Author Topic: [Inactive] spyware removal  (Read 6511 times)

Offline Chendorpg

  • Bronze Member
  • Posts: 12
Re: [In Progress] spyware removal
« Reply #15 on: October 08, 2014, 11:12:41 PM »
# AdwCleaner v3.311 - Report created 08/10/2014 at 22:08:35
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Rosendo - ROSENDO-PC
# Running from : C:\Users\Rosendo\Downloads\adwcleaner_3.311.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17280


-\\ Mozilla Firefox v32.0.3 (x86 en-US)

[ File : C:\Users\Rosendo\AppData\Roaming\Mozilla\Firefox\Profiles\3fyk55np.default\prefs.js ]


-\\ Google Chrome v36.0.1985.125

[ File : C:\Users\Rosendo\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [15281 octets] - [06/10/2014 20:22:03]
AdwCleaner[R1].txt - [15274 octets] - [06/10/2014 20:27:29]
AdwCleaner[R2].txt - [1141 octets] - [07/10/2014 19:12:58]
AdwCleaner[R3].txt - [1202 octets] - [07/10/2014 19:49:00]
AdwCleaner[R4].txt - [1322 octets] - [07/10/2014 19:51:40]
AdwCleaner[R5].txt - [1382 octets] - [08/10/2014 22:08:03]
AdwCleaner[S0].txt - [15167 octets] - [06/10/2014 20:28:08]
AdwCleaner[S1].txt - [1263 octets] - [07/10/2014 19:49:41]
AdwCleaner[S2].txt - [1303 octets] - [08/10/2014 22:08:35]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1363 octets] ##########

Offline Chendorpg

  • Bronze Member
  • Posts: 12
Re: [In Progress] spyware removal
« Reply #16 on: October 08, 2014, 11:48:32 PM »
Hi, after the last instruction I open rogue killer I may have deleted something connected to the internet it won't open any website. I will try tomorrow to open.
Thanks

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27141
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] spyware removal
« Reply #17 on: October 09, 2014, 12:36:01 PM »
How is it working now? If it does not connect still try resetting your Winsock by follow the instructions below.

Click Start. click run, type: cmd, and press CTRL+SHIFT+Enter
Type: netsh winsock reset, and then press the ENTER key.
Type: Exit and press ENTER.
Restart the computer.

Let me know how that works.

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline Chendorpg

  • Bronze Member
  • Posts: 12
Re: [In Progress] spyware removal
« Reply #18 on: October 09, 2014, 10:06:15 PM »
Malwarebytes Anti-Malware
http://www.malwarebytes.org

Scan Date: 10/9/2014
Scan Time: 3:00:31 PM
Logfile:
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.10.09.11
Rootkit Database: v2014.10.08.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Rosendo

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 316361
Time Elapsed: 7 min, 2 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 6
PUP.Optional.FramedDisplay.A, C:\Program Files (x86)\Framed Display\updateFramedDisplay.exe, 5856, Delete-on-Reboot, [456ab55d90ec9c9a66b91aab2ed3cc34]
PUP.Optional.PCTechHotline.A, C:\Program Files (x86)\PCTechHotline\PCTechHotline.exe, 2356, Delete-on-Reboot, [9c138a88562621153b5f9a95ac579868]
PUP.Optional.PCTechHotline.A, C:\Program Files (x86)\PCTechHotline\PCTechHotlineSvc.exe, 3684, Delete-on-Reboot, [9c138a88562621153b5f9a95ac579868]
PUP.Optional.PCTechHotline.A, C:\Program Files (x86)\PCTechHotline\PCTHHook.exe, 4492, Delete-on-Reboot, [9c138a88562621153b5f9a95ac579868]
PUP.Optional.PCTechHotline.A, C:\Program Files (x86)\PCTechHotline\PCTHHook64.exe, 2328, Delete-on-Reboot, [9c138a88562621153b5f9a95ac579868]
PUP.Optional.Astromenda, C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe, 2856, Delete-on-Reboot, [1b946ea44438fb3bdcee0800b74cd22e]

Modules: 15
PUP.Optional.FramedDisplay.A, C:\Program Files (x86)\Framed Display\FramedDisplaybho.dll, Delete-on-Reboot, [0fa0b062e29af244c95571549b6627d9],
PUP.Optional.PCTechHotline.A, C:\Program Files (x86)\PCTechHotline\PCTHHook.dll, Delete-on-Reboot, [9c138a88562621153b5f9a95ac579868],
PUP.Optional.PCTechHotline.A, C:\Program Files (x86)\PCTechHotline\PCTHHook.dll, Delete-on-Reboot, [9c138a88562621153b5f9a95ac579868],
PUP.Optional.PCTechHotline.A, C:\Program Files (x86)\PCTechHotline\PCTHHook.dll, Delete-on-Reboot, [9c138a88562621153b5f9a95ac579868],
PUP.Optional.PCTechHotline.A, C:\Program Files (x86)\PCTechHotline\PCTHHook.dll, Delete-on-Reboot, [9c138a88562621153b5f9a95ac579868],
PUP.Optional.PCTechHotline.A, C:\Program Files (x86)\PCTechHotline\PCTHHook.dll, Delete-on-Reboot, [9c138a88562621153b5f9a95ac579868],
PUP.Optional.PCTechHotline.A, C:\Program Files (x86)\PCTechHotline\PCTHHook.dll, Delete-on-Reboot, [9c138a88562621153b5f9a95ac579868],
PUP.Optional.PCTechHotline.A, C:\Program Files (x86)\PCTechHotline\PCTHHook.dll, Delete-on-Reboot, [9c138a88562621153b5f9a95ac579868],
PUP.Optional.PCTechHotline.A, C:\Program Files (x86)\PCTechHotline\PCTHHook.dll, Delete-on-Reboot, [9c138a88562621153b5f9a95ac579868],
PUP.Optional.PCTechHotline.A, C:\Program Files (x86)\PCTechHotline\PCTHHook.dll, Delete-on-Reboot, [9c138a88562621153b5f9a95ac579868],
PUP.Optional.PCTechHotline.A, C:\Program Files (x86)\PCTechHotline\PCTHHook.dll, Delete-on-Reboot, [9c138a88562621153b5f9a95ac579868],
PUP.Optional.PCTechHotline.A, C:\Program Files (x86)\PCTechHotline\PCTHHook.dll, Delete-on-Reboot, [9c138a88562621153b5f9a95ac579868],
PUP.Optional.PCTechHotline.A, C:\Program Files (x86)\PCTechHotline\PCTHHook.dll, Delete-on-Reboot, [9c138a88562621153b5f9a95ac579868],
PUP.Optional.PCTechHotline.A, C:\Program Files (x86)\PCTechHotline\PCTHHook.dll, Delete-on-Reboot, [9c138a88562621153b5f9a95ac579868],
PUP.Optional.PCTechHotline.A, C:\Program Files (x86)\PCTechHotline\PCTHHook.dll, Delete-on-Reboot, [9c138a88562621153b5f9a95ac579868],

Registry Keys: 72
PUP.Optional.FramedDisplay.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Framed Display, Quarantined, [456ab55d90ec9c9a66b91aab2ed3cc34],
PUP.Optional.FramedDisplay.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{05b5ef3f-4c6a-426e-b77e-48ebb3e721f1}, Quarantined, [0fa0b062e29af244c95571549b6627d9],
PUP.Optional.FramedDisplay.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{a6ceb2de-65f7-46fe-89da-446dd487f293}, Quarantined, [0fa0b062e29af244c95571549b6627d9],
PUP.Optional.FramedDisplay.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{5B81129C-6563-411B-A509-6BBB01EC25FF}, Quarantined, [0fa0b062e29af244c95571549b6627d9],
PUP.Optional.FramedDisplay.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{5B81129C-6563-411B-A509-6BBB01EC25FF}, Quarantined, [0fa0b062e29af244c95571549b6627d9],
PUP.Optional.FramedDisplay.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{a6ceb2de-65f7-46fe-89da-446dd487f293}, Quarantined, [0fa0b062e29af244c95571549b6627d9],
PUP.Optional.FramedDisplay.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{05B5EF3F-4C6A-426E-B77E-48EBB3E721F1}, Quarantined, [0fa0b062e29af244c95571549b6627d9],
PUP.Optional.FramedDisplay.A, HKU\S-1-5-21-503218662-686305285-1257243151-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{05B5EF3F-4C6A-426E-B77E-48EBB3E721F1}, Quarantined, [0fa0b062e29af244c95571549b6627d9],
PUP.Optional.FramedDisplay.A, HKU\S-1-5-21-503218662-686305285-1257243151-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{05B5EF3F-4C6A-426E-B77E-48EBB3E721F1}, Quarantined, [0fa0b062e29af244c95571549b6627d9],
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, Quarantined, [3b7447cb85f73ef89ad77260788a857b],
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, Quarantined, [3b7447cb85f73ef89ad77260788a857b],
PUP.Optional.PCTechHotline.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PCTechHotlineSvc, Quarantined, [9c138a88562621153b5f9a95ac579868],
PUP.Optional.PCTechHotline.A, HKLM\SOFTWARE\CLASSES\CLSID\{6E30A318-C2A8-4874-9C44-30EB821658BA}, Quarantined, [9c138a88562621153b5f9a95ac579868],
PUP.Optional.PCTechHotline.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{A0B0DA25-DD15-4739-92A3-62D3424F043A}_is1, Quarantined, [9c138a88562621153b5f9a95ac579868],
PUP.Optional.FramedDisplay.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Framed Display, Quarantined, [cbe423ef97e5ec4af3c73450fd07bd43],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.CoCreateAsync, Quarantined, [5c5316fc1567310513b13911d92a837d],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.CoCreateAsync.1.0, Quarantined, [d2dd33df38448caa5b698cbe31d214ec],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.CoreClass, Quarantined, [69469082bfbde84e6f55ca804fb4b54b],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.CoreClass.1, Quarantined, [d1de20f2314b2412259f9fab8c7737c9],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.CoreMachineClass, Quarantined, [2f8037db0f6d2f072f950f3bed16b848],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.CoreMachineClass.1, Quarantined, [f5ba54bee993989e5b691e2c2ad99f61],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.CredentialDialogMachine, Quarantined, [0aa5af63ccb058de6f55c288ff0403fd],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.CredentialDialogMachine.1.0, Quarantined, [b6f9a56d502cdb5be5df35157c8735cb],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.OnDemandCOMClassMachine, Quarantined, [b1fe12006b11b482d0f49dadc53e728e],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.OnDemandCOMClassMachine.1.0, Quarantined, [7f3072a0354753e3ab199dad5ea5be42],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.OnDemandCOMClassMachineFallback, Quarantined, [b0ff799985f7191dae16301af90ad42c],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.OnDemandCOMClassMachineFallback.1.0, Quarantined, [a10eb85a1d5f0135e4e067e3ba494eb2],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.OnDemandCOMClassSvc, Quarantined, [f2bddb37a3d94de932923317fc0726da],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.OnDemandCOMClassSvc.1.0, Quarantined, [4f6057bb6418e1552f95e06a04ff15eb],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.ProcessLauncher, Quarantined, [228d71a183f954e223a17ad01ae9fc04],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.ProcessLauncher.1.0, Quarantined, [fcb327eb700ce452bd07a2a8887bf30d],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.Update3COMClassService, Quarantined, [4b641af8abd1ce68b80cb694b74c8977],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.Update3COMClassService.1.0, Quarantined, [97184ec4dca0da5c7153f2589b68ae52],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.Update3WebMachine, Quarantined, [901f8a886e0ef343289c3a103dc6d828],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.Update3WebMachine.1.0, Quarantined, [3b7458bafe7edf5711b329214eb501ff],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.Update3WebMachineFallback, Quarantined, [ebc44dc5f3893402784c2b1fb64da060],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.Update3WebMachineFallback.1.0, Quarantined, [1c937b97d1abbb7b18ac50fad1326a96],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.Update3WebSvc, Quarantined, [5c53f51d5923b58106be3e0ca55ef808],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.Update3WebSvc.1.0, Quarantined, [307fac6618640432e1e395b54ab9dd23],
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}, Quarantined, [cce3b26096e6d3633a8ab1d28f7536ca],
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}, Quarantined, [802f8b87e696a88e2c97eb98689c4db3],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.CoCreateAsync, Quarantined, [e7c8977b4b310234487c2a20cc3739c7],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.CoCreateAsync.1.0, Quarantined, [941bef235329082ec103272348bbbc44],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.CoreClass, Quarantined, [317ea66c94e8cd6910b46edc966d4fb1],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.CoreClass.1, Quarantined, [832c35dd611bed493f85044692717987],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.CoreMachineClass, Quarantined, [1e91af63a6d62a0ce8dc58f24eb5a15f],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.CoreMachineClass.1, Quarantined, [cfe0ba58205cb18543813911b54e56aa],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.CredentialDialogMachine, Quarantined, [77381af87dff6dc96e567fcb6b98f60a],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.CredentialDialogMachine.1.0, Quarantined, [228df121ff7dcf67be06bf8b44bf3bc5],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.OnDemandCOMClassMachine, Quarantined, [1f909181403c2c0a4381183201027c84],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.OnDemandCOMClassMachine.1.0, Quarantined, [9d1291814339ae88b70df654fc07f40c],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.OnDemandCOMClassMachineFallback, Quarantined, [357a070b255753e31da72e1c689bd42c],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.OnDemandCOMClassMachineFallback.1.0, Quarantined, [8728a1710f6d65d1edd7ef5bfa0944bc],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.OnDemandCOMClassSvc, Quarantined, [505fb1615f1dba7ca420b1993ac9946c],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.OnDemandCOMClassSvc.1.0, Quarantined, [8c2314fed0ac5cda7a4ac882828159a7],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.ProcessLauncher, Quarantined, [644b9c76cab27db90cb8410901023ac6],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.ProcessLauncher.1.0, Quarantined, [7a350d058cf0a78fccf82327d92adf21],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.Update3COMClassService, Quarantined, [d3dcbc560f6d8da98f35163439ca7c84],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.Update3COMClassService.1.0, Quarantined, [3778bd5529532a0c3b890149a360ce32],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.Update3WebMachine, Quarantined, [a20d44ce4d2f53e3faca4ffb7e85e818],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.Update3WebMachine.1.0, Quarantined, [57586da5e39964d2685c98b25aa9a55b],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.Update3WebMachineFallback, Quarantined, [77380b07d1abdd59f2d272d853b01be5],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.Update3WebMachineFallback.1.0, Quarantined, [c4ebc94984f8f244a61e3b0f828151af],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.Update3WebSvc, Quarantined, [e7c87e94a6d63bfb675d6bdf58ab5ba5],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.Update3WebSvc.1.0, Quarantined, [723d39d96c10bf7718ac6ae042c157a9],
PUP.Optional.InstallCore.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLCORE\WSE_Astromenda, Quarantined, [37781200c2ba26105d1a68a935ce09f7],
PUP.Optional.Mezza, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\SAFEBOOT\NETWORK\MZA, Quarantined, [1b94a66caecedb5bcc12b06bee15e31d],
PUP.Optional.Astromenda.A, HKU\S-1-5-21-503218662-686305285-1257243151-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\wse_astromenda, Quarantined, [48676ca60a7254e2bcc0ae6ba85bd52b],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-503218662-686305285-1257243151-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, Quarantined, [f1be62b00478ec4a162666e3d62df010],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-503218662-686305285-1257243151-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Quarantined, [842b16fc67150e284647cb946d976f91],
PUP.Optional.Updater.A, HKU\S-1-5-21-503218662-686305285-1257243151-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\UpdaterEX, Quarantined, [0ca361b1106c83b331214db6ee15649c],
PUP.Optional.Astromenda, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WSE_Astromenda, Quarantined, [1b946ea44438fb3bdcee0800b74cd22e],

Registry Values: 5
PUP.Optional.PCTechHotline.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|PCTechHotline, "C:\Program Files (x86)\PCTechHotline\PCTechHotline.exe" /STARTUP, Quarantined, [9c138a88562621153b5f9a95ac579868]
PUP.Optional.VBates.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|V-bates, C:\Program Files\V-bates\notifier.exe, Quarantined, [08a73ad8344859dd13bc0228f40f6c94]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-503218662-686305285-1257243151-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0H1K1J1N2U0R1O1F, Quarantined, [842b16fc67150e284647cb946d976f91]
PUP.Optional.Astromenda.A, HKU\S-1-5-21-503218662-686305285-1257243151-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|WSE_Astromenda, wscript /E:vbscript /B "C:\Users\Rosendo\AppData\Roaming\WSE_Astromenda\UpdateProc\bkup.dat", Quarantined, [426d80923b41280e235844d5fc0706fa]
PUP.Optional.Astromenda, HKU\S-1-5-21-503218662-686305285-1257243151-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|BRS, C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe -runBRS, Quarantined, [1b946ea44438fb3bdcee0800b74cd22e]

Registry Data: 0
(No malicious items detected)

Folders: 16
PUP.Optional.PCTechHotline.A, C:\Program Files (x86)\PCTechHotline, Delete-on-Reboot, [9c138a88562621153b5f9a95ac579868],
PUP.Optional.PCTechHotline.A, C:\Program Files (x86)\PCTechHotline\Update, Quarantined, [9c138a88562621153b5f9a95ac579868],
PUP.Optional.FramedDisplay.A, C:\Program Files (x86)\Framed Display, Delete-on-Reboot, [cbe423ef97e5ec4af3c73450fd07bd43],
PUP.Optional.Updater.A, C:\Users\Rosendo\AppData\Roaming\UpdaterEX\UpdateProc, Quarantined, [0ca361b1106c83b331214db6ee15649c],
PUP.Optional.Astromenda, C:\Program Files (x86)\WSE_Astromenda, Delete-on-Reboot, [1b946ea44438fb3bdcee0800b74cd22e],
PUP.Optional.Astromenda, C:\Program Files (x86)\WSE_Astromenda\bh, Quarantined, [1b946ea44438fb3bdcee0800b74cd22e],
PUP.Optional.Astromenda, C:\Program Files (x86)\WSE_Astromenda\BRS, Delete-on-Reboot, [1b946ea44438fb3bdcee0800b74cd22e],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\WSE_Astromenda, Quarantined, [ecc31bf79ddf2c0a92517e8afc073dc3],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\WSE_Astromenda\icons_3.5.1.2, Quarantined, [ecc31bf79ddf2c0a92517e8afc073dc3],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\WSE_Astromenda\UpdateProc, Quarantined, [ecc31bf79ddf2c0a92517e8afc073dc3],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\Mozilla\Firefox\Profiles\3fyk55np.default\extensions\{ad7ce998-a77b-4062-9ffb-1d0b7cb23183}, Quarantined, [1f90f31fc8b4b77f8a167698eb18f50b],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\Mozilla\Firefox\Profiles\3fyk55np.default\extensions\{ad7ce998-a77b-4062-9ffb-1d0b7cb23183}\content, Quarantined, [1f90f31fc8b4b77f8a167698eb18f50b],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\Mozilla\Firefox\Profiles\3fyk55np.default\extensions\{ad7ce998-a77b-4062-9ffb-1d0b7cb23183}\content\browser, Quarantined, [1f90f31fc8b4b77f8a167698eb18f50b],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\Mozilla\Firefox\Profiles\3fyk55np.default\extensions\{ad7ce998-a77b-4062-9ffb-1d0b7cb23183}\content\external, Quarantined, [1f90f31fc8b4b77f8a167698eb18f50b],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\Mozilla\Firefox\Profiles\3fyk55np.default\astrmndant, Quarantined, [703f29e9f18bc86e2709090707fcc937],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\Mozilla\Firefox\Profiles\3fyk55np.default\astrmndant\fav_thumbs, Quarantined, [703f29e9f18bc86e2709090707fcc937],

Files: 80
PUP.Optional.FramedDisplay.A, C:\Program Files (x86)\Framed Display\updateFramedDisplay.exe, Delete-on-Reboot, [456ab55d90ec9c9a66b91aab2ed3cc34],
PUP.Optional.FramedDisplay.A, C:\Program Files (x86)\Framed Display\FramedDisplaybho.dll, Delete-on-Reboot, [0fa0b062e29af244c95571549b6627d9],
PUP.Optional.Sambreel.A, C:\Program Files (x86)\Framed Display\FramedDisplay.FirstRun.exe, Quarantined, [aa058d857c00de5865e13731c43dfe02],
PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro\OptProSchedule.exe, Quarantined, [efc0bd55007c87afa6b62f0c49b8db25],
PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro\OptProSmartScan.exe, Quarantined, [d4db7e94156789ad5ffe1c1f13ee18e8],
PUP.Optional.DomaIQ, C:\Users\Rosendo\Downloads\Setup(2).exe, Quarantined, [0da258ba621a181e95fb9615c73a5ba5],
PUP.Optional.Amonetize, C:\Users\Rosendo\AppData\Local\15292\a3424.exe, Quarantined, [159a6ba7a9d385b15f1bd7ef3ec3916f],
PUP.Optional.SearchProtect.A, C:\Windows\AppPatch\AppPatch64\SPVCLdr64.dll, Quarantined, [a10ea171de9eb284cd17079842bf50b0],
PUP.Optional.Astromenda.A, C:\Windows\System32\Tasks\WSE_Astromenda, Quarantined, [cfe01bf7acd079bd270f040d2fd4a25e],
PUP.Optional.Astromenda.A, C:\Windows\Tasks\WSE_Astromenda.job, Quarantined, [951a8b870c70162082b5c84982817987],
PUP.Optional.FramedDisplay.A, C:\Users\Rosendo\AppData\Roaming\Mozilla\Firefox\Profiles\3fyk55np.default\extensions\{e9bebce7-deb3-4ab9-896c-549739f208c5}.xpi, Quarantined, [ac03b16186f660d62328878c10f3fe02],
PUP.Optional.Astromenda, C:\Users\Rosendo\AppData\Roaming\Mozilla\Firefox\Profiles\3fyk55np.default\searchplugins\Astromenda.xml, Quarantined, [ded163af81fb34022012ff1bd62dfa06],
PUP.Optional.PCTechHotline.A, C:\Program Files (x86)\PCTechHotline\PCTHdesk.dll, Quarantined, [9c138a88562621153b5f9a95ac579868],
PUP.Optional.PCTechHotline.A, C:\Program Files (x86)\PCTechHotline\PCTechHotline.exe, Delete-on-Reboot, [9c138a88562621153b5f9a95ac579868],
PUP.Optional.PCTechHotline.A, C:\Program Files (x86)\PCTechHotline\PCTechHotlineSvc.exe, Delete-on-Reboot, [9c138a88562621153b5f9a95ac579868],
PUP.Optional.PCTechHotline.A, C:\Program Files (x86)\PCTechHotline\PCTHdesk.64.dll, Quarantined, [9c138a88562621153b5f9a95ac579868],
PUP.Optional.PCTechHotline.A, C:\Program Files (x86)\PCTechHotline\PCTHHook.dll, Delete-on-Reboot, [9c138a88562621153b5f9a95ac579868],
PUP.Optional.PCTechHotline.A, C:\Program Files (x86)\PCTechHotline\PCTHHook.exe, Delete-on-Reboot, [9c138a88562621153b5f9a95ac579868],
PUP.Optional.PCTechHotline.A, C:\Program Files (x86)\PCTechHotline\PCTHHook64.dll, Delete-on-Reboot, [9c138a88562621153b5f9a95ac579868],
PUP.Optional.PCTechHotline.A, C:\Program Files (x86)\PCTechHotline\PCTHHook64.exe, Delete-on-Reboot, [9c138a88562621153b5f9a95ac579868],
PUP.Optional.PCTechHotline.A, C:\Program Files (x86)\PCTechHotline\unins000.dat, Quarantined, [9c138a88562621153b5f9a95ac579868],
PUP.Optional.PCTechHotline.A, C:\Program Files (x86)\PCTechHotline\unins000.exe, Quarantined, [9c138a88562621153b5f9a95ac579868],
PUP.Optional.PCTechHotline.A, C:\Program Files (x86)\PCTechHotline\unins000.msg, Quarantined, [9c138a88562621153b5f9a95ac579868],
PUP.Optional.SearchProtect, C:\Windows\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb, Quarantined, [16993ad897e52e0894337211bf4517e9],
PUP.Optional.FramedDisplay.A, C:\Program Files (x86)\Framed Display\FramedDisplay.ico, Quarantined, [cbe423ef97e5ec4af3c73450fd07bd43],
PUP.Optional.FramedDisplay.A, C:\Program Files (x86)\Framed Display\0, Quarantined, [cbe423ef97e5ec4af3c73450fd07bd43],
PUP.Optional.FramedDisplay.A, C:\Program Files (x86)\Framed Display\7za.exe, Quarantined, [cbe423ef97e5ec4af3c73450fd07bd43],
PUP.Optional.FramedDisplay.A, C:\Program Files (x86)\Framed Display\FramedDisplayUninstall.exe, Quarantined, [cbe423ef97e5ec4af3c73450fd07bd43],
PUP.Optional.FramedDisplay.A, C:\Program Files (x86)\Framed Display\updateFramedDisplay.InstallState, Quarantined, [cbe423ef97e5ec4af3c73450fd07bd43],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\Mozilla\Firefox\Profiles\3fyk55np.default\extensions\{424b0d11-e7fe-4a04-b7df-8f2c77f58aaf}.xpi, Quarantined, [b8f749c99fdd0630e32295f0eb1951af],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\WSE_Astromenda\UpdateProc\bkup.dat, Quarantined, [426d80923b41280e235844d5fc0706fa],
PUP.Optional.Updater.A, C:\Users\Rosendo\AppData\Roaming\UpdaterEX\UpdateProc\config.dat, Quarantined, [0ca361b1106c83b331214db6ee15649c],
PUP.Optional.Updater.A, C:\Users\Rosendo\AppData\Roaming\UpdaterEX\UpdateProc\prod.dat, Quarantined, [0ca361b1106c83b331214db6ee15649c],
PUP.Optional.Updater.A, C:\Users\Rosendo\AppData\Roaming\UpdaterEX\UpdateProc\STTL.DAT, Quarantined, [0ca361b1106c83b331214db6ee15649c],
PUP.Optional.Updater.A, C:\Users\Rosendo\AppData\Roaming\UpdaterEX\UpdateProc\TTL.DAT, Quarantined, [0ca361b1106c83b331214db6ee15649c],
PUP.Optional.Updater.A, C:\Users\Rosendo\AppData\Roaming\UpdaterEX\UpdateProc\UpdateTask.exe, Quarantined, [0ca361b1106c83b331214db6ee15649c],
PUP.Optional.Astromenda, C:\Program Files (x86)\WSE_Astromenda\astcnfg.dat, Quarantined, [1b946ea44438fb3bdcee0800b74cd22e],
PUP.Optional.Astromenda, C:\Program Files (x86)\WSE_Astromenda\FavIcon.ico, Quarantined, [1b946ea44438fb3bdcee0800b74cd22e],
PUP.Optional.Astromenda, C:\Program Files (x86)\WSE_Astromenda\Sqlite3.dll, Quarantined, [1b946ea44438fb3bdcee0800b74cd22e],
PUP.Optional.Astromenda, C:\Program Files (x86)\WSE_Astromenda\uninst.dat, Quarantined, [1b946ea44438fb3bdcee0800b74cd22e],
PUP.Optional.Astromenda, C:\Program Files (x86)\WSE_Astromenda\uninstall.exe, Quarantined, [1b946ea44438fb3bdcee0800b74cd22e],
PUP.Optional.Astromenda, C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe, Delete-on-Reboot, [1b946ea44438fb3bdcee0800b74cd22e],
PUP.Optional.Astromenda, C:\Program Files (x86)\WSE_Astromenda\BRS\Sqlite3.dll, Quarantined, [1b946ea44438fb3bdcee0800b74cd22e],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\WSE_Astromenda\icons_3.5.1.2\ctr.ico, Quarantined, [ecc31bf79ddf2c0a92517e8afc073dc3],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\WSE_Astromenda\UpdateProc\config.dat, Quarantined, [ecc31bf79ddf2c0a92517e8afc073dc3],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\WSE_Astromenda\UpdateProc\info.dat, Quarantined, [ecc31bf79ddf2c0a92517e8afc073dc3],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\WSE_Astromenda\UpdateProc\STTL.DAT, Quarantined, [ecc31bf79ddf2c0a92517e8afc073dc3],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\WSE_Astromenda\UpdateProc\TTL.DAT, Quarantined, [ecc31bf79ddf2c0a92517e8afc073dc3],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\WSE_Astromenda\UpdateProc\UpdateTask.exe, Quarantined, [ecc31bf79ddf2c0a92517e8afc073dc3],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\Mozilla\Firefox\Profiles\3fyk55np.default\extensions\{ad7ce998-a77b-4062-9ffb-1d0b7cb23183}\bootstrap.js, Quarantined, [1f90f31fc8b4b77f8a167698eb18f50b],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\Mozilla\Firefox\Profiles\3fyk55np.default\extensions\{ad7ce998-a77b-4062-9ffb-1d0b7cb23183}\chrome.manifest, Quarantined, [1f90f31fc8b4b77f8a167698eb18f50b],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\Mozilla\Firefox\Profiles\3fyk55np.default\extensions\{ad7ce998-a77b-4062-9ffb-1d0b7cb23183}\icon.png, Quarantined, [1f90f31fc8b4b77f8a167698eb18f50b],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\Mozilla\Firefox\Profiles\3fyk55np.default\extensions\{ad7ce998-a77b-4062-9ffb-1d0b7cb23183}\icon64.png, Quarantined, [1f90f31fc8b4b77f8a167698eb18f50b],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\Mozilla\Firefox\Profiles\3fyk55np.default\extensions\{ad7ce998-a77b-4062-9ffb-1d0b7cb23183}\install.rdf, Quarantined, [1f90f31fc8b4b77f8a167698eb18f50b],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\Mozilla\Firefox\Profiles\3fyk55np.default\extensions\{ad7ce998-a77b-4062-9ffb-1d0b7cb23183}\content\browser\astr.1.2.jsm, Quarantined, [1f90f31fc8b4b77f8a167698eb18f50b],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\Mozilla\Firefox\Profiles\3fyk55np.default\extensions\{ad7ce998-a77b-4062-9ffb-1d0b7cb23183}\content\browser\astr.1.2h.jsm, Quarantined, [1f90f31fc8b4b77f8a167698eb18f50b],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\Mozilla\Firefox\Profiles\3fyk55np.default\extensions\{ad7ce998-a77b-4062-9ffb-1d0b7cb23183}\content\browser\background.js, Quarantined, [1f90f31fc8b4b77f8a167698eb18f50b],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\Mozilla\Firefox\Profiles\3fyk55np.default\extensions\{ad7ce998-a77b-4062-9ffb-1d0b7cb23183}\content\browser\browser.js, Quarantined, [1f90f31fc8b4b77f8a167698eb18f50b],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\Mozilla\Firefox\Profiles\3fyk55np.default\extensions\{ad7ce998-a77b-4062-9ffb-1d0b7cb23183}\content\browser\header.js, Quarantined, [1f90f31fc8b4b77f8a167698eb18f50b],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\Mozilla\Firefox\Profiles\3fyk55np.default\extensions\{ad7ce998-a77b-4062-9ffb-1d0b7cb23183}\content\browser\timer.jsm, Quarantined, [1f90f31fc8b4b77f8a167698eb18f50b],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\Mozilla\Firefox\Profiles\3fyk55np.default\extensions\{ad7ce998-a77b-4062-9ffb-1d0b7cb23183}\content\external\aes.js, Quarantined, [1f90f31fc8b4b77f8a167698eb18f50b],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\Mozilla\Firefox\Profiles\3fyk55np.default\extensions\{ad7ce998-a77b-4062-9ffb-1d0b7cb23183}\content\external\hmac-md5.js, Quarantined, [1f90f31fc8b4b77f8a167698eb18f50b],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\Mozilla\Firefox\Profiles\3fyk55np.default\extensions\{ad7ce998-a77b-4062-9ffb-1d0b7cb23183}\content\external\jsencrypt.min.js, Quarantined, [1f90f31fc8b4b77f8a167698eb18f50b],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\Mozilla\Firefox\Profiles\3fyk55np.default\extensions\{ad7ce998-a77b-4062-9ffb-1d0b7cb23183}\content\external\md5.js, Quarantined, [1f90f31fc8b4b77f8a167698eb18f50b],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\Mozilla\Firefox\Profiles\3fyk55np.default\extensions\{ad7ce998-a77b-4062-9ffb-1d0b7cb23183}\content\external\string.min.js, Quarantined, [1f90f31fc8b4b77f8a167698eb18f50b],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\Mozilla\Firefox\Profiles\3fyk55np.default\extensions\{ad7ce998-a77b-4062-9ffb-1d0b7cb23183}\content\external\underscore-min.js, Quarantined, [1f90f31fc8b4b77f8a167698eb18f50b],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\Mozilla\Firefox\Profiles\3fyk55np.default\astrmndant\fav-groups, Quarantined, [703f29e9f18bc86e2709090707fcc937],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\Mozilla\Firefox\Profiles\3fyk55np.default\astrmndant\favs##09cabe842eb961bb3c8a0d4062355f2e, Quarantined, [703f29e9f18bc86e2709090707fcc937],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\Mozilla\Firefox\Profiles\3fyk55np.default\astrmndant\fav_thumbs\0006399d0eb0fddb0f9ad6334fdf53e8, Quarantined, [703f29e9f18bc86e2709090707fcc937],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\Mozilla\Firefox\Profiles\3fyk55np.default\astrmndant\fav_thumbs\1113e06f2fd6db1091c87456148c4bad, Quarantined, [703f29e9f18bc86e2709090707fcc937],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\Mozilla\Firefox\Profiles\3fyk55np.default\astrmndant\fav_thumbs\3bb8b492db7bed7a629b9670b890825c, Quarantined, [703f29e9f18bc86e2709090707fcc937],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\Mozilla\Firefox\Profiles\3fyk55np.default\astrmndant\fav_thumbs\4533deac053e5d6828ee972d405e3f73, Quarantined, [703f29e9f18bc86e2709090707fcc937],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\Mozilla\Firefox\Profiles\3fyk55np.default\astrmndant\fav_thumbs\480cc75c24cc3191500fcd2db9b8bced, Quarantined, [703f29e9f18bc86e2709090707fcc937],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\Mozilla\Firefox\Profiles\3fyk55np.default\astrmndant\fav_thumbs\60e45d75af2f74d3b0f44a92f0c756d6, Quarantined, [703f29e9f18bc86e2709090707fcc937],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\Mozilla\Firefox\Profiles\3fyk55np.default\astrmndant\fav_thumbs\9d4b28890ce18a48e8e3affec0423e7d, Quarantined, [703f29e9f18bc86e2709090707fcc937],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\Mozilla\Firefox\Profiles\3fyk55np.default\astrmndant\fav_thumbs\d591eea7c0ad44a7a5029dde74361351, Quarantined, [703f29e9f18bc86e2709090707fcc937],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\Mozilla\Firefox\Profiles\3fyk55np.default\astrmndant\fav_thumbs\fb5d2e0e8b3abadde324796d4f8cd81f, Quarantined, [703f29e9f18bc86e2709090707fcc937],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\Mozilla\Firefox\Profiles\3fyk55np.default\astrmndant\fav_thumbs\fbf41d73977af8ca5481768bb3fe0471, Quarantined, [703f29e9f18bc86e2709090707fcc937],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\Mozilla\Firefox\Profiles\3fyk55np.default\astrmndant\fav_thumbs\fc4f8c66e9417ac31d270550af70236f, Quarantined, [703f29e9f18bc86e2709090707fcc937],
PUP.Optional.Astromenda.A, C:\Users\Rosendo\AppData\Roaming\Mozilla\Firefox\Profiles\3fyk55np.default\prefs.js, Good: (), Bad: (user_pref("browser.startup.homepage", "http://astromenda.com/?f=1&a=ast_dnldstr_14_41_ie&cd=2XzuyEtN2Y1L1Qzu0CzztC0FyCyCtC0FtCzztCtBtBtBtCyBtN0D0Tzu0StCtDtCtAtN1L2XzutAtFyDtFtCtFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEtD0F0DyC0D0CtAtGtDyByCtDtG0F0C0EtCtG0CtAyEzztGyC0Czy0ByDtCtDzytBtCyDtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyCyD0DyE0A0DzztG0FzzyCyBtGyEyEzytDtG0A0D0CtBtGzyyE0DyEyEyByD0CtBtCyDtB2Q&cr=2054351066&ir=");), Replaced,[406f35ddef8d52e49df079d3c342be42]

Physical Sectors: 0
(No malicious items detected)


(end)

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27141
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] spyware removal
« Reply #19 on: October 09, 2014, 10:43:05 PM »
I don't know what to say other than WOW! I was not expecting that much.

Did you have to reset your Winsock? how is the computer running?

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27141
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] spyware removal
« Reply #20 on: February 16, 2015, 06:42:06 PM »
This thread is being closed due to inactivity. If you need it reopened send me a PM. This applies to the originator only. Anyone else please start a new thread.
 

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!