Malwarebytes Anti-Malware
www.malwarebytes.orgScan Date: 4/28/2015
Scan Time: 1:58:45 PM
Logfile: Malwarebytes Log.txt
Administrator: Yes
Version: 2.01.6.1022
Malware Database: v2015.04.28.05
Rootkit Database: v2015.04.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Jeffery
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 339259
Time Elapsed: 28 min, 7 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 4
PUP.Optional.CrossRider.A, C:\Program Files (x86)\CinemaPlus-3.2cV27.04\88e2d631-cef4-4b3b-959f-542c0d09b78a-6.exe, 8136, Delete-on-Reboot, [50a5046d7911053129456cd232d4c739]
PUP.Optional.CrossRider.A, C:\Program Files (x86)\CinemaPlus-3.2cV27.04\88e2d631-cef4-4b3b-959f-542c0d09b78a-10.exe, 1564, Delete-on-Reboot, [985d0c657614f244313da69857af966a]
PUP.Optional.CrossRider.A, C:\Program Files (x86)\CinemaPlus-3.2cV27.04\88e2d631-cef4-4b3b-959f-542c0d09b78a-1-6.exe, 3592, Delete-on-Reboot, [44b13938b5d5eb4bf27c013d1cea36ca]
PUP.Optional.PreBackup.A, C:\Program Files (x86)\OLBPre\OLBPre.exe, 5360, Delete-on-Reboot, [28cd87ea3159e650a19224509e62629e]
Modules: 0
(No malicious items detected)
Registry Keys: 141
PUP.Optional.ModGoog, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdate, Quarantined, [00f57df43456ab8bd6ba98af2bd7cf31],
PUP.Optional.ModGoog, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdatem, Quarantined, [00f57df43456ab8bd6ba98af2bd7cf31],
PUP.Optional.ModGoog, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Quarantined, [00f57df43456ab8bd6ba98af2bd7cf31],
PUP.Optional.ModGoog, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Quarantined, [00f57df43456ab8bd6ba98af2bd7cf31],
Rootkit.Agent.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\bsdriver, Quarantined, [995c135eb3d79c9affe24ef527db33cd],
Rootkit.Agent.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\cherimoya, Quarantined, [15e0d39e9cee3501531d6dd93dc9728e],
PUP.Optional.Shopperz.A, HKU\S-1-5-21-390256854-2030449046-3616693015-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{5081D2D4-1637-404C-B74F-50526718257D}, Quarantined, [54a1aac7a4e60f27f257d26f17ec0000],
PUP.Optional.Shopperz.A, HKLM\SOFTWARE\CLASSES\Extension.jshep, Quarantined, [54a1aac7a4e60f27f257d26f17ec0000],
PUP.Optional.Shopperz.A, HKLM\SOFTWARE\CLASSES\Extension.jshep.1, Quarantined, [54a1aac7a4e60f27f257d26f17ec0000],
PUP.Optional.Shopperz.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Extension.jshep, Quarantined, [54a1aac7a4e60f27f257d26f17ec0000],
PUP.Optional.Shopperz.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Extension.jshep.1, Quarantined, [54a1aac7a4e60f27f257d26f17ec0000],
PUP.Optional.Shopperz.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Extension.jshep, Quarantined, [54a1aac7a4e60f27f257d26f17ec0000],
PUP.Optional.Shopperz.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Extension.jshep.1, Quarantined, [54a1aac7a4e60f27f257d26f17ec0000],
PUP.Optional.Shopperz.A, HKU\S-1-5-21-390256854-2030449046-3616693015-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{5081D2D4-1637-404C-B74F-50526718257D}, Quarantined, [54a1aac7a4e60f27f257d26f17ec0000],
PUP.Optional.PreBackup.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\OLBPre, Quarantined, [e312adc4e6a4ef47079dcef930d34db3],
PUP.Optional.Hatchiho.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{77be1d95-799a-44c5-806b-764404317363}, Quarantined, [0fe66b06f694c472119afb4a4fb68977],
PUP.Optional.Hatchiho.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{5b4f9625-4d85-4c60-8443-ff34c76d7527}, Quarantined, [0fe66b06f694c472119afb4a4fb68977],
PUP.Optional.Hatchiho.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{3E2E7CF5-4D58-4920-AB5C-1CA77559923A}, Quarantined, [0fe66b06f694c472119afb4a4fb68977],
PUP.Optional.Hatchiho.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3E2E7CF5-4D58-4920-AB5C-1CA77559923A}, Quarantined, [0fe66b06f694c472119afb4a4fb68977],
PUP.Optional.Hatchiho.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{3E2E7CF5-4D58-4920-AB5C-1CA77559923A}, Quarantined, [0fe66b06f694c472119afb4a4fb68977],
PUP.Optional.Hatchiho.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{5b4f9625-4d85-4c60-8443-ff34c76d7527}, Quarantined, [0fe66b06f694c472119afb4a4fb68977],
PUP.Optional.Hatchiho.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{5b4f9625-4d85-4c60-8443-ff34c76d7527}, Quarantined, [0fe66b06f694c472119afb4a4fb68977],
PUP.Optional.Hatchiho.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{77BE1D95-799A-44C5-806B-764404317363}, Quarantined, [0fe66b06f694c472119afb4a4fb68977],
PUP.Optional.Hatchiho.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{77BE1D95-799A-44C5-806B-764404317363}, Quarantined, [0fe66b06f694c472119afb4a4fb68977],
PUP.Optional.Hatchiho.A, HKU\S-1-5-21-390256854-2030449046-3616693015-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{77BE1D95-799A-44C5-806B-764404317363}, Quarantined, [0fe66b06f694c472119afb4a4fb68977],
PUP.Optional.Hatchiho.A, HKU\S-1-5-21-390256854-2030449046-3616693015-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{77BE1D95-799A-44C5-806B-764404317363}, Quarantined, [0fe66b06f694c472119afb4a4fb68977],
PUP.Optional.Hatchiho.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Hatchiho, Quarantined, [0fe66b06f694c472119afb4a4fb68977],
PUP.Optional.Flashbeat.A, HKLM\SOFTWARE\Flashbeat, Quarantined, [dd18a5cc593142f494049042f40ffc04],
PUP.Optional.CinemaPlus.C, HKLM\SOFTWARE\ARENAHD, Quarantined, [d42177fa6e1ca591af0bbca1d431b24e],
PUP.Optional.Crossbrowse.C, HKLM\SOFTWARE\CLASSES\CRSBRWSHTML, Quarantined, [ae471e53c9c11d19af55f7d2fb080ff1],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickCtrl.10, Quarantined, [1cd9c7aaf89247efa75f3427fb0a3ac6],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickProcessLauncherMachine, Quarantined, [db1ac7aa2b5f50e654b24c0f13f2fc04],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickProcessLauncherMachine.1.0, Quarantined, [30c59ad7c1c91c1a5babda81d72efe02],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoCreateAsync, Quarantined, [08ed1c554941a29462a55a01ce378878],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoCreateAsync.1.0, Quarantined, [698ccca5d6b480b656b179e224e158a8],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreClass, Quarantined, [b045fe73a3e7ae88a463cb90ab5a4bb5],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreClass.1, Quarantined, [1adb1061bbcf81b556b193c809fcf010],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreMachineClass, Quarantined, [db1a413019717fb71ee9134828dd9d63],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreMachineClass.1, Quarantined, [1cd9ff725535251129dea2b91de8c838],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CredentialDialogMachine, Quarantined, [fafbff72fc8e4ceafb0cb1aab05543bd],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CredentialDialogMachine.1.0, Quarantined, [589d8de4a4e6ad89a85fe57630d50ff1],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachine, Quarantined, [f8fd1b568a006ec87b8c4a11b74e5aa6],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachine.1.0, Quarantined, [668f125faddd171f9572f06b798c0df3],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachineFallback, Quarantined, [8570fb7699f172c49a6ddb80c44123dd],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0, Quarantined, [8d6898d98dfdb08633d40c4f38cd9868],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassSvc, Quarantined, [7481d49de1a9de58f80fa5b619ec54ac],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassSvc.1.0, Quarantined, [13e2531e0e7c05318e790d4e6e9757a9],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.ProcessLauncher, Quarantined, [2fc6bfb2533772c4bb4cc398d72edd23],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.ProcessLauncher.1.0, Quarantined, [df16fe736f1bdc5abe491f3c7590966a],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3COMClassService, Quarantined, [c3323938d0bae452a0671e3ddb2a1fe1],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3COMClassService.1.0, Quarantined, [fdf80869a4e6af8759ae4318be4746ba],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachine, Quarantined, [8a6bf67b850554e211f684d7e025b947],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachine.1.0, Quarantined, [ef068ee30e7c47ef47c0ed6e16ef02fe],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachineFallback, Quarantined, [767f98d9c6c489ad6b9cb7a40005629e],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachineFallback.1.0, Quarantined, [b63f74fd6c1e54e255b21249c54019e7],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebSvc, Quarantined, [14e18fe2becc8da99f68481336cfa65a],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebSvc.1.0, Quarantined, [d025cda41e6c78be4eb90d4eaf56ae52],
PUP.Optional.Crossbrowse.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\Crossbrowse, Quarantined, [d025cea3fd8dc86e929e60699c6745bb],
PUP.Optional.PCTuner.C, HKLM\SOFTWARE\HIGHDEFACTION, Quarantined, [b3423b3624668fa77650b3aadc29ca36],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\30935, Quarantined, [f401aec3e5a5c47251b954b657ad6898],
PUP.Optional.Crossbrowse.C, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\crossbrowse.exe, Quarantined, [b540026fe9a1340202034485eb18c43c],
PUP.Optional.CinemaPlus.A, HKLM\SOFTWARE\WOW6432NODE\CinemaPlus-3.2cV27.04, Quarantined, [21d4b1c0f892da5c3c1615c8cb3860a0],
PUP.Optional.CinemaPlus.A, HKLM\SOFTWARE\WOW6432NODE\CinemaPlus-3.2cV27.04-nv, Quarantined, [c82d5b1646445bdb81d1a33a1ae9639d],
PUP.Optional.CinemaPlus.A, HKLM\SOFTWARE\WOW6432NODE\CinemaPlus-3.2cV27.04-nv-ie, Quarantined, [7085ed845d2d70c6a8aad10c46bd1de3],
PUP.Optional.Crossbrowse.A, HKLM\SOFTWARE\WOW6432NODE\Crossbrowse, Quarantined, [767fff7274164cea5cd0e3e638cb40c0],
PUP.Optional.Flashbeat.A, HKLM\SOFTWARE\WOW6432NODE\Flashbeat, Quarantined, [e70efa776327ba7cc7d151819c67659b],
PUP.Optional.Hatchiho.A, HKLM\SOFTWARE\WOW6432NODE\Hatchiho, Quarantined, [8075f47de5a51e186b42c38214f1c040],
PUP.Optional.CrossRider.C, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, Quarantined, [599c462bcfbb1620c707eed8a45f3ec2],
PUP.Optional.CinemaPlus.C, HKLM\SOFTWARE\WOW6432NODE\ARENAHD, Quarantined, [d0254c2593f744f23c7e293423e2be42],
PUP.Optional.Crossbrowse.C, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CRSBRWSHTML, Quarantined, [ef06531e4b3f9d9961a318b10af98977],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickCtrl.10, Quarantined, [51a49cd5206a41f5d92d8dcea263639d],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickProcessLauncherMachine, Quarantined, [44b149282c5eb383e81e9bc03fc68e72],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickProcessLauncherMachine.1.0, Quarantined, [54a16e03f199191d12f48ad1e1246d93],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoCreateAsync, Quarantined, [ba3b51204941f2442ed9abb0b15437c9],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoCreateAsync.1.0, Quarantined, [5b9a2b46503a0e28e522a7b4b94cff01],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoreClass, Quarantined, [e70e80f1f3978caae81f1b40ff06cb35],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoreClass.1, Quarantined, [7085145deb9ff0467f88a5b654b113ed],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoreMachineClass, Quarantined, [ca2b09685535d75ffc0b8ecdec198c74],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoreMachineClass.1, Quarantined, [f9fce091d8b240f69374b6a51ee7a759],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CredentialDialogMachine, Quarantined, [e114521fd5b561d55ea9b3a8c4416997],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CredentialDialogMachine.1.0, Quarantined, [42b38de46822142236d1bc9faf569070],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachine, Quarantined, [05f0056c3e4cc86eb750baa142c330d0],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachine.1.0, Quarantined, [0ce94a27484282b4ae59e27921e4b050],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachineFallback, Quarantined, [d0258ee394f69a9cf017ee6d3cc9ba46],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0, Quarantined, [0bea195899f13bfb34d367f430d52dd3],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassSvc, Quarantined, [ab4a6f023d4d56e064a3bf9cc73e50b0],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassSvc.1.0, Quarantined, [06ef2e439eec77bffb0c89d2d0351ae6],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.ProcessLauncher, Quarantined, [975e82efbcce6ec8f2158dce09fc7d83],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.ProcessLauncher.1.0, Quarantined, [30c55f12c1c91f179473b0ab1ee75aa6],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3COMClassService, Quarantined, [f005caa746447db96c9b2338bf46cc34],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3COMClassService.1.0, Quarantined, [678e264b494174c2a95e1d3e65a017e9],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebMachine, Quarantined, [de17e988f79383b3a1666fecba4b1ae6],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebMachine.1.0, Quarantined, [8e67c9a86228c37337d05cff06ffdc24],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebMachineFallback, Quarantined, [9d586011474364d20cfb89d2e223a15f],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebMachineFallback.1.0, Quarantined, [85703041f298082e897e72e954b13ec2],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebSvc, Quarantined, [02f397da7b0f4fe72ed99ac158ad46ba],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebSvc.1.0, Quarantined, [f005c1b07a1092a4a7600556c83d1de3],
PUP.Optional.Crossbrowse.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\Crossbrowse, Quarantined, [787daac7533777bfcd6322a707fc25db],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE, Quarantined, [0aeb5d14157581b576f89d554eb5ee12],
PUP.Optional.PCTuner.C, HKLM\SOFTWARE\WOW6432NODE\HIGHDEFACTION, Quarantined, [e0158fe21773f145ac1a85d8a65f7888],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\30935, Quarantined, [ef06c1b01c6e1422fe0c0ffbe91b1ee2],
PUP.Optional.Crossbrowse.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\MEDIAPLAYER\SHIMINCLUSIONLIST\crossbrowse.exe, Quarantined, [50a5b6bb2a6066d0be703099ea19f808],
PUP.Optional.Crossbrowse.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\crossbrowse.exe, Quarantined, [80750f62d0ba1f172dd8517836cd2bd5],
PUP.Optional.Crossbrowse.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Crossbrowse, Quarantined, [f8fdb1c0404a3ff745c58742ab587c84],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10, Quarantined, [d91c650c6d1ddf570747212c877e03fd],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4, Quarantined, [74812b460b7f989e6de270dd8184fd03],
PUP.Optional.Shopperz.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\shopperz Updater, Quarantined, [43b2b8b963279c9ae27edbfbe71c07f9],
Rootkit.Agent.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CSRCC, Quarantined, [688df081781247ef12c213c4c142ba46],
PUP.Optional.CinemaPlus.A, HKU\S-1-5-18\SOFTWARE\CinemaPlus-3.2cV27.04-nv, Quarantined, [6590cfa24c3e22149eb50ecf62a17888],
PUP.Optional.CinemaPlus.A, HKU\S-1-5-18\SOFTWARE\CinemaPlus-3.2cV27.04-nv-ie, Quarantined, [b73ee78aeb9f1e18391a7c61bc470df3],
PUP.Optional.Shopperz.A, HKU\S-1-5-18\SOFTWARE\{4E7638A1-6962-4e44-A6B9-F40E84FD6D09}, Quarantined, [36bffa778901ac8acd3127a5de25728e],
PUP.Optional.Crossrider.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, Quarantined, [a253165b2169ed494b73fb62de2717e9],
PUP.Optional.Shopperz.A, HKU\S-1-5-19\SOFTWARE\{4E7638A1-6962-4e44-A6B9-F40E84FD6D09}, Quarantined, [1ed7eb869befa29445b901cbc14255ab],
PUP.Optional.Shopperz.A, HKU\S-1-5-20\SOFTWARE\{4E7638A1-6962-4e44-A6B9-F40E84FD6D09}, Quarantined, [46af3d3495f50e28966896366c97718f],
PUP.Optional.CinemaPlus.A, HKU\S-1-5-21-390256854-2030449046-3616693015-1001\SOFTWARE\CinemaPlus-3.2cV27.04, Quarantined, [2ec71061602af244bb989d4031d236ca],
PUP.Optional.CinemaPlus.A, HKU\S-1-5-21-390256854-2030449046-3616693015-1001\SOFTWARE\CinemaPlus-3.2cV27.04-nv, Quarantined, [10e5fa7793f7241256fd34a9867d817f],
PUP.Optional.CinemaPlus.A, HKU\S-1-5-21-390256854-2030449046-3616693015-1001\SOFTWARE\CinemaPlus-3.2cV27.04-nv-ie, Quarantined, [569f175a2a60c670094ab02dfb08a55b],
PUP.Optional.Crossbrowse.A, HKU\S-1-5-21-390256854-2030449046-3616693015-1001\SOFTWARE\CrossBrowser, Quarantined, [fff6521faedc42f4fc2f27a2ea19a060],
PUP.Optional.Hatchiho.A, HKU\S-1-5-21-390256854-2030449046-3616693015-1001\SOFTWARE\Hatchiho, Quarantined, [bb3a4c25aae059dd416b4ff68085b64a],
PUP.Optional.Shopperz.A, HKU\S-1-5-21-390256854-2030449046-3616693015-1001\SOFTWARE\{4E7638A1-6962-4e44-A6B9-F40E84FD6D09}, Quarantined, [1ed74e23c7c39c9a728c29a322e13cc4],
PUP.Optional.CinemaPlus.C, HKU\S-1-5-21-390256854-2030449046-3616693015-1001\SOFTWARE\ARENAHD, Quarantined, [a352e48d4d3d5bdb05b4c19c699c619f],
PUP.Optional.GlobalUpdate.C, HKU\S-1-5-21-390256854-2030449046-3616693015-1001\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY, Quarantined, [8471d39e9dedfc3a3db9cdfb9c678c74],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-390256854-2030449046-3616693015-1001\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\30935, Quarantined, [1ed77ff2236793a34b5fdb0c20e3b050],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-390256854-2030449046-3616693015-1001\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\Cinema PlusV27.04, Quarantined, [3cb982ef8ffb6bcbe3f0c51744bf9d63],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, Quarantined, [995c69087911ff373c76b2f7ce35768a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\WOW6432NODE\globalUpdate.OneClickCtrl.10, Quarantined, [995c69087911ff373c76b2f7ce35768a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, Quarantined, [995c69087911ff373c76b2f7ce35768a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, Quarantined, [995c69087911ff373c76b2f7ce35768a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, Quarantined, [995c69087911ff373c76b2f7ce35768a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, Quarantined, [995c69087911ff373c76b2f7ce35768a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.Update3WebControl.4, Quarantined, [995c69087911ff373c76b2f7ce35768a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.Update3WebControl.4, Quarantined, [995c69087911ff373c76b2f7ce35768a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\WOW6432NODE\globalUpdate.Update3WebControl.4, Quarantined, [995c69087911ff373c76b2f7ce35768a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, Quarantined, [995c69087911ff373c76b2f7ce35768a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, Quarantined, [995c69087911ff373c76b2f7ce35768a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, Quarantined, [995c69087911ff373c76b2f7ce35768a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, Quarantined, [995c69087911ff373c76b2f7ce35768a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, Quarantined, [995c69087911ff373c76b2f7ce35768a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, Quarantined, [995c69087911ff373c76b2f7ce35768a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, Quarantined, [995c69087911ff373c76b2f7ce35768a],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\CinemaPlus-3.2cV27.04, Quarantined, [b540c0b16e1c77bf1a088c2b04ff3bc5],
Registry Values: 15
PUP.Optional.Shopperz.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|{5081D2D4-1637-404C-B74F-50526718257D}, C:\Program Files\shopperz\Firefox, Quarantined, [54a1aac7a4e60f27f257d26f17ec0000]
PUP.Optional.Shopperz.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|{5081D2D4-1637-404C-B74F-50526718257D}, C:\Program Files\shopperz\Firefox, Quarantined, [54a1aac7a4e60f27f257d26f17ec0000]
PUP.Optional.Shopperz.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS\{5081D2D4-1637-404c-B74F-50526718257D}, Quarantined, [0ce9e68b8bff58dea4a5f54ca1625ea2],
PUP.Optional.Shopperz.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS\{5081D2D4-1637-404c-B74F-50526718257D}, Quarantined, [41b46f021575d1652029b091ff04837d],
PUP.Optional.CinemaPlus.C, HKLM\SOFTWARE\ARENAHD|value, 1, Quarantined, [d42177fa6e1ca591af0bbca1d431b24e]
PUP.Optional.PCTuner.C, HKLM\SOFTWARE\HIGHDEFACTION|value, 1, Quarantined, [b3423b3624668fa77650b3aadc29ca36]
PUP.Optional.CinemaPlus.C, HKLM\SOFTWARE\WOW6432NODE\ARENAHD|value, 1, Quarantined, [d0254c2593f744f23c7e293423e2be42]
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE|path, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, Quarantined, [0aeb5d14157581b576f89d554eb5ee12]
PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATEDEV|AuCheckPeriodMs, 21600000, Quarantined, [b73e620f79110d29ce9322a602016b95]
PUP.Optional.PCTuner.C, HKLM\SOFTWARE\WOW6432NODE\HIGHDEFACTION|value, 1, Quarantined, [e0158fe21773f145ac1a85d8a65f7888]
PUP.Optional.CrossBrowse.C, HKLM\SOFTWARE\WOW6432NODE\REGISTEREDAPPLICATIONS|Crossbrowse, Software\Clients\StartMenuInternet\Crossbrowse\Capabilities, Quarantined, [90653d34bbcfa69012abc19cca3b45bb]
Rootkit.Agent.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CSRCC|ImagePath, "C:\Program Files\shopperz\csrcc.exe", Quarantined, [688df081781247ef12c213c4c142ba46]
PUP.Optional.CinemaPlus.C, HKU\S-1-5-21-390256854-2030449046-3616693015-1001\SOFTWARE\ARENAHD|value, 1, Quarantined, [a352e48d4d3d5bdb05b4c19c699c619f]
PUP.Optional.GlobalUpdate.C, HKU\S-1-5-21-390256854-2030449046-3616693015-1001\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY|source, IE, Quarantined, [8471d39e9dedfc3a3db9cdfb9c678c74]
PUP.Optional.PCTuner.C, HKU\S-1-5-21-390256854-2030449046-3616693015-1001\SOFTWARE\HIGHDEFACTION|value, 1, Quarantined, [6b8a18595634c86e655f78e5778e4fb1]
Registry Data: 0
(No malicious items detected)
Folders: 27
PUP.Optional.PreBackup.A, C:\Program Files (x86)\OLBPre, Delete-on-Reboot, [e312adc4e6a4ef47079dcef930d34db3],
PUP.Optional.Hatchiho.A, C:\Program Files (x86)\Hatchiho, Quarantined, [0fe66b06f694c472119afb4a4fb68977],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update, Quarantined, [995c69087911ff373c76b2f7ce35768a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0, Quarantined, [995c69087911ff373c76b2f7ce35768a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download, Quarantined, [995c69087911ff373c76b2f7ce35768a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Install, Quarantined, [995c69087911ff373c76b2f7ce35768a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline, Quarantined, [995c69087911ff373c76b2f7ce35768a],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline\{1DCD7E35-E81F-4A70-8DF3-FEDD8BFDC7AF}, Quarantined, [995c69087911ff373c76b2f7ce35768a],
PUP.Optional.GlobalUpdate.A, C:\Users\Jeffery\AppData\Local\Temp\comh.40248, Quarantined, [32c34d241971b97d79526e3bf2114ab6],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\CinemaPlus-3.2cV27.04, Delete-on-Reboot, [b540c0b16e1c77bf1a088c2b04ff3bc5],
PUP.Optional.FlashBeat.A, C:\ProgramData\FlashBeat, Quarantined, [5f9681f052380d296713b908020119e7],
PUP.Optional.Crossbrowse.C, C:\Program Files (x86)\Crossbrowse, Quarantined, [4da899d8a8e23df9411cd7ed36cd33cd],
PUP.Optional.Crossbrowse.C, C:\Program Files (x86)\Crossbrowse\Crossbrowse, Quarantined, [4da899d8a8e23df9411cd7ed36cd33cd],
PUP.Optional.Crossbrowse.C, C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application, Quarantined, [4da899d8a8e23df9411cd7ed36cd33cd],
PUP.Optional.Crossbrowse.C, C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.5.2171.95, Quarantined, [4da899d8a8e23df9411cd7ed36cd33cd],
PUP.Optional.Crossbrowse.C, C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.5.2171.95\Extensions, Quarantined, [4da899d8a8e23df9411cd7ed36cd33cd],
PUP.Optional.Crossbrowse.C, C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.5.2171.95\Installer, Quarantined, [4da899d8a8e23df9411cd7ed36cd33cd],
PUP.Optional.Crossbrowse.C, C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.5.2171.95\Locales, Quarantined, [4da899d8a8e23df9411cd7ed36cd33cd],
PUP.Optional.Crossbrowse.C, C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.5.2171.95\PepperFlash, Quarantined, [4da899d8a8e23df9411cd7ed36cd33cd],
PUP.Optional.Crossbrowse.C, C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.5.2171.95\VisualElements, Quarantined, [4da899d8a8e23df9411cd7ed36cd33cd],
PUP.Optional.Crossbrowse.C, C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\Icons, Quarantined, [4da899d8a8e23df9411cd7ed36cd33cd],
PUP.Optional.Crossbrowse.C, C:\Users\Jeffery\AppData\Local\Crossbrowse, Quarantined, [5c995f1293f72610e37cdbe98e755aa6],
PUP.Optional.Crossbrowse.C, C:\Users\Jeffery\AppData\Local\Crossbrowse\Crossbrowse, Quarantined, [5c995f1293f72610e37cdbe98e755aa6],
PUP.Optional.Crossbrowse.C, C:\Users\Jeffery\AppData\Local\Crossbrowse\Crossbrowse\User Data, Quarantined, [5c995f1293f72610e37cdbe98e755aa6],
PUP.Optional.Crossbrowse.C, C:\Users\Jeffery\AppData\Local\Crossbrowse\Crossbrowse\User Data\Caps, Quarantined, [5c995f1293f72610e37cdbe98e755aa6],
PUP.Optional.Crossbrowse.C, C:\Users\Jeffery\AppData\Local\Crossbrowse\Crossbrowse\User Data\Default, Quarantined, [5c995f1293f72610e37cdbe98e755aa6],
PUP.Optional.Crossbrowse.C, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse, Quarantined, [94611160afdbcf678ed2bf05f013e61a],