7-6ACD32607141}, No Action By User, [2321], [352587],1.0.1064
PUP.Optional.PCPOptimize, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5D20261F-EEDF-3E74-88B7-6ACD32607141}, No Action By User, [2321], [352587],1.0.1064
PUP.Optional.PCPOptimize, HKLM\SOFTWARE\CLASSES\PCPitstopErase2.Utils, No Action By User, [2321], [352582],1.0.1064
PUP.Optional.PCPOptimize, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{252FCBE7-33D2-4704-AE79-DD22F7586EEC}, No Action By User, [2321], [352582],1.0.1064
PUP.Optional.PCPOptimize, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{252FCBE7-33D2-4704-AE79-DD22F7586EEC}, No Action By User, [2321], [352582],1.0.1064
PUP.Optional.PCPOptimize, HKLM\SOFTWARE\CLASSES\PCPitstopErase2.RecentDocs, No Action By User, [2321], [352590],1.0.1064
PUP.Optional.PCPOptimize, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C2D680FB-63E0-4C6C-BEC4-676A9EA53222}, No Action By User, [2321], [352590],1.0.1064
PUP.Optional.PCPOptimize, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C2D680FB-63E0-4C6C-BEC4-676A9EA53222}, No Action By User, [2321], [352590],1.0.1064
PUP.Optional.PCPOptimize, HKLM\SOFTWARE\CLASSES\PCPitstopErase2.RecycleBin, No Action By User, [2321], [352592],1.0.1064
PUP.Optional.PCPOptimize, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{E672CC3F-1B62-4EDA-BB50-CF2D8796CE33}, No Action By User, [2321], [352592],1.0.1064
PUP.Optional.PCPOptimize, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E672CC3F-1B62-4EDA-BB50-CF2D8796CE33}, No Action By User, [2321], [352592],1.0.1064
PUP.Optional.PCMagnum, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\PC Magnum_is1, No Action By User, [2340], [352547],1.0.1064
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Yahoo! Powered focet, No Action By User, [117], [308968],1.0.1064
PUP.Optional.InstallCore, HKU\S-1-5-21-2850075346-2245016049-747838122-1001\SOFTWARE\ICSW1.23, No Action By User, [8], [239562],1.0.1064
PUP.Optional.SpyHunter, HKLM\SOFTWARE\ENIGMASOFTWAREGROUP\SpyHunter, No Action By User, [1670], [331803],1.0.1064
PUP.Optional.SpyHunter, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ESGIGUARD, No Action By User, [1670], [331706],1.0.1064
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\CLASSES\Toolbar.CT3315828, No Action By User, [13614], [234010],1.0.1064
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3D60227B-EC2E-43F3-9840-4EDA6B914CAF}, No Action By User, [117], [308967],1.0.1064

Registry Value: 5
PUP.Optional.Wajam, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, No Action By User, [131], [-1],0.0.0
PUP.Optional.Wajam, HKU\S-1-5-21-2850075346-2245016049-747838122-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, No Action By User, [131], [-1],0.0.0
PUP.Optional.Wajam, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, No Action By User, [131], [-1],0.0.0
PUP.Optional.SpyHunter, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ESGIGUARD|IMAGEPATH, No Action By User, [1670], [331706],1.0.1064
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3D60227B-EC2E-43F3-9840-4EDA6B914CAF}|PATH, No Action By User, [117], [308967],1.0.1064

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 38
PUP.Optional.SpywareClear, C:\ProgramData\Spyware Clear\Quarantine, No Action By User, [7305], [179820],1.0.1064
PUP.Optional.SpywareClear, C:\ProgramData\Spyware Clear\Antivir, No Action By User, [7305], [179820],1.0.1064
PUP.Optional.SpywareClear, C:\ProgramData\Spyware Clear\Reports, No Action By User, [7305], [179820],1.0.1064
PUP.Optional.SpywareClear, C:\ProgramData\Spyware Clear\Shared, No Action By User, [7305], [179820],1.0.1064
PUP.Optional.SpywareClear, C:\ProgramData\Spyware Clear\Update, No Action By User, [7305], [179820],1.0.1064
PUP.Optional.SpywareClear, C:\ProgramData\Spyware Clear\Down, No Action By User, [7305], [179820],1.0.1064
PUP.Optional.SpywareClear, C:\ProgramData\Spyware Clear\News, No Action By User, [7305], [179820],1.0.1064
PUP.Optional.SpywareClear, C:\PROGRAMDATA\Spyware Clear, No Action By User, [7305], [179820],1.0.1064
PUP.Optional.ArcadeParlor, C:\Users\Dick\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{F32E7E42-9AFA-47CA-A0C4-D07EE651D404}\chrome\content, No Action By User, [11059], [175505],1.0.1064
PUP.Optional.ArcadeParlor, C:\Users\Dick\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{F32E7E42-9AFA-47CA-A0C4-D07EE651D404}\chrome, No Action By User, [11059], [175505],1.0.1064
PUP.Optional.ArcadeParlor, C:\Users\Dick\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{F32E7E42-9AFA-47CA-A0C4-D07EE651D404}\skin, No Action By User, [11059], [175505],1.0.1064
PUP.Optional.ArcadeParlor, C:\USERS\Dick\APPDATA\ROAMING\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{F32E7E42-9AFA-47CA-A0C4-D07EE651D404}, No Action By User, [11059], [175505],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\USERS\Dick\APPDATA\ROAMING\PC Tech Hotline, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.SpywareClear, C:\USERS\Dick\APPDATA\ROAMING\Spyware Clear, No Action By User, [7305], [179820],1.0.1064
PUP.Optional.PCTechHotline, C:\Program Files (x86)\PCTechHotline\Update, No Action By User, [1341], [178845],1.0.1064
PUP.Optional.PCTechHotline, C:\PROGRAM FILES (X86)\PCTechHotline, No Action By User, [1341], [178845],1.0.1064
PUP.Optional.Revizer.PrxySvrRST, C:\PROGRAM FILES (X86)\ver4Re-markit, No Action By User, [10974], [181036],1.0.1064
PUP.Optional.WinYahoo.Generic, C:\PROGRAMDATA\{4F448A27-C506-00E1-43C0-9EA3D982156D}, No Action By User, [2050], [341897],1.0.1064
PUP.Optional.SpywareClear, C:\Program Files (x86)\Spyware Clear\Driver, No Action By User, [7305], [243463],1.0.1064
PUP.Optional.SpywareClear, C:\Program Files (x86)\Spyware Clear\Tools, No Action By User, [7305], [243463],1.0.1064
PUP.Optional.SpywareClear, C:\PROGRAM FILES (X86)\SPYWARE CLEAR, No Action By User, [7305], [243463],1.0.1064
PUP.Optional.SearchExtensions, C:\PROGRAM FILES (X86)\SEARCH EXTENSIONS, No Action By User, [17181], [242702],1.0.1064
PUP.Optional.ArcadeParlor, C:\USERS\Dick\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\ARCADEPARLOR, No Action By User, [11059], [175509],1.0.1064
PUP.Optional.AstroArcade, C:\USERS\Dick\APPDATA\LOCAL\ASTROARCADE, No Action By User, [8482], [235600],1.0.1064
PUP.Optional.PCOptimizerPro, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\PC OPTIMIZER PRO, No Action By User, [1285], [182301],1.0.1064
PUP.Optional.SpyHunter, C:\Program Files\Enigma Software Group\SpyHunter\Data, No Action By User, [1670], [331702],1.0.1064
PUP.Optional.SpyHunter, C:\Program Files\Enigma Software Group\SpyHunter\Log, No Action By User, [1670], [331702],1.0.1064
PUP.Optional.SpyHunter, C:\PROGRAM FILES\ENIGMA SOFTWARE GROUP\SPYHUNTER, No Action By User, [1670], [331702],1.0.1064
PUP.Optional.PCMagnum, C:\Program Files (x86)\PCPitstop\PC Magnum\img, No Action By User, [2340], [352547],1.0.1064
PUP.Optional.PCMagnum, C:\PROGRAM FILES (X86)\PCPITSTOP\PC Magnum, No Action By User, [2340], [352547],1.0.1064
PUP.Optional.PCMagnum, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\PC PITSTOP\PC Magnum, No Action By User, [2340], [358079],1.0.1064
PUP.Optional.Amonetize, C:\USERS\Dick\APPDATA\LOCAL\20513, No Action By User, [13], [186702],1.0.1064
PUP.Optional.ConverterFreeOnline, C:\Program Files (x86)\Converter Free Online\extension@Converter_Free_Online.com\content, No Action By User, [12602], [236936],1.0.1064
PUP.Optional.ConverterFreeOnline, C:\Program Files (x86)\Converter Free Online\extension@Converter_Free_Online.com, No Action By User, [12602], [236936],1.0.1064
PUP.Optional.ConverterFreeOnline, C:\PROGRAM FILES (X86)\CONVERTER FREE ONLINE, No Action By User, [12602], [236936],1.0.1064
PUP.Optional.SpywareClear, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\SPYWARE CLEAR, No Action By User, [7305], [187215],1.0.1064
PUP.Optional.OptimizerPro, C:\USERS\Dick\DOCUMENTS\OPTIMIZER PRO, No Action By User, [1024], [241439],1.0.1064

File: 151
PUP.Optional.SpywareClear, C:\ProgramData\Spyware Clear\News\185_en_1.pngx, No Action By User, [7305], [179820],1.0.1064
PUP.Optional.SpywareClear, C:\ProgramData\Spyware Clear\News\186_en_1.pngx, No Action By User, [7305], [179820],1.0.1064
PUP.Optional.SpywareClear, C:\ProgramData\Spyware Clear\News\187_en_1.pngx, No Action By User, [7305], [179820],1.0.1064
PUP.Optional.SpywareClear, C:\ProgramData\Spyware Clear\News\188_en_1.pngx, No Action By User, [7305], [179820],1.0.1064
PUP.Optional.SpywareClear, C:\ProgramData\Spyware Clear\News\189_en_2.pngx, No Action By User, [7305], [179820],1.0.1064
PUP.Optional.SpywareClear, C:\ProgramData\Spyware Clear\News\191_en_5.pngx, No Action By User, [7305], [179820],1.0.1064
PUP.Optional.SpywareClear, C:\ProgramData\Spyware Clear\News\192_en_1.pngx, No Action By User, [7305], [179820],1.0.1064
PUP.Optional.SpywareClear, C:\ProgramData\Spyware Clear\News\193_en_1.pngx, No Action By User, [7305], [179820],1.0.1064
PUP.Optional.SpywareClear, C:\ProgramData\Spyware Clear\News\242_en_1.pngx, No Action By User, [7305], [179820],1.0.1064
PUP.Optional.SpywareClear, C:\ProgramData\Spyware Clear\News\243_en_1.pngx, No Action By User, [7305], [179820],1.0.1064
PUP.Optional.SpywareClear, C:\ProgramData\Spyware Clear\News\251_en_1.pngx, No Action By User, [7305], [179820],1.0.1064
PUP.Optional.SpywareClear, C:\ProgramData\Spyware Clear\News\275_en_1.pngx, No Action By User, [7305], [179820],1.0.1064
PUP.Optional.SpywareClear, C:\ProgramData\Spyware Clear\News\276_en_1.pngx, No Action By User, [7305], [179820],1.0.1064
PUP.Optional.SpywareClear, C:\ProgramData\Spyware Clear\News\277_en_1.pngx, No Action By User, [7305], [179820],1.0.1064
PUP.Optional.SpywareClear, C:\ProgramData\Spyware Clear\News\278_en_1.pngx, No Action By User, [7305], [179820],1.0.1064
PUP.Optional.SpywareClear, C:\ProgramData\Spyware Clear\News\302_en_1.pngx, No Action By User, [7305], [179820],1.0.1064
PUP.Optional.SpywareClear, C:\ProgramData\Spyware Clear\Reports\scan_0001.rpt, No Action By User, [7305], [179820],1.0.1064
PUP.Optional.SpywareClear, C:\ProgramData\Spyware Clear\Reports\send_0001.rpt, No Action By User, [7305], [179820],1.0.1064
PUP.Optional.SpywareClear, C:\ProgramData\Spyware Clear\SC_CPL.xml, No Action By User, [7305], [179820],1.0.1064
PUP.Optional.ArcadeParlor, C:\Users\Dick\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{F32E7E42-9AFA-47CA-A0C4-D07EE651D404}\chrome\content\browser.xul, No Action By User, [11059], [175505],1.0.1064
PUP.Optional.ArcadeParlor, C:\Users\Dick\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{F32E7E42-9AFA-47CA-A0C4-D07EE651D404}\skin\style.css, No Action By User, [11059], [175505],1.0.1064
PUP.Optional.ArcadeParlor, C:\Users\Dick\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{F32E7E42-9AFA-47CA-A0C4-D07EE651D404}\icon.png, No Action By User, [11059], [175505],1.0.1064
PUP.Optional.ArcadeParlor, C:\Users\Dick\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{F32E7E42-9AFA-47CA-A0C4-D07EE651D404}\install.rdf, No Action By User, [11059], [175505],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\24x7NewAppGraph_SupportIcon00.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\Icon_FAQ.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\24x7bubble_Left.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\24x7bubble_Right.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\24x7bubble_X00.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\24x7bubble_X01.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\24x7bubble_X02.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\24x7Dark001_SettingsActive.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\24x7Dark001_SettingsBack.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\24x7Dark001_SettingsHover.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\24x7Dark_NoTabs_Back00.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\24x7Dark_NoTabs_PhoneIcon.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\24x7logoNew_dark01.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\24x7NewAppGraph_CPUblue.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\24x7NewAppGraph_CPUgreen.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\24x7NewAppGraph_CPUmonitorIcon00.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\24x7NewAppGraph_CPUmonitorIcon01.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\24x7NewAppGraph_graph.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\24x7NewAppGraph_LivechatIcon00.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\24x7NewAppGraph_LivechatIcon01.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\24x7NewAppGraph_lowerstripe.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\24x7NewAppGraph_manphoto.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\24x7NewAppGraph_SupportIcon01.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\24x7NewAppGraph_SystemCheckIcon00.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\24x7NewAppGraph_SystemCheckIcon01.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\24x7_UploaderDark01.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\ArrowSmall.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\ArrowSmallHot.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\bubble.xml, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\Hardware_Icon.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\Icon_FAQ_nonactive.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\Icon_Settings.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\Icon_Settings_nonactive.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\MainImg_SettingsDark01.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\Navigation_HomeIcon00_Dark01.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\Navigation_HomeIcon01_Dark01.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\Navigation_SettingsIcon00_Dark01.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\Navigation_SettingsIcon01_Dark01.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\OK_IconGreen01.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\PeriodicSystemCheckBubble.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\Phones_Icon.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\Security_Icon.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\skin.xml, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\Software_Icon.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\SupportCheck01_arrow00.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\SupportCheck01_arrow01.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\Warning_Icon01.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\Warning_IconOrange01.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Users\Dick\AppData\Roaming\PC Tech Hotline\skin\Warning_IconRed01.png, No Action By User, [1341], [178844],1.0.1064
PUP.Optional.PCTechHotline, C:\Program Files (x86)\PCTechHotline\unins000.dat, No Action By User, [1341], [178845],1.0.1064
PUP.Optional.PCTechHotline, C:\Program Files (x86)\PCTechHotline\unins000.msg, No Action By User, [1341], [178845],1.0.1064
PUP.Optional.Revizer.PrxySvrRST, C:\Program Files (x86)\ver4Re-markit\178.dat, No Action By User, [10974], [181036],1.0.1064
PUP.Optional.Revizer.PrxySvrRST, C:\Program Files (x86)\ver4Re-markit\178.xpi, No Action By User, [10974], [181036],1.0.1064
PUP.Optional.Revizer.PrxySvrRST, C:\Program Files (x86)\ver4Re-markit\a.db, No Action By User, [10974], [181036],1.0.1064
PUP.Optional.Revizer.PrxySvrRST, C:\Program Files (x86)\ver4Re-markit\b.db, No Action By User, [10974], [181036],1.0.1064
PUP.Optional.Revizer.PrxySvrRST, C:\Program Files (x86)\ver4Re-markit\q2Re-markitXz178.bin, No Action By User, [10974], [181036],1.0.1064
PUP.Optional.WinYahoo.Generic, C:\PROGRAMDATA\{4F448A27-C506-00E1-43C0-9EA3D982156D}\MOSO.TXT, No Action By User, [2050], [341897],1.0.1064
PUP.Optional.WinYahoo.Generic, C:\ProgramData\{4F448A27-C506-00E1-43C0-9EA3D982156D}\aowLC, No Action By User, [2050], [341897],1.0.1064
PUP.Optional.WinYahoo.Generic, C:\ProgramData\{4F448A27-C506-00E1-43C0-9EA3D982156D}\hdat1, No Action By User, [2050], [341897],1.0.1064
PUP.Optional.WinYahoo.Generic, C:\ProgramData\{4F448A27-C506-00E1-43C0-9EA3D982156D}\hdat2, No Action By User, [2050], [341897],1.0.1064
PUP.Optional.WinYahoo.Generic, C:\ProgramData\{4F448A27-C506-00E1-43C0-9EA3D982156D}\nidece, No Action By User, [2050], [341897],1.0.1064
PUP.Optional.WinYahoo.Generic, C:\ProgramData\{4F448A27-C506-00E1-43C0-9EA3D982156D}\nodo, No Action By User, [2050], [341897],1.0.1064
PUP.Optional.WinYahoo.Generic, C:\ProgramData\{4F448A27-C506-00E1-43C0-9EA3D982156D}\YdozK, No Action By User, [2050], [341897],1.0.1064
PUP.Optional.SpywareClear, C:\PROGRAM FILES (X86)\SPYWARE CLEAR\UNINS000.DAT, No Action By User, [7305], [243463],1.0.1064
PUP.Optional.SpywareClear, C:\Program Files (x86)\Spyware Clear\Driver\driver.cab, No Action By User, [7305], [243463],1.0.1064
PUP.Optional.SpywareClear, C:\Program Files (x86)\Spyware Clear\Tools\24x7.xml, No Action By User, [7305], [243463],1.0.1064
PUP.Optional.SpywareClear, C:\Program Files (x86)\Spyware Clear\Tools\analyze.xml, No Action By User, [7305], [243463],1.0.1064
PUP.Optional.SpywareClear, C:\Program Files (x86)\Spyware Clear\Tools\bloatware.xml, No Action By User, [7305], [243463],1.0.1064
PUP.Optional.SpywareClear, C:\Program Files (x86)\Spyware Clear\Tools\optimizer.xml, No Action By User, [7305], [243463],1.0.1064
PUP.Optional.SpywareClear, C:\Program Files (x86)\Spyware Clear\Tools\ov.xml, No Action By User, [7305], [243463],1.0.1064
PUP.Optional.SpywareClear, C:\Program Files (x86)\Spyware Clear\Tools\remover.xml, No Action By User, [7305], [243463],1.0.1064
PUP.Optional.SpywareClear, C:\Program Files (x86)\Spyware Clear\Tools\restore.xml, No Action By User, [7305], [243463],1.0.1064
PUP.Optional.SpywareClear, C:\Program Files (x86)\Spyware Clear\Tools\so.xml, No Action By User, [7305], [243463],1.0.1064
PUP.Optional.SpywareClear, C:\Program Files (x86)\Spyware Clear\Tools\startup.xml, No Action By User, [7305], [243463],1.0.1064
PUP.Optional.SpywareClear, C:\Program Files (x86)\Spyware Clear\Tools\systemsettings.xml, No Action By User, [7305], [243463],1.0.1064
PUP.Optional.SpywareClear, C:\Program Files (x86)\Spyware Clear\Tools\unstableaddons.xml, No Action By User, [7305], [243463],1.0.1064
PUP.Optional.SpywareClear, C:\Program Files (x86)\Spyware Clear\Tools\virtualkeyboard.xml, No Action By User, [7305], [243463],1.0.1064
PUP.Optional.SpywareClear, C:\Program Files (x86)\Spyware Clear\unins000.msg, No Action By User, [7305], [243463],1.0.1064
PUP.Optional.SearchExtensions, C:\PROGRAM FILES (X86)\SEARCH EXTENSIONS\CONFIG.DAT, No Action By User, [17181], [242702],1.0.1064
PUP.Optional.SearchExtensions, C:\Program Files (x86)\Search Extensions\TrustedRoot.cer, No Action By User, [17181], [242702],1.0.1064
PUP.Optional.ArcadeParlor, C:\Users\Dick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ArcadeParlor\Play ArcadeParlor Online.url, No Action By User, [11059], [175509],1.0.1064
PUP.Optional.AstroArcade, C:\USERS\Dick\APPDATA\LOCAL\ASTROARCADE\DATA2.DAT, No Action By User, [8482], [235600],1.0.1064
PUP.Optional.PCOptimizerPro, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Optimizer Pro\Live Support.url, No Action By User, [1285], [182301],1.0.1064
PUP.Optional.PCOptimizerPro, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Optimizer Pro\Uninstallation Guide.url, No Action By User, [1285], [182301],1.0.1064
PUP.Optional.PCOptimizerPro, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Optimizer Pro\Visit Website.url, No Action By User, [1285], [182301],1.0.1064
PUP.Optional.SpyHunter, C:\Program Files\Enigma Software Group\SpyHunter\Data\dns.dat, No Action By User, [1670], [331702],1.0.1064
PUP.Optional.SpyHunter, C:\Program Files\Enigma Software Group\SpyHunter\Log\SpyHunter4_20140303_083528.log, No Action By User, [1670], [331702],1.0.1064
PUP.Optional.SpyHunter, C:\Program Files\Enigma Software Group\SpyHunter\INSTALL.LOG, No Action By User, [1670], [331702],1.0.1064
PUP.Optional.SpyHunter, C:\Program Files\Enigma Software Group\SpyHunter\cos.dat, No Action By User, [1670], [331702],1.0.1064
PUP.Optional.SpyHunter, C:\Program Files\Enigma Software Group\SpyHunter\gas.dat, No Action By User, [1670], [331702],1.0.1064
PUP.Optional.SpyHunter, C:\Program Files\Enigma Software Group\SpyHunter\gil.dat, No Action By User, [1670], [331702],1.0.1064
PUP.Optional.SpyHunter, C:\Program Files\Enigma Software Group\SpyHunter\safeol.dat, No Action By User, [1670], [331702],1.0.1064
PUP.Optional.SpyHunter, C:\Program Files\Enigma Software Group\SpyHunter\scanlog.log, No Action By User, [1670], [331702],1.0.1064
PUP.Optional.SpyHunter, C:\Program Files\Enigma Software Group\SpyHunter\supportlog.txt, No Action By User, [1670], [331702],1.0.1064
PUP.Optional.SpyHunter, C:\Program Files\Enigma Software Group\SpyHunter\unkcache.dat, No Action By User, [1670], [331702],1.0.1064
PUP.Optional.PCMagnum, C:\Program Files (x86)\PCPitstop\PC Magnum\img\help.ico, No Action By User, [2340], [352547],1.0.1064
PUP.Optional.PCMagnum, C:\Program Files (x86)\PCPitstop\PC Magnum\img\splash.png, No Action By User, [2340], [352547],1.0.1064
PUP.Optional.PCMagnum, C:\Program Files (x86)\PCPitstop\PC Magnum\img\wait.gif, No Action By User, [2340], [352547],1.0.1064
PUP.Optional.PCMagnum, C:\Program Files (x86)\PCPitstop\PC Magnum\checkschedule.wsf, No Action By User, [2340], [352547],1.0.1064
PUP.Optional.PCMagnum, C:\Program Files (x86)\PCPitstop\PC Magnum\ChromeCacheView.exe, No Action By User, [2340], [352547],1.0.1064
PUP.Optional.PCMagnum, C:\Program Files (x86)\PCPitstop\PC Magnum\InfoCenter-Setup.exe, No Action By User, [2340], [352547],1.0.1064
PUP.Optional.PCMagnum, C:\Program Files (x86)\PCPitstop\PC Magnum\InstallHelper.dll, No Action By User, [2340], [352547],1.0.1064
PUP.Optional.PCMagnum, C:\Program Files (x86)\PCPitstop\PC Magnum\Interop.Shell32.dll, No Action By User, [2340], [352547],1.0.1064
PUP.Optional.PCMagnum, C:\Program Files (x86)\PCPitstop\PC Magnum\MozillaCacheView.exe, No Action By User, [2340], [352547],1.0.1064
PUP.Optional.PCMagnum, C:\Program Files (x86)\PCPitstop\PC Magnum\NoNet.html, No Action By User, [2340], [352547],1.0.1064
PUP.Optional.PCMagnum, C:\Program Files (x86)\PCPitstop\PC Magnum\PC Magnum.exe.config, No Action By User, [2340], [352547],1.0.1064
PUP.Optional.PCMagnum, C:\Program Files (x86)\PCPitstop\PC Magnum\PC Magnum.ico, No Action By User, [2340], [352547],1.0.1064
PUP.Optional.PCMagnum, C:\Program Files (x86)\PCPitstop\PC Magnum\PC Magnum.ini, No Action By User, [2340], [352547],1.0.1064
PUP.Optional.PCMagnum, C:\Program Files (x86)\PCPitstop\PC Magnum\PCMagnum.url, No Action By User, [2340], [352547],1.0.1064
PUP.Optional.PCMagnum, C:\Program Files (x86)\PCPitstop\PC Magnum\Remove-All.cmd, No Action By User, [2340], [352547],1.0.1064
PUP.Optional.PCMagnum, C:\Program Files (x86)\PCPitstop\PC Magnum\scan.wsf, No Action By User, [2340], [352547],1.0.1064
PUP.Optional.PCMagnum, C:\Program Files (x86)\PCPitstop\PC Magnum\Splash.html, No Action By User, [2340], [352547],1.0.1064
PUP.Optional.PCMagnum, C:\Program Files (x86)\PCPitstop\PC Magnum\sqlite3.dll, No Action By User, [2340], [352547],1.0.1064
PUP.Optional.PCMagnum, C:\Program Files (x86)\PCPitstop\PC Magnum\unins000.dat, No Action By User, [2340], [352547],1.0.1064
PUP.Optional.PCMagnum, C:\Program Files (x86)\PCPitstop\PC Magnum\unins000.exe, No Action By User, [2340], [352547],1.0.1064
PUP.Optional.PCMagnum, C:\Program Files (x86)\PCPitstop\PC Magnum\unins000.msg, No Action By User, [2340], [352547],1.0.1064
PUP.Optional.PCMagnum, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Pitstop\PC Magnum\PC Magnum Online Documentation.lnk, No Action By User, [2340], [358079],1.0.1064
PUP.Optional.PCMagnum, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Pitstop\PC Magnum\PC Magnum.lnk, No Action By User, [2340], [358079],1.0.1064
PUP.Optional.PCMagnum, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Pitstop\PC Magnum\Uninstall PC Magnum.lnk, No Action By User, [2340], [358079],1.0.1064
PUP.Optional.Amonetize, C:\USERS\Dick\APPDATA\LOCAL\20513\UPDATER.XML, No Action By User, [13], [186702],1.0.1064
PUP.Optional.PCMagnum, C:\USERS\Dick\DESKTOP\PC MAGNUM.LNK, No Action By User, [2340], [352567],1.0.1064
PUP.Optional.ConverterFreeOnline, C:\PROGRAM FILES (X86)\CONVERTER FREE ONLINE\UNINS000.DAT, No Action By User, [12602], [236936],1.0.1064
PUP.Optional.ConverterFreeOnline, C:\Program Files (x86)\Converter Free Online\extension@Converter_Free_Online.com\content\browserOverlay.xul, No Action By User, [12602], [236936],1.0.1064
PUP.Optional.ConverterFreeOnline, C:\Program Files (x86)\Converter Free Online\extension@Converter_Free_Online.com\install.rdf, No Action By User, [12602], [236936],1.0.1064
PUP.Optional.SpywareClear, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\SPYWARE CLEAR\SPYWARECLEAR.COM.URL, No Action By User, [7305], [187215],1.0.1064
PUP.Optional.WinYahoo, C:\WINDOWS\TASKS\Yahoo! Powered focet.job, No Action By User, [117], [308966],1.0.1064
PUP.Optional.WinYahoo, C:\WINDOWS\SYSTEM32\TASKS\Yahoo! Powered focet, No Action By User, [117], [308969],1.0.1064
PUP.Optional.OptimizerPro, C:\USERS\Dick\DOCUMENTS\OPTIMIZER PRO\COOKIESEXCEPTION.TXT, No Action By User, [1024], [241439],1.0.1064

Physical Sector: 0
(No malicious items detected)

(end)

the results of scan however the paste option is not available.

[Juliet]

When you ran the scan, did you allow it to quarantine what it had found?

 

IF not, not a problem.

 

Our culprit was found

PUP.Optional.WinYahoo.Generic, C:\PROGRAMDATA\{4F448A27-C506-00E1-43C0-9EA3D982156D}\MOSO.TXT, No Action By User, [2050], [341897],1.0.1064

 

The above needs to be quarantined.

 

If you have not selected at this time for other items not to be deleted, please remove any check marks you find by these

 

PUP.Optional.PCPOptimize, HKLM\SOFTWARE\CLASSES\PCPitstopErase2.SQLite, No Action By User, [2321], [352588],1.0.1064

PUP.Optional.PCPOptimize, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{AB7CDB6E-4F65-49F2-A2AB-704A6BA8DACC}, No Action By User, [2321], [352588],1.0.1064

PUP.Optional.PCPOptimize, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{AB7CDB6E-4F65-49F2-A2AB-704A6BA8DACC}, No Action By User, [2321], [352588],1.0.1064

PUP.Optional.PCPOptimize, HKLM\SOFTWARE\CLASSES\PCPitstopErase2.IE, No Action By User, [2321], [352593],1.0.1064

PUP.Optional.PCPOptimize, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{CAABE140-E960-4A2F-A026-A2C84C6049E4}, No Action By User, [2321], [352593],1.0.1064

PUP.Optional.PCPOptimize, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CAABE140-E960-4A2F-A026-A2C84C6049E4}, No Action By User, [2321], [352593],1.0.1064

PUP.Optional.PCMagnum, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\PC Magnum_is1, No Action By User, [2340], [352547],1.0.1064

PUP.Optional.PCMagnum, C:\Program Files (x86)\PCPitstop\PC Magnum\img, No Action By User, [2340], [352547],1.0.1064

PUP.Optional.PCMagnum, C:\PROGRAM FILES (X86)\PCPITSTOP\PC Magnum, No Action By User, [2340], [352547],1.0.1064

PUP.Optional.PCMagnum, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\PC PITSTOP\PC Magnum, No Action By User, [2340], [358079],1.0.1064

 

Also, I want to experiment and send you a private message, wanted to see if it will allow you to copy and paste anything to me there.

[DBatt]

that now is the only file quarantined in the malware report. Is that what you wanted to happen? Will this still cause SS to notify me of a blocked file?

[Juliet]

Will this still cause SS to notify me of a blocked file?

it shouldn't and to try to run another scan and clean with PC Matic.

[DBatt]

scanned again w/pcmatic. As of 7:24 P.M. still receiving notice of blocked file by S.S.????

[Juliet]

AdwCleaner

• Please download AdwCleaner and save the file to your Desktop.

  In order to use AdwCleaner, you have to agree the Eula:

• Right-click AdwCleaner.exe and select Run as administrator to run the programme.
• Follow the prompts.
• Click Scan.
• Upon completion, click Logfile.
• Ensure all items have a checkmark
• Return to AdwCleaner.
• Click Clean.
• Follow the prompts and allow your computer to reboot.
• After the reboot, a log (AdwCleaner[C1].txt) will open. Copy the contents of the log and paste in your next reply.

-- File and folder backups are made for items removed using this programme. Should a legitimate file or folder be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the item. Please do not overly concern yourself with the contents of AdwCleaner[C1].txt.

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

If you would please, let's do another scan with Malwarebytes Anti-Malware

 

This time, please make sure that everything has a checkmark to be removed.

 

Open Malwarebytes Anti-Malware

• On the Dashboard click on Update Now
• Under SETTINGS.....APPLICATIONS leave everything at default
• Under SETTINGS.....PROTECTION make sure AUTOMATIC QUARANTINE is on.
• Then go to the Dashboard and click on SCAN NOW
• When the scan is finished click on EXPORT SUMMARY......COPY TO CLIPBOARD
• Then come back to this thread and and under REPLY TO THIS TOPIC, right click in the reply and select Paste
• Then click on POST
• Exit Malwarebytes
• ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`

[DBatt]

AdwCleaner seems to have been the answer. No blocked messages since running it.

[Juliet]

Yea, let's do a victory dance.

 

Can you locate this file AdwCleaner[C1].txt, copy and paste it into your next reply?

[DBatt]

# AdwCleaner v6.043 - Logfile created 08/02/2017 at 07:21:23
# Updated on 27/01/2017 by Malwarebytes
# Database : 2017-02-03.2 [server]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username : Dick - Dick-TOSHIBA
# Running from : C:\Users\Dick\Downloads\AdwCleaner.exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support

 

***** [ Services ] *****
Service Found: esgiguard

***** [ Folders ] *****

Folder Found: C:\Users\Dick\AppData\Local\20513
Folder Found: C:\Users\Dick\AppData\Local\SevereWeatherAlerts
Folder Found: C:\Users\Dick\AppData\Roaming\PC Tech Hotline
Folder Found: C:\Users\Dick\AppData\Roaming\pccustubinstaller
Folder Found: C:\Users\Dick\AppData\Roaming\Spyware Clear
Folder Found: C:\Users\Dick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ArcadeParlor
Folder Found: C:\Program Files\Enigma Software Group
Folder Found: C:\ProgramData\Partner
Folder Found: C:\ProgramData\Spyware Clear
Folder Found: C:\ProgramData\Trymedia
Folder Found: C:\ProgramData\Application Data\Partner
Folder Found: C:\ProgramData\Application Data\Spyware Clear
Folder Found: C:\ProgramData\Application Data\Trymedia
Folder Found: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Optimizer Pro
Folder Found: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tech Hotline
Folder Found: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Clear
Folder Found: C:\Program Files (x86)\converter free online
Folder Found: C:\Program Files (x86)\PCTechHotline
Folder Found: C:\Program Files (x86)\Search Extensions
Folder Found: C:\Program Files (x86)\Spyware Clear
Folder Found: C:\Program Files (x86)\ViewPlay

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious keys found.

***** [ Shortcuts ] *****

No infected shortcut found.

***** [ Scheduled Tasks ] *****

Task Found: Yahoo! Powered focet

***** [ Registry ] *****

Key Found: HKLM\SOFTWARE\Classes\Toolbar.CT3315828
Key Found: HKLM\SOFTWARE\Classes\PricePeep.PricePeepBho
Key Found: HKLM\SOFTWARE\Classes\PricePeep.PricePeepBho.1
Key Found: HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
Key Found: HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
Key Found: [x64] HKLM\SOFTWARE\Classes\PricePeep.PricePeepBho
Key Found: [x64] HKLM\SOFTWARE\Classes\PricePeep.PricePeepBho.1
Key Found: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
Key Found: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
Key Found: HKLM\SOFTWARE\Classes\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}
Key Found: HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{F8D96645-337C-419B-8792-B6C126145811}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Found: HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
Key Found: HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Key Found: HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found: HKLM\SOFTWARE\Classes\TypeLib\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408}
Key Found: HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F8D96645-337C-419B-8792-B6C126145811}
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F8D96645-337C-419B-8792-B6C126145811}
Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Found: HKU\S-1-5-21-2850075346-2245016049-747838122-1001\Software\SoftwareUpdater
Key Found: HKU\S-1-5-21-2850075346-2245016049-747838122-1001\Software\Yahoo\Companion
Key Found: HKU\S-1-5-21-2850075346-2245016049-747838122-1001\Software\ICSW1.23
Key Found: HKCU\Software\SoftwareUpdater
Key Found: HKCU\Software\Yahoo\Companion
Key Found: HKCU\Software\ICSW1.23
Key Found: HKLM\SOFTWARE\Trymedia Systems
Key Found: [x64] HKCU\Software\SoftwareUpdater
Key Found: [x64] HKCU\Software\Yahoo\Companion
Key Found: [x64] HKCU\Software\ICSW1.23
Key Found: [x64] HKLM\SOFTWARE\EnigmaSoftwareGroup
Key Found: HKU\S-1-5-21-2850075346-2245016049-747838122-1001\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Found: HKU\S-1-5-21-2850075346-2245016049-747838122-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9AD4A38E-6442-42F0-B404-28E20439EE3C}
Data Found: HKU\S-1-5-21-2850075346-2245016049-747838122-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Key Found: HKU\S-1-5-21-2850075346-2245016049-747838122-1001\Software\Microsoft\Internet Explorer\SearchScopes\{DB1F97D9-8E93-416C-8055-EAB4310BBFB2}
Key Found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9AD4A38E-6442-42F0-B404-28E20439EE3C}
Data Found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Key Found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DB1F97D9-8E93-416C-8055-EAB4310BBFB2}
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9AD4A38E-6442-42F0-B404-28E20439EE3C}
Data Found: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DB1F97D9-8E93-416C-8055-EAB4310BBFB2}

***** [ Web browsers ] *****

No malicious Firefox based browser items found.
No malicious Chromium based browser items found.

*************************

C:\AdwCleaner\AdwCleaner[s0].txt - [6255 Bytes] - [08/02/2017 07:21:23]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [6328 Bytes] ##########

do not know what happened but here it is , I think

[Juliet]

you did good

here is the file that needed to go

Task Found: Yahoo! Powered focet

 

from the log you posted it says found, not seeing the one where it deleted anything.

 

Do you know when you ran the scan that you allowed it to quarantine anything?

Edited February 9, 2017 by Juliet

[DBatt]

I believe it was set to clean

[Juliet]

if you run the tool below, this will clean off the tools and quarantine folders we used.

• Please download DelFix or from Here and save the file to your Desktop.
• Double-click DelFix.exe to run the programme.
• Place a checkmark next to the following items:
• Activate UAC
• Remove disinfection tools
• Click the Run button.
• -- This will remove the specialized tools we used to disinfect your system.

  Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually (right-click the file + delete

  ).

***********

[DBatt]

SS blocks this program from running. Is it necessary to delete the Malware , and adware and adwcleaner programs ? if so can they be removed thru control panel and uninstall ?

[Juliet]

some may or may not be listed in add/remove control panel

 

Check there first

 

You may also locate the tool, right click and delete.

[DBatt]

Many thanks! Back on the road to sanity again, whatever that is.

[Juliet]

safe surfing