Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

All Browsers Hijacked


  • This topic is locked This topic is locked
35 replies to this topic

#1 aapinedo1

aapinedo1

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:25 AM

Posted 29 May 2014 - 09:54 PM

All of my browsers appeared to be hijacked. They keep referring me to suspicious sites that download various programs to my computer. I have uninstalled most of the obvious junk programs however I cannot seem to find the source of the browser hijacking.

 

Here is the DDS output

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17041
Run by admin at 19:52:30 on 2014-05-26
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.5815.3825 [GMT -7:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\637\g2ax_service.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Windows\System32\svchost.exe -k LPDService
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\PDF Complete\pdfsvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\McAfee\MSC\McAPExe.exe
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\637\g2ax_comm_customer.exe
C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\637\g2ax_system_customer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\637\g2ax_user_customer.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.EXE
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
C:\Users\LegacyLA2\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Users\LegacyLA2\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\637\g2ax_host.exe
C:\Windows\system32\msiexec.exe
C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\637\g2ax_user_medium_customer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe,
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - <orphaned>
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - 
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe /autoRun
uRun: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe
uRunOnce: [Report] \AdwCleaner\AdwCleaner[S1].txt
mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [HPUsageTracking] "C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT\"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRunOnce: [svg_file_op1] FileOps.exe -r "C:\Program Files (x86)\Common Files\Adobe\SVG Viewer 3.0\Uninstall"
mRunOnce: [svg_file_op2] FileOps.exe -r "C:\Program Files (x86)\Common Files\Adobe\SVG Viewer 3.0\Uninstall\"
mRunOnce: [svg_file_op3] FileOps.exe -r "C:\Program Files (x86)\Common Files\Adobe\SVG Viewer 3.0\"
mRunOnce: [GrpConv] grpconv -o
dRunOnce: [{90120000-0030-0000-0000-0000000FF1CE}] C:\Windows\System32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
dRunOnce: [SpUninstallDeleteDir] rmdir /s /q "\SearchProtect"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SNAPFI~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{06253744-B280-43BA-905A-B433480BC9FE} : DHCPNameServer = 192.168.1.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
x64-BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - 
x64-BHO: PDN64BitBookMarkActivator.BookMark64BitActivator: {887cdc33-0de3-4fd5-a5d3-eccd4b4b396c} - 
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-TB: Post-it® Digital Notes: {735abc4c-9266-4008-9ef6-bc60be8de31f} - 
x64-Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
x64-Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon
x64-RunOnce: [*GoToAssist Express Customer_RestoreFromSafeMode] "C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\637\g2ax_system_customer.exe" -restore_boot
x64-RunOnce: [MSPCLOCK] rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000}
x64-RunOnce: [MSPQM] rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196}
x64-RunOnce: [MSKSSRV] rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196}
x64-RunOnce: [MSTEE.CxTransform] rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install
x64-RunOnce: [MSTEE.Splitter] rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install
x64-RunOnce: [WDM_DRMKAUD] rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\Windows\inf\WDMAUDIO.inf,WDM_DRMKAUD.Interface.Install
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: GoToAssist Express Customer - C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\637\g2ax_winlogonx64.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - 
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2013-4-3 784760]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2013-4-3 346760]
R2 GoToAssist Remote Support Customer;GoToAssist Remote Support Customer;C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\637\g2ax_service.exe [2014-5-23 610888]
R2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-6-24 328928]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-3-17 13336]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-5-22 1809720]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-5-22 857912]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-6-16 249936]
R2 McAPExe;McAfee AP Service;C:\Program Files\McAfee\MSC\McAPExe.exe [2013-6-24 178528]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-6-24 328928]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-6-24 328928]
R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-6-24 328928]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-6-24 328928]
R2 mfecore;McAfee Anti-Malware Core;C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2013-6-24 1041192]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2013-6-24 219752]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2013-6-24 189912]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-3-17 635416]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-3-17 2320920]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2013-4-3 70592]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2011-3-17 56344]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-5-22 25816]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-5-22 63192]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2013-4-3 311856]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2013-4-3 522360]
R3 mfencbdc;McAfee Inc. mfencbdc;C:\Windows\System32\drivers\mfencbdc.sys [2014-3-18 441264]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-3-17 346144]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2014-4-22 197704]
S3 hitmanpro37;HitmanPro 3.7 Support Driver;C:\Windows\System32\drivers\hitmanpro37.sys [2014-5-24 32512]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-5-26 111616]
S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2011-3-17 158976]
S3 mfencrk;McAfee Inc. mfencrk;C:\Windows\System32\drivers\mfencrk.sys [2014-3-18 96592]
S3 MHIKEY10;MHIKEY10;C:\Windows\System32\drivers\MHIKEY10x64.sys [2010-9-15 60288]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-5-25 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-3-28 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
.
=============== Created Last 30 ================
.
2014-05-26 10:51:18 -------- d-s---w- C:\Windows\System32\CompatTel
2014-05-26 10:46:31 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2014-05-26 10:46:31 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2014-05-26 10:46:31 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2014-05-26 10:46:30 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2014-05-26 10:37:57 -------- d-----w- C:\Windows\Migration
2014-05-26 10:26:56 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-05-25 23:08:08 335360 ----a-w- C:\Windows\System32\msieftp.dll
2014-05-25 23:08:08 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll
2014-05-25 23:08:07 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll
2014-05-25 23:08:07 228864 ----a-w- C:\Windows\System32\wwansvc.dll
2014-05-25 23:08:06 633856 ----a-w- C:\Windows\System32\comctl32.dll
2014-05-25 23:08:06 530432 ----a-w- C:\Windows\SysWow64\comctl32.dll
2014-05-25 23:07:46 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2014-05-25 23:07:46 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2014-05-25 23:07:46 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2014-05-25 23:07:45 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2014-05-25 23:07:36 224256 ----a-w- C:\Windows\System32\wintrust.dll
2014-05-25 23:07:36 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll
2014-05-25 23:07:16 477184 ----a-w- C:\Windows\System32\aepdu.dll
2014-05-25 23:07:16 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-05-25 23:07:06 70144 ----a-w- C:\Windows\System32\appinfo.dll
2014-05-25 23:07:06 111448 ----a-w- C:\Windows\System32\consent.exe
2014-05-25 23:04:18 3156480 ----a-w- C:\Windows\System32\win32k.sys
2014-05-25 23:03:56 368128 ----a-w- C:\Windows\System32\atmfd.dll
2014-05-25 23:02:50 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2014-05-25 23:01:59 57344 ----a-w- C:\Windows\System32\cngprovider.dll
2014-05-25 23:00:03 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys
2014-05-25 23:00:00 327168 ----a-w- C:\Windows\System32\mswsock.dll
2014-05-25 23:00:00 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
2014-05-25 22:57:59 751104 ----a-w- C:\Windows\System32\win32spl.dll
2014-05-25 22:56:59 52224 ----a-w- C:\Windows\System32\certenc.dll
2014-05-25 22:56:59 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2014-05-25 22:56:30 150016 ----a-w- C:\Windows\System32\wshom.ocx
2014-05-25 22:56:30 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx
2014-05-25 22:56:29 202752 ----a-w- C:\Windows\System32\scrrun.dll
2014-05-25 22:56:29 168960 ----a-w- C:\Windows\System32\wscript.exe
2014-05-25 22:56:29 156160 ----a-w- C:\Windows\System32\cscript.exe
2014-05-25 22:56:29 141824 ----a-w- C:\Windows\SysWow64\wscript.exe
2014-05-25 22:56:28 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll
2014-05-25 22:56:28 126976 ----a-w- C:\Windows\SysWow64\cscript.exe
2014-05-25 22:56:26 983488 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2014-05-25 22:56:26 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2014-05-25 22:56:26 144384 ----a-w- C:\Windows\System32\cdd.dll
2014-05-25 22:55:17 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2014-05-25 22:55:17 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2014-05-25 22:55:17 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2014-05-25 22:55:16 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2014-05-25 22:55:16 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2014-05-25 22:55:15 461312 ----a-w- C:\Windows\System32\scavengeui.dll
2014-05-25 17:55:50 -------- d-----w- C:\Windows\System32\SPReview
2014-05-25 17:28:38 2560 ----a-w- C:\Windows\System32\drivers\en-US\rdpwd.sys.mui
2014-05-25 17:28:16 3072 ----a-w- C:\Windows\System32\drivers\en-US\tsusbflt.sys.mui
2014-05-25 17:27:45 6144 ----a-w- C:\Windows\System32\drivers\en-US\IPMIDrv.sys.mui
2014-05-25 17:27:43 4608 ----a-w- C:\Windows\System32\drivers\en-US\kbdclass.sys.mui
2014-05-25 16:58:58 849920 ----a-w- C:\Windows\System32\qmgr.dll
2014-05-25 16:55:51 -------- d-----w- C:\Windows\System32\EventProviders
2014-05-24 21:46:24 32512 ----a-w- C:\Windows\System32\drivers\hitmanpro37.sys
2014-05-24 21:36:07 -------- d-----w- C:\ProgramData\HitmanPro
2014-05-24 21:04:08 -------- d-----w- C:\Windows\ERUNT
2014-05-24 20:50:21 -------- d-----w- C:\AdwCleaner
2014-05-24 00:33:38 -------- d-----w- C:\Windows\Microsoft Antimalware
2014-05-23 23:24:36 169544 ----a-w- C:\Windows\System32\g2ax_credential_provider64_637.dll
2014-05-23 00:15:45 88280 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-05-23 00:15:45 63192 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-05-23 00:15:45 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-05-23 00:15:44 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-20 00:08:12 119512 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-05-20 00:07:52 -------- d-----w- C:\ProgramData\Malwarebytes
2014-05-08 20:39:22 -------- d-----w- C:\Program Files (x86)\Yahoo!
2014-05-08 20:37:04 -------- d-----w- C:\Windows\SysWow64\spool
2014-05-08 20:36:37 -------- d-----w- C:\Program Files (x86)\Common Files\HP
2014-05-08 13:48:42 227704 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2014-05-07 23:21:08 258048 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpfppw73.dll
.
==================== Find3M  ====================
.
2014-05-26 10:26:56 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-05-25 17:48:08 175616 ----a-w- C:\Windows\System32\msclmd.dll
2014-05-25 17:48:08 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2014-05-14 23:01:56 70832 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-14 23:01:56 692400 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2014-04-12 02:19:38 136192 ----a-w- C:\Windows\System32\sspicli.dll
2014-04-12 02:19:37 28160 ----a-w- C:\Windows\System32\secur32.dll
2014-04-12 02:19:32 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-04-12 02:19:05 31232 ----a-w- C:\Windows\System32\lsass.exe
2014-04-12 02:12:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-04-12 02:10:56 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-04-04 00:23:54 70592 ----a-w- C:\Windows\System32\drivers\cfwids.sys
2014-04-04 00:16:04 346760 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys
2014-04-04 00:15:34 189912 ----a-w- C:\Windows\System32\mfevtps.exe
2014-04-04 00:10:34 784760 ----a-w- C:\Windows\System32\drivers\mfehidk.sys
2014-04-04 00:08:04 522360 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
2014-04-04 00:06:04 311856 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
2014-04-04 00:03:32 177544 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys
2014-04-01 05:46:48 130712 ----a-w- C:\Windows\SysWow64\MSSTDFMT.DLL
2014-04-01 05:46:48 1070232 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
2014-03-18 14:09:16 11336 ----a-w- C:\Windows\System32\drivers\mfeclnrk.sys
2014-03-18 14:08:50 96592 ----a-w- C:\Windows\System32\drivers\mfencrk.sys
2014-03-18 14:08:26 441264 ----a-w- C:\Windows\System32\drivers\mfencbdc.sys
2014-03-04 09:47:01 5550016 ----a-w- C:\Windows\System32\ntoskrnl.exe
2014-03-04 09:44:21 362496 ----a-w- C:\Windows\System32\wow64win.dll
2014-03-04 09:44:21 243712 ----a-w- C:\Windows\System32\wow64.dll
2014-03-04 09:44:21 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2014-03-04 09:44:20 39936 ----a-w- C:\Windows\System32\wincredprovider.dll
2014-03-04 09:44:10 210944 ----a-w- C:\Windows\System32\wdigest.dll
2014-03-04 09:44:08 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2014-03-04 09:44:06 340992 ----a-w- C:\Windows\System32\schannel.dll
2014-03-04 09:44:03 722944 ----a-w- C:\Windows\System32\objsel.dll
2014-03-04 09:44:03 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2014-03-04 09:44:03 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2014-03-04 09:44:00 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-03-04 09:44:00 424960 ----a-w- C:\Windows\System32\KernelBase.dll
2014-03-04 09:43:56 52736 ----a-w- C:\Windows\System32\dpapiprovider.dll
2014-03-04 09:43:56 44544 ----a-w- C:\Windows\System32\dimsroam.dll
2014-03-04 09:43:56 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-03-04 09:43:55 56832 ----a-w- C:\Windows\System32\adprovider.dll
2014-03-04 09:43:55 53760 ----a-w- C:\Windows\System32\capiprovider.dll
2014-03-04 09:43:50 455168 ----a-w- C:\Windows\System32\winlogon.exe
2014-03-04 09:20:11 3969984 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2014-03-04 09:20:11 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2014-03-04 09:16:54 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2014-03-04 09:16:18 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2014-03-04 09:16:18 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2014-03-04 08:09:30 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2014-03-04 08:09:29 2048 ----a-w- C:\Windows\SysWow64\user.exe
.
============= FINISH: 19:53:30.79 ===============
 

Attached Files


Edited by aapinedo1, 30 May 2014 - 01:57 AM.


BC AdBot (Login to Remove)

 


#2 Valinorum

Valinorum

    Shadow Hide The Hunter


  • Malware Response Instructor
  • 1,653 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:25 PM

Posted 02 June 2014 - 07:18 AM

Hi aapinedo1, :)

:welcome:

My name is Valinorum and I will be the acolyte today. Before we proceed, please, acknowledge yourself the following(s):
  • Please do not create any new threads on this while we are working on your system as it wastes another volunteer's time. If you are being helped/have solved the issue/no longer wish to continue, notify me in your reply and I will quickly close this thread. Failing to comply will result in denial of future assistance.
  • Please do not install any new software while we are working on this system as it may hinder our process.
  • Malware removal is a complicated process so don't stop following the steps even if the symptoms are not found. Keep up with me until I declare you clean.
  • Please do not try to fix anything without being ask.
  • Please do not attach your logs or put them inside code/quote tags. Do a Copy/Paste of the entire contents of the log file and submit it inside your post unless directed otherwise.
  • Please print or save the instructions I give you for quick reference. We may be using Safe mode which will cut you off from internet and you will not always be able to access this thread.
  • Back up your data. I will not knowingly suggest your any course that might damage your system but sometimes Malware infections are so severe that only option we have is to re-format and re-install the operating system.
  • If you are confused about any instruction stop and ask. Do not keep on going.
  • Do not repeat the steps if you face any problems.
  • I am not an omniscient. There are things even I cannot foresee. But what I know took years to learn and perfect the skill. This site is run by volunteers who help people in need in their own free time. I would ask you to respect their time and be patient as sometimes real life demands our time and replies to you can be delayed.
  • Private Message(PM) if and only if I have not responded to your thread within three days or your query is offtopic and personal. Do not PM me under any other circumstances. Your thread is the only medium of communication.
  • The fixes are for your system only. Please refrain from using these fixes on other system as it may do serious damage.
 
  • Step #1 Fix with Junkware Removal Tool
    Download Junkware Removal Tool by thisisu to your Desktop from the link below.
    Download Link 1
    Download Link 2
    • Disable your anti-virus to avoid potential conflicts. For more information please acknowledge yourself this article;
    • Run the program either by double-clicking(Windows XP) or Right-clicking and choosing Run as administrator(Windows Vista and above);
    • Please be patient as the tool cleans your system;
    • After completion of the process a log named JRT.txt will automatically open and is save to your Desktop;
    • Copy and Paste the contents of the log in your next reply.
 
  • Step #2 Scan with AdwCleaner
    • Download AdwCleaner by Xplode to your Desktop from the following link.
    • Right-click on AdwCleaner.exe and choose Run as administrator;
    • Click on Scan and let the program run unhindered;
    • A log will be opened automatically after the scan;
    • Copy and Paste the contents of this log in your reply.
    Do not click on Clean.
 
  • Step #3 Scan with OTL
    • Please download OldTimer's Listit by OldTimer from one of the following locations and save it to your Desktop.
      Download Link 1
      Download Link 2
      Downlaod LInk 3
    • Copy and Paste the following code inside the Custom Scans/Fixes box;
      netsvcs
      BASESERVICES
      %SYSTEMDRIVE%\*.exe
      dir "%systemdrive%\*" /S /A:L /C
      /md5start
      services.*
      explorer.exe
      winlogon.exe
      Userinit.exe
      svchost.exe
      rpcss.dll
      /md5stop
      CREATERESTOREPOINT
    • Click the Quick Scan button;
    • After the scan two logs will be produced;
    • Copy and paste the content of the logs in your next reply
 
  • Required Log(s):
    • Junkware Removal Tool Log
    • AdwCleaner Log
    • OldTimer's ListIt Log(s) --
      • OTL.txt
      • Extras.txt
Regards,
Valinorum

Geek U Graduate

I close my topic(s) with no replies for more than 4 days. PM me or Moderators to reactivate. All helps are provided via forum ergo do not PM me for help.

 


#3 aapinedo1

aapinedo1
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:25 AM

Posted 02 June 2014 - 10:14 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by admin on Mon 06/02/2014 at 19:51:31.57
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 06/02/2014 at 19:58:05.99
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 

# AdwCleaner v3.211 - Report created 02/06/2014 at 20:00:13
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : admin - LEGACYLA2-HP
# Running from : C:\Users\admin\Desktop\adwcleaner_3.211.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\AppDataLow\Software
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17041
 
 
-\\ Google Chrome v35.0.1916.114
 
[ File : C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Found [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
 
[ File : C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Found [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [6903 octets] - [24/05/2014 13:50:26]
AdwCleaner[R1].txt - [764 octets] - [26/05/2014 18:06:51]
AdwCleaner[R2].txt - [1184 octets] - [02/06/2014 20:00:13]
AdwCleaner[S0].txt - [6687 octets] - [24/05/2014 13:51:48]
AdwCleaner[S1].txt - [824 octets] - [26/05/2014 18:08:02]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [1363 octets] ##########
 
 
OTL logfile created on: 6/2/2014 8:02:55 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\admin\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
5.68 Gb Total Physical Memory | 3.67 Gb Available Physical Memory | 64.64% Memory free
11.36 Gb Paging File | 9.10 Gb Available in Paging File | 80.15% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 686.23 Gb Total Space | 576.79 Gb Free Space | 84.05% Space Free | Partition Type: NTFS
Drive D: | 12.31 Gb Total Space | 1.47 Gb Free Space | 11.96% Space Free | Partition Type: NTFS
 
Computer Name: LEGACYLA2-HP | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/06/02 18:47:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\admin\Desktop\OTL.exe
PRC - [2014/05/23 16:23:53 | 000,610,888 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\637\g2ax_user_high_customer.exe
PRC - [2014/05/23 16:23:53 | 000,610,888 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\637\g2ax_user_customer.exe
PRC - [2014/05/23 16:23:53 | 000,610,888 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\637\g2ax_system_customer.exe
PRC - [2014/05/23 16:23:53 | 000,610,888 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\637\g2ax_service.exe
PRC - [2014/05/23 16:23:53 | 000,610,888 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\637\g2ax_host.exe
PRC - [2014/05/23 16:23:53 | 000,610,888 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\637\g2ax_comm_customer.exe
PRC - [2014/04/03 09:49:12 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014/04/03 09:49:12 | 000,857,912 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014/04/03 09:49:06 | 006,963,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2013/12/20 23:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010/03/03 20:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/03 20:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/01/18 10:21:08 | 000,568,888 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
PRC - [2009/10/14 15:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2009/09/30 21:02:50 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2009/09/30 21:02:48 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009/09/28 18:56:18 | 000,140,640 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
PRC - [2009/09/08 14:12:51 | 000,116,104 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2008/11/20 10:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/05/26 04:09:28 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\c818fc9b032eea61c31b6a9526e16d50\IAStorUtil.ni.dll
MOD - [2014/05/26 04:00:04 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\98c91b8d3f1d54c41ada5f37e0935303\System.Runtime.Remoting.ni.dll
MOD - [2014/05/26 03:59:42 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
MOD - [2014/05/26 03:59:36 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014/05/26 03:59:32 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
MOD - [2014/05/26 03:59:29 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
MOD - [2014/05/26 03:59:20 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1d696b2d3de530f7ee971070263667ff\WindowsBase.ni.dll
MOD - [2014/05/26 03:59:17 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014/05/26 03:59:03 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2014/02/12 20:58:32 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/02/12 20:58:10 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/01/18 10:21:08 | 000,568,888 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/05/26 03:31:54 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/04/25 18:34:42 | 000,178,528 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\McAPExe.exe -- (McAPExe)
SRV:64bit: - [2014/04/03 17:15:34 | 000,189,912 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2014/04/03 17:07:34 | 000,219,752 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2014/03/18 08:39:34 | 001,041,192 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe -- (mfecore)
SRV:64bit: - [2013/08/02 17:52:58 | 000,602,944 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (mcpltsvc)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (HomeNetSvc)
SRV:64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2009/07/13 18:41:19 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lpdsvc.dll -- (LPDSVC)
SRV - [2014/05/23 16:23:53 | 000,610,888 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\637\g2ax_service.exe -- (GoToAssist Remote Support Customer)
SRV - [2014/05/14 16:01:57 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/04/10 12:36:27 | 000,118,896 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/04/03 09:49:12 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014/04/03 09:49:12 | 000,857,912 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/03/13 11:42:00 | 000,836,168 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Windows\Temp\0018591401750583mcinst.exe -- (0018591401750583mcinstcleanup)
SRV - [2013/12/20 23:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/06/01 15:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010/04/03 16:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/03/03 20:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/01/30 00:40:16 | 001,043,584 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\Hp\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009/10/14 15:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2009/09/30 21:02:50 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/09/30 21:02:48 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/09/08 14:12:51 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/06/02 19:46:15 | 000,119,512 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2014/05/24 14:46:24 | 000,032,512 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hitmanpro37.sys -- (hitmanpro37)
DRV:64bit: - [2014/04/03 17:23:54 | 000,070,592 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2014/04/03 17:16:04 | 000,346,760 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2014/04/03 17:10:34 | 000,784,760 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2014/04/03 17:08:04 | 000,522,360 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2014/04/03 17:06:04 | 000,311,856 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2014/04/03 17:03:32 | 000,177,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2014/04/03 09:51:16 | 000,063,192 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2014/04/03 09:50:58 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2014/03/18 07:08:50 | 000,096,592 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfencrk.sys -- (mfencrk)
DRV:64bit: - [2014/03/18 07:08:26 | 000,441,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfencbdc.sys -- (mfencbdc)
DRV:64bit: - [2013/10/01 19:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/09/23 13:49:22 | 000,197,704 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK)
DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/23 07:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 05:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/11 01:11:52 | 000,141,384 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdserd.sys -- (sscdserd)
DRV:64bit: - [2010/11/11 01:11:50 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:64bit: - [2010/11/11 01:11:50 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus)
DRV:64bit: - [2010/11/11 01:11:50 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:64bit: - [2010/09/15 08:46:14 | 000,060,288 | ---- | M] (Generic USB smartcard reader) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MHIKEY10x64.sys -- (MHIKEY10)
DRV:64bit: - [2010/04/20 21:18:44 | 010,326,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/03/04 07:43:00 | 000,346,144 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/03/03 20:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/02/26 02:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/09/17 13:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2007/05/14 16:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV - [2014/05/30 00:15:14 | 000,057,024 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Stopped] -- C:\EEK\Run\cleanhlp64.sys -- (cleanhlp)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {CD431180-562B-4D58-8D60-905DC39B854A}
IE:64bit: - HKLM\..\SearchScopes\{78E8FEEC-E7D2-4FE4-B4F9-3DA9C54FDB36}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
IE:64bit: - HKLM\..\SearchScopes\{CD431180-562B-4D58-8D60-905DC39B854A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{F1C20369-286C-4036-AF05-5E62B10540B3}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{78E8FEEC-E7D2-4FE4-B4F9-3DA9C54FDB36}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
IE - HKLM\..\SearchScopes\{CD431180-562B-4D58-8D60-905DC39B854A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE - HKCU\..\SearchScopes,DefaultScope = {CD431180-562B-4D58-8D60-905DC39B854A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll ()
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2014/05/29 12:26:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014/05/08 13:37:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/04/10 12:36:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2014/06/02 16:09:41 | 000,000,000 | ---D | M]
 
[2014/05/19 16:59:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2014/04/10 12:36:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/04/10 12:36:27 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/05/29 14:19:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions
[2014/05/29 14:19:41 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\
CHR - Extension: Google Drive = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: YouTube = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: SiteAdvisor = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.65.135.1_0\
CHR - Extension: Google Wallet = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL File not found
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [HPUsageTracking] C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.)
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab (Photo Upload Plugin Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{06253744-B280-43BA-905A-B433480BC9FE}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\GoToAssist Express Customer: DllName - (C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\637\g2ax_winlogonx64.dll) - C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\637\g2ax_winlogonx64.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/06/02 20:02:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2014/06/02 20:00:30 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\SysWow64\sqlite3.dll
[2014/06/02 19:48:11 | 001,016,261 | ---- | C] (Thisisu) -- C:\Users\admin\Desktop\JRT.exe
[2014/06/02 19:47:05 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\admin\Desktop\OTL.exe
[2014/05/29 20:20:34 | 000,000,000 | -HSD | C] -- C:\Users\admin\AppData\Local\EmieUserList
[2014/05/29 20:20:34 | 000,000,000 | -HSD | C] -- C:\Users\admin\AppData\Local\EmieSiteList
[2014/05/29 20:17:04 | 000,000,000 | ---D | C] -- C:\EEK
[2014/05/26 22:10:24 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJEGV
[2014/05/26 21:27:18 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\Hewlett-Packard
[2014/05/26 21:26:09 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\PictureMover
[2014/05/26 21:25:12 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Intel Corporation
[2014/05/26 21:25:12 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\Apple Computer
[2014/05/26 21:25:11 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\PDFC
[2014/05/26 21:25:11 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Apple Computer
[2014/05/26 21:25:09 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Hewlett-Packard
[2014/05/26 21:24:55 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\VirtualStore
[2014/05/26 20:40:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/05/26 20:36:08 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\Google
[2014/05/26 03:51:18 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\CompatTel
[2014/05/26 03:37:57 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014/05/25 10:55:50 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2014/05/25 09:59:07 | 000,116,224 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
[2014/05/25 09:57:28 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2014/05/25 09:55:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2014/05/24 20:04:05 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Adobe
[2014/05/24 14:36:07 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2014/05/24 14:07:09 | 000,000,000 | R--D | C] -- C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/05/24 14:07:09 | 000,000,000 | R--D | C] -- C:\Users\admin\Searches
[2014/05/24 14:07:09 | 000,000,000 | R--D | C] -- C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/05/24 14:07:09 | 000,000,000 | -H-D | C] -- C:\Users\admin\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/05/24 14:07:02 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Identities
[2014/05/24 14:07:01 | 000,000,000 | R--D | C] -- C:\Users\admin\Contacts
[2014/05/24 14:04:08 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/05/24 13:50:21 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/05/23 17:33:38 | 000,000,000 | ---D | C] -- C:\Windows\Microsoft Antimalware
[2014/05/23 17:08:35 | 000,000,000 | --SD | C] -- C:\Users\admin\AppData\Roaming\Microsoft
[2014/05/23 17:08:35 | 000,000,000 | R--D | C] -- C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/05/23 17:08:35 | 000,000,000 | R--D | C] -- C:\Users\admin\Desktop
[2014/05/23 17:08:35 | 000,000,000 | R--D | C] -- C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/05/23 17:08:35 | 000,000,000 | -HSD | C] -- C:\Users\admin\AppData\Local\Temporary Internet Files
[2014/05/23 17:08:35 | 000,000,000 | -HSD | C] -- C:\Users\admin\Templates
[2014/05/23 17:08:35 | 000,000,000 | -HSD | C] -- C:\Users\admin\Start Menu
[2014/05/23 17:08:35 | 000,000,000 | -HSD | C] -- C:\Users\admin\SendTo
[2014/05/23 17:08:35 | 000,000,000 | -HSD | C] -- C:\Users\admin\Recent
[2014/05/23 17:08:35 | 000,000,000 | -HSD | C] -- C:\Users\admin\PrintHood
[2014/05/23 17:08:35 | 000,000,000 | -HSD | C] -- C:\Users\admin\NetHood
[2014/05/23 17:08:35 | 000,000,000 | -HSD | C] -- C:\Users\admin\Documents\My Videos
[2014/05/23 17:08:35 | 000,000,000 | -HSD | C] -- C:\Users\admin\Documents\My Pictures
[2014/05/23 17:08:35 | 000,000,000 | -HSD | C] -- C:\Users\admin\Documents\My Music
[2014/05/23 17:08:35 | 000,000,000 | -HSD | C] -- C:\Users\admin\My Documents
[2014/05/23 17:08:35 | 000,000,000 | -HSD | C] -- C:\Users\admin\Local Settings
[2014/05/23 17:08:35 | 000,000,000 | -HSD | C] -- C:\Users\admin\AppData\Local\History
[2014/05/23 17:08:35 | 000,000,000 | -HSD | C] -- C:\Users\admin\Cookies
[2014/05/23 17:08:35 | 000,000,000 | -HSD | C] -- C:\Users\admin\Application Data
[2014/05/23 17:08:35 | 000,000,000 | -HSD | C] -- C:\Users\admin\AppData\Local\Application Data
[2014/05/23 17:08:35 | 000,000,000 | -H-D | C] -- C:\Users\admin\AppData
[2014/05/23 17:08:35 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\Temp
[2014/05/23 17:08:35 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\Microsoft Help
[2014/05/23 17:08:35 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\Microsoft
[2014/05/23 17:08:35 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Media Center Programs
[2014/05/23 17:08:35 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Macromedia
[2014/05/23 17:08:35 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\HuluDesktop
[2014/05/23 17:08:34 | 000,000,000 | R--D | C] -- C:\Users\admin\Videos
[2014/05/23 17:08:34 | 000,000,000 | R--D | C] -- C:\Users\admin\Saved Games
[2014/05/23 17:08:34 | 000,000,000 | R--D | C] -- C:\Users\admin\Pictures
[2014/05/23 17:08:34 | 000,000,000 | R--D | C] -- C:\Users\admin\Music
[2014/05/23 17:08:34 | 000,000,000 | R--D | C] -- C:\Users\admin\Links
[2014/05/23 17:08:34 | 000,000,000 | R--D | C] -- C:\Users\admin\Favorites
[2014/05/23 17:08:34 | 000,000,000 | R--D | C] -- C:\Users\admin\Downloads
[2014/05/23 17:08:34 | 000,000,000 | R--D | C] -- C:\Users\admin\Documents
[2014/05/23 14:30:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2014/05/22 17:15:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/05/22 17:15:45 | 000,088,280 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/05/22 17:15:45 | 000,063,192 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/05/22 17:15:45 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/05/22 17:15:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/05/19 17:08:12 | 000,119,512 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/05/19 17:07:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/05/15 12:02:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2014/05/08 13:39:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo!
[2014/05/08 13:37:29 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2014/05/08 13:37:04 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool
[2014/05/08 13:36:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\HP
 
========== Files - Modified Within 30 Days ==========
 
[2014/06/02 20:02:03 | 000,001,846 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk
[2014/06/02 19:58:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/06/02 19:46:24 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/02 19:46:15 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/06/02 19:27:44 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf6960934bb34f.job
[2014/06/02 19:23:03 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1551564481-3589056808-1444934922-1000UA1cf6bdcc7c26f9e.job
[2014/06/02 18:47:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\admin\Desktop\OTL.exe
[2014/06/02 16:22:00 | 000,000,872 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1551564481-3589056808-1444934922-1000Core.job
[2014/06/02 14:02:59 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/06/02 14:02:59 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/06/02 14:00:33 | 000,782,510 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/06/02 14:00:33 | 000,662,400 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/06/02 14:00:33 | 000,122,268 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/06/02 13:53:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/06/02 13:53:50 | 278,196,223 | -HS- | M] () -- C:\hiberfil.sys
[2014/05/29 20:47:15 | 000,002,285 | ---- | M] () -- C:\Users\admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/05/29 20:20:33 | 000,001,413 | ---- | M] () -- C:\Users\admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/05/29 20:17:22 | 000,000,548 | ---- | M] () -- C:\Users\admin\Desktop\Emsisoft Emergency Kit.lnk
[2014/05/29 19:39:17 | 229,798,504 | ---- | M] () -- C:\Users\admin\Documents\EmsisoftEmergencyKit.exe
[2014/05/26 20:40:19 | 000,002,261 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/05/26 20:22:11 | 000,774,632 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/05/26 18:11:26 | 001,327,971 | ---- | M] () -- C:\Users\admin\Desktop\adwcleaner_3.211.exe
[2014/05/26 03:54:27 | 000,437,432 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/05/26 03:31:54 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/05/26 03:31:54 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2014/05/24 14:46:24 | 000,032,512 | ---- | M] () -- C:\Windows\SysNative\drivers\hitmanpro37.sys
[2014/05/24 14:44:40 | 000,003,324 | ---- | M] () -- C:\Windows\SysNative\.crusader
[2014/05/24 14:01:22 | 001,016,261 | ---- | M] (Thisisu) -- C:\Users\admin\Desktop\JRT.exe
[2014/05/22 17:15:11 | 000,002,052 | ---- | M] () -- C:\Windows\epplauncher.mif
[2014/05/08 14:02:00 | 000,220,893 | ---- | M] () -- C:\Windows\hpoins35.dat
[2014/05/08 13:46:17 | 000,002,329 | ---- | M] () -- C:\Users\Public\Desktop\Add a Device - Photosmart C309a series.lnk
[2014/05/08 13:38:46 | 000,002,169 | ---- | M] () -- C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk
[2014/05/08 13:37:26 | 000,001,317 | ---- | M] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2014/05/08 13:37:18 | 000,001,163 | ---- | M] () -- C:\Users\Public\Desktop\Shop for HP Supplies.lnk
[2014/05/08 13:37:08 | 000,002,101 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
 
========== Files Created - No Company Name ==========
 
[2014/06/02 19:47:32 | 001,327,971 | ---- | C] () -- C:\Users\admin\Desktop\adwcleaner_3.211.exe
[2014/05/29 20:20:33 | 000,001,413 | ---- | C] () -- C:\Users\admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/05/29 20:17:22 | 000,000,548 | ---- | C] () -- C:\Users\admin\Desktop\Emsisoft Emergency Kit.lnk
[2014/05/29 19:40:45 | 229,798,504 | ---- | C] () -- C:\Users\admin\Documents\EmsisoftEmergencyKit.exe
[2014/05/26 20:40:19 | 000,002,285 | ---- | C] () -- C:\Users\admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/05/26 20:40:19 | 000,002,261 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/05/26 03:39:38 | 000,774,632 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/05/26 03:31:54 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/05/26 03:31:54 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2014/05/25 09:59:49 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2014/05/25 09:59:06 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2014/05/25 09:57:37 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
[2014/05/25 09:57:34 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2014/05/25 09:57:34 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2014/05/24 14:46:24 | 000,032,512 | ---- | C] () -- C:\Windows\SysNative\drivers\hitmanpro37.sys
[2014/05/24 14:44:40 | 000,003,324 | ---- | C] () -- C:\Windows\SysNative\.crusader
[2014/05/24 14:07:11 | 000,001,419 | ---- | C] () -- C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/05/23 17:08:35 | 000,001,974 | ---- | C] () -- C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hulu Desktop.lnk
[2014/05/23 17:08:35 | 000,000,290 | ---- | C] () -- C:\Users\admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/05/23 17:08:35 | 000,000,272 | ---- | C] () -- C:\Users\admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2014/05/22 17:15:11 | 000,002,052 | ---- | C] () -- C:\Windows\epplauncher.mif
[2014/05/22 17:13:27 | 000,000,426 | ---- | C] () -- C:\AVScanner.ini
[2014/05/09 16:17:00 | 000,000,924 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1551564481-3589056808-1444934922-1000UA1cf6bdcc7c26f9e.job
[2014/05/08 13:46:41 | 000,000,778 | ---- | C] () -- C:\Windows\hpomdl35.dat.temp
[2014/05/08 13:46:17 | 000,002,329 | ---- | C] () -- C:\Users\Public\Desktop\Add a Device - Photosmart C309a series.lnk
[2014/05/08 13:38:59 | 000,001,058 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
[2014/05/08 13:38:46 | 000,002,169 | ---- | C] () -- C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk
[2014/05/08 13:37:26 | 000,001,317 | ---- | C] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2014/05/08 13:37:18 | 000,001,163 | ---- | C] () -- C:\Users\Public\Desktop\Shop for HP Supplies.lnk
[2014/05/08 13:37:08 | 000,002,101 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2014/05/08 13:34:41 | 000,220,893 | ---- | C] () -- C:\Windows\hpoins35.dat
[2014/05/08 13:34:41 | 000,000,778 | ---- | C] () -- C:\Windows\hpomdl35.dat
[2014/05/06 12:22:52 | 000,000,898 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf6960934bb34f.job
 
========== ZeroAccess Check ==========
 
[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 19:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 19:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 04:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/05/26 21:26:11 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\PictureMover
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 974 bytes -> C:\ProgramData\Temp:35E5AF34
 
< End of report >
 

OTL Extras logfile created on: 6/2/2014 8:02:55 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\admin\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
5.68 Gb Total Physical Memory | 3.67 Gb Available Physical Memory | 64.64% Memory free
11.36 Gb Paging File | 9.10 Gb Available in Paging File | 80.15% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 686.23 Gb Total Space | 576.79 Gb Free Space | 84.05% Space Free | Partition Type: NTFS
Drive D: | 12.31 Gb Total Space | 1.47 Gb Free Space | 11.96% Space Free | Partition Type: NTFS
 
Computer Name: LEGACYLA2-HP | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{030B60E1-993F-40B7-AA87-B7E568B8DACB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{049032A6-9FE3-47BB-B806-90A9706269DB}" = lport=138 | protocol=17 | dir=in | app=system | 
"{0E2DC2D1-9AF1-4F46-8361-E26BBB636BFE}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{12A4438B-6CED-477A-9D5A-48457F48ADFC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{1329E1EA-066F-4D3E-9108-5FFE1AA5823B}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{1C812BAD-8E91-41D5-99B8-2799496CC797}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{4F9B386B-E56B-4873-AF1E-A7C2B4967E6C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{5735FAD3-058D-483D-9C31-4E9EC3CF481E}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{5F2050AC-209D-40D0-B9BE-7C040F59838F}" = rport=138 | protocol=17 | dir=out | app=system | 
"{6EA263DD-A6AD-4C50-8DC0-F6B5A337FAEC}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{7562CF13-BFC0-4AC4-A3F3-99ED30CC49C9}" = rport=445 | protocol=6 | dir=out | app=system | 
"{759A09DA-8266-45E0-9C76-73DCFB72FD4A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{7ECB3078-BE7B-4B42-8029-CAACB51CF88E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{86953151-4907-4CA7-A321-DEAB53944E4F}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe | 
"{899DA97E-44A4-4B98-ADDE-5B8DF766C36E}" = lport=9100 | protocol=6 | dir=in | name=printer | 
"{9B079231-F6B1-4B68-85CF-BAF7E89B932B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{A1233113-99CC-4886-A09B-AA497B4DD53C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{A457F809-ED17-461F-933D-F7F01027AEA9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{A5890469-4073-4343-99B4-4482342B2A10}" = lport=445 | protocol=6 | dir=in | app=system | 
"{AE62C48F-A901-4230-A0B9-BF168CD0723F}" = lport=139 | protocol=6 | dir=in | app=system | 
"{BF339DB9-16D5-4452-8408-2682237C1864}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{C0B2D35F-B8D2-49FA-B985-69752CEFA56B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{D842BFD3-D2CF-448E-A5F2-DF5D5EE6DFCF}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{DABD6AFE-167D-4E29-AAEF-4B749E609B72}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | 
"{E3B8C1F7-92BD-44C6-B42B-2E310E7E15AE}" = lport=427 | protocol=17 | dir=in | name=slp | 
"{E4747A84-EB24-466C-8B04-A07300380883}" = lport=161 | protocol=6 | dir=in | name=snmp | 
"{F2DB726B-09C1-40EF-AD89-CBA09A016EC2}" = rport=139 | protocol=6 | dir=out | app=system | 
"{F39595C7-7EAF-4680-B201-3FB951B1FF0E}" = rport=137 | protocol=17 | dir=out | app=system | 
"{F6DA256C-8460-4ACB-B550-24E6950D303C}" = lport=137 | protocol=17 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03DE1A9B-4CED-437E-B896-9150D64D9BA7}" = protocol=6 | dir=in | app=c:\users\legacyla2\appdata\local\google\google talk plugin\googletalkplugin.exe | 
"{04652161-F0CD-4E63-8E35-5D88C4AB80A2}" = protocol=17 | dir=in | app=c:\users\legacyla2\appdata\roaming\dropbox\bin\dropbox.exe | 
"{0B6BA36A-17B6-442B-A8A7-D6F804523982}" = dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\photo\hpmediasmartphoto.exe | 
"{13FB8860-BFCB-4AA6-AF82-84E219595537}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\music\hptouchsmartmusic.exe | 
"{1EDFEC8F-7BA0-49F2-ADCB-4DE7E6E920FD}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\cinemanow\cinemanow.exe | 
"{213C2AA7-FF74-4866-8CFF-85506412023F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe | 
"{23272074-D2C6-4B64-B58C-795E33156EF2}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe | 
"{26C06559-BC51-4260-826D-044F9214D653}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{294C0A86-46C0-40A4-A666-29906642E17D}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe | 
"{2A3D5DB0-28DC-449C-B7ED-AE326F6AB263}" = protocol=6 | dir=in | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe | 
"{2E780411-03DE-4723-A47A-2FC70463997B}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe | 
"{2EE57073-9592-4FC4-AC78-50303698C9D9}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{31474C59-4602-49E0-8167-F5E15B7C89CB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe | 
"{32EA8A77-1FCD-4FC7-838B-6399FE319337}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{3854E914-1CF9-4AAA-894E-3B95E2B451EC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe | 
"{393E7C98-6571-48DB-A8BC-E5B737ED8E1A}" = dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\video\hpmediasmartvideo.exe | 
"{3BFCFAD9-BC39-4102-BF2E-5D7FBCE567CD}" = protocol=6 | dir=in | app=c:\program files\hp\hp laserjet p2030 series\hpmsetup.exe | 
"{405E8F61-779C-4446-A886-7178965C7A11}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe | 
"{43E3FBBA-D41F-4EF9-85A3-00EE83A4DAC5}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{47EA8FF9-EA02-494B-BC52-82BE70DF0DB7}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{4BFED525-2109-4A92-8B78-A2B2956C4842}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{51EEC4C8-1F67-4AAB-8EB1-D9421FD0203A}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe | 
"{595CD2AA-193F-4E51-BCE0-D42AEEB1E2A5}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe | 
"{5A7C5F2E-271E-4A7B-B4B9-EE1CFB98FC61}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe | 
"{5B76252B-64FF-400D-A593-A3318122E798}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe | 
"{6207B1FA-6A5A-4028-ADD6-C24CF729103D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe | 
"{67BE9323-EACF-4928-B1FD-4F8AED02D50D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe | 
"{6977CCB4-7FAF-4E02-B54C-B6B751596D5C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe | 
"{709E4616-9232-4270-821D-A60494F5C45B}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe | 
"{79640A0A-A422-444D-8DB8-D6457A3D5DBD}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe | 
"{81BF3364-4A70-41CF-B547-6F02A41C7D2D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{8318DAF9-B6DD-4BC4-B37F-DFCB39842FD6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe | 
"{86F0AE1B-0BCE-4B15-BDEE-EDE3E112610D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe | 
"{88295F2B-82A0-4310-A9BC-81C36F5AA769}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | 
"{8BF01B5C-BEEA-47D5-B3B3-15F405958D52}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{8FA3CFA2-8ACE-4695-9D3C-6F920E6B25F8}" = protocol=17 | dir=in | app=c:\users\legacyla2\appdata\local\google\google talk plugin\googletalkplugin.exe | 
"{8FD34286-9F97-4994-8C24-A0522A981C85}" = protocol=17 | dir=in | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe | 
"{939A9295-3782-4472-A628-E7593E7FFB88}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{98423C62-09FB-4EF4-A99F-FE0E4327D577}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe | 
"{A66145B1-BF51-4D85-A450-2DD8996AF6C6}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe | 
"{A9D83183-D3A7-467B-8DB2-2B445CA087C4}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe | 
"{B114BE0E-7D3B-49C3-8664-EC6E57767943}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{BEFAE29C-6858-4784-81CC-5E640A81FB6C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{C21A0C8E-F044-471E-9F58-169557699302}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | 
"{C7772614-438E-445E-9B63-E48C8773C1C8}" = protocol=17 | dir=in | app=c:\program files\hp\hp laserjet p2030 series\hpmsetup.exe | 
"{C8413081-129F-499A-99F4-E63831321DB7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\{71c4f928-136a-4222-a191-310e081fb96b}\setup\hpznui40.exe | 
"{CC3B148E-AF68-494F-905B-E924CABD23C1}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{D15D7348-606B-4A58-A4D9-191116C51082}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{D2022362-5E9E-4986-9355-6BE616DC0DD2}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | 
"{D3A2D9F2-B5CF-4F81-B8D1-F38AC5E74697}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\cinemanow\cinemanow.exe | 
"{D43C1ABC-84D7-4702-AEFF-2D05AE238720}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{D45C63C7-AC58-44A6-A1A8-9A73AE0A6A30}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe | 
"{D58365FC-BC43-45A1-986E-6BEA59344C44}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe | 
"{D8032F58-63D8-493B-A2A2-06B9FE8A5F47}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe | 
"{DC0DF2B5-046A-42AE-BED8-1B12AD8B12E9}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe | 
"{DEB3A686-CF9F-421A-BC66-BC62C7DAAF60}" = protocol=6 | dir=in | app=c:\users\legacyla2\appdata\roaming\dropbox\bin\dropbox.exe | 
"{E30C9A88-E173-495E-AB45-1A8ADA6DD676}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe | 
"{E70D65A7-B04F-4970-B937-233381C4F014}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe | 
"{E91A130B-E942-48BE-A020-48D6104E5587}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe | 
"{EC6F2BD6-82DD-4560-BE31-F8BD95A0F354}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe | 
"{F29718A2-A974-4102-AB0C-B5F111A387D3}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{FAC20A14-ABD6-45BA-99AC-E561B4317C3F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe | 
"{FDC60F90-F41F-44B4-B6C0-C496B447BD25}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe | 
"{FDFA80DF-C9E0-4999-BA2B-65287864246D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"TCP Query User{1025DA4E-BE3D-4AD9-926F-4584C7EDF3B9}C:\users\legacyla2\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\legacyla2\appdata\roaming\dropbox\bin\dropbox.exe | 
"TCP Query User{BAFCD908-CFE4-404E-B062-E1744C353BC1}C:\users\legacyla2\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\legacyla2\appdata\roaming\spotify\spotify.exe | 
"TCP Query User{CF556B54-01BB-481C-914C-C3A5CA16189C}C:\users\legacyla2\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\legacyla2\appdata\roaming\spotify\spotify.exe | 
"UDP Query User{53FFBEB4-4196-4862-B590-BEA6524FAFD6}C:\users\legacyla2\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\legacyla2\appdata\roaming\dropbox\bin\dropbox.exe | 
"UDP Query User{6D04FA42-1661-4A74-A013-0F62FBB93E9D}C:\users\legacyla2\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\legacyla2\appdata\roaming\spotify\spotify.exe | 
"UDP Query User{6DD7E4B4-1497-4111-8F9E-2282C52A7511}C:\users\legacyla2\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\legacyla2\appdata\roaming\spotify\spotify.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX870_series" = Canon MX870 series MP Drivers
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{5B08AF35-B699-4A44-BB89-3E51E70611E8}" = HP MediaSmart SmartMenu
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}" = MobileMe Control Panel
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{71C4F928-136A-4222-A191-310E081FB96B}" = HP Photosmart C309a All-In-One Driver Software 14.0 Rel. 5
"{787136D2-F0F8-4625-AA3F-72D7795AC842}" = Apple Mobile Device Support
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{81E20D41-C277-4526-934D-F2380AF91B78}" = iCloud
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A945B7E-4F69-4DDA-B14B-E4DE8446A010}" = MrvlUsgTracking64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B8BA155B-1E75-405F-9CB4-8A99615D09DC}" = iTunes
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{D79A02E9-6713-4335-9668-AAC7474C0C0E}" = HP Vision Hardware Diagnostics
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP LaserJet P2030 Series" = HP LaserJet P2030 Series
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"HPOCR" = OCR Software by I.R.I.S. 14.0
"Shop for HP Supplies" = Shop for HP Supplies
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{111EE7DF-FC45-40C7-98A7-753AC46B12FB}" = QuickTime 7
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = Roxio CinemaNow 2.0
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20EFC9AA-BBC1-4DFD-81FF-99654F71CBF8}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{217CEB43-6D22-3E1F-A311-DC0D7BFEE0A2}" = Google Talk Plugin
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{264FE20A-757B-492a-B0C3-4009E2997D8A}" = PictureMover
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2CE4119A-FF7F-3EE6-42A4-EB53C6057FFE}" = Zinio Reader 4
"{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"{319E272A-B5DB-4939-99D0-1F1F0C55699E}" = HP Support Assistant
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}" = LightScribe System Software
"{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{59E44523-0F0F-4454-9F37-E951BBA55B84}" = C309a
"{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}" = SolutionCenter
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72D90DB3-A16A-4545-B555-868471101833}" = HP Setup
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MediaSmart CinemaNow 2.0
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{912CED74-88D3-4C5B-ACB0-13231864975D}" = PressReader
"{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"{91A4AD99-69CE-4745-97B7-0E0DFBECFDE5}" = Adobe Illustrator CS
"{9294F169-72EE-4D74-AE92-CA25F64B4FF8}" = Fax
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}" = Apple Application Support
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.07)
"{B28635AB-1DF3-4F07-BFEA-975D911B549B}" = hpphotosmartdisclabelplugin
"{B74D4E10-6884-0000-0000-000000000103}" = Adobe Bridge 1.0
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BDDA1E1E-204E-4368-B0C2-737F16B76307}" = HP MediaSmart/TouchSmart Netflix
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D9D8F2CF-FE2D-4644-9762-01F916FE90A9}" = HPPhotoSmartDiscLabel_PaperLabel
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE77FE3F-A33D-499A-87AD-5FC406617B40}" = HP Update
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F872A4F8-4EC5-4668-A908-7C7275B0BE49}" = hppusgP2030
"{FA0E7183-6B11-4899-B25F-2C490543967E}" = PS_AIO_05_C309_Software_Min
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Canon MX870 series User Registration" = Canon MX870 series User Registration
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Google Chrome" = Google Chrome
"GoToAssist Express Customer" = GoToAssist Customer 2.0.0.637
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"Kobo" = Kobo
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.1.1004
"Mozilla Firefox 27.0.1 (x86 en-US)" = Mozilla Firefox 27.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 3.1" = Canon MP Navigator EX 3.1
"MSC" = McAfee SecurityCenter
"My HP Game Console" = HP Game Console
"PDF Complete" = PDF Complete Special Edition
"Speed Dial Utility" = Canon Speed Dial Utility
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WT087328" = Blackhawk Striker 2
"WT087335" = Build-a-lot 2
"WT087342" = Dora's Carnival Adventure
"WT087360" = Escape Rosecliff Island
"WT087361" = FATE
"WT087362" = Final Drive Nitro
"WT087372" = Heroes of Hellas 2 - Olympia
"WT087373" = Jewel Quest 3
"WT087379" = Jewel Quest Solitaire 2
"WT087394" = Penguins!
"WT087395" = Poker Superstars III
"WT087396" = Polar Bowler
"WT087397" = Polar Golfer
"WT087414" = Virtual Families
"WT087415" = Wheel of Fortune 2
"WT087428" = Bejeweled 2 Deluxe
"WT087453" = Chuzzle Deluxe
"WT087501" = Plants vs. Zombies
"WT087513" = Virtual Villagers - The Secret City
"WT087533" = Zuma Deluxe
"WT087536" = Diner Dash 2 Restaurant Rescue
"ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1" = Zinio Reader 4
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"HuluDesktop" = Hulu Desktop
 
========== Last 20 Event Log Errors ==========
 
[ Hewlett-Packard Events ]
Error - 3/11/2014 8:43:42 PM | Computer Name = LegacyLA2-HP | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP
 Support Framework\Logs\Temp\HPSA\HPSASession_201403111743.xml'. mscorlib    at System.IO.__Error.WinIOError(Int32
 errorCode, String maybeFullPath)     at System.IO.FileStream.Init(String path, FileMode
 mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, 
Boolean bFromProxy)     at System.IO.FileStream..ctor(String path, FileMode mode, 
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)     at 
System.IO.StreamWriter.CreateFile(String path, Boolean append)     at System.IO.StreamWriter..ctor(String
 path, Boolean append, Encoding encoding, Int32 bufferSize)     at System.IO.StreamWriter..ctor(String
 path, Boolean append, Encoding encoding)     at System.IO.File.WriteAllText(String
 path, String contents, Encoding encoding)     at HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
 
 
Error - 3/18/2014 7:22:31 PM | Computer Name = LegacyLA2-HP | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP
 Support Framework\Logs\Temp\HPSA\HPSASession_201403181622.xml'. mscorlib    at System.IO.__Error.WinIOError(Int32
 errorCode, String maybeFullPath)     at System.IO.FileStream.Init(String path, FileMode
 mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, 
Boolean bFromProxy)     at System.IO.FileStream..ctor(String path, FileMode mode, 
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)     at 
System.IO.StreamWriter.CreateFile(String path, Boolean append)     at System.IO.StreamWriter..ctor(String
 path, Boolean append, Encoding encoding, Int32 bufferSize)     at System.IO.StreamWriter..ctor(String
 path, Boolean append, Encoding encoding)     at System.IO.File.WriteAllText(String
 path, String contents, Encoding encoding)     at HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
 
 
Error - 3/26/2014 12:22:54 PM | Computer Name = LegacyLA2-HP | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP
 Support Framework\Logs\Temp\HPSA\HPSASession_201403260922.xml'. mscorlib    at System.IO.__Error.WinIOError(Int32
 errorCode, String maybeFullPath)     at System.IO.FileStream.Init(String path, FileMode
 mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, 
Boolean bFromProxy)     at System.IO.FileStream..ctor(String path, FileMode mode, 
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)     at 
System.IO.StreamWriter.CreateFile(String path, Boolean append)     at System.IO.StreamWriter..ctor(String
 path, Boolean append, Encoding encoding, Int32 bufferSize)     at System.IO.StreamWriter..ctor(String
 path, Boolean append, Encoding encoding)     at System.IO.File.WriteAllText(String
 path, String contents, Encoding encoding)     at HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
 
 
Error - 4/1/2014 6:00:17 PM | Computer Name = LegacyLA2-HP | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP
 Support Framework\Logs\Temp\HPSA\HPSASession_201404011500.xml'. mscorlib    at System.IO.__Error.WinIOError(Int32
 errorCode, String maybeFullPath)     at System.IO.FileStream.Init(String path, FileMode
 mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, 
Boolean bFromProxy)     at System.IO.FileStream..ctor(String path, FileMode mode, 
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)     at 
System.IO.StreamWriter.CreateFile(String path, Boolean append)     at System.IO.StreamWriter..ctor(String
 path, Boolean append, Encoding encoding, Int32 bufferSize)     at System.IO.StreamWriter..ctor(String
 path, Boolean append, Encoding encoding)     at System.IO.File.WriteAllText(String
 path, String contents, Encoding encoding)     at HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
 
 
Error - 4/8/2014 5:43:07 PM | Computer Name = LegacyLA2-HP | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP
 Support Framework\Logs\Temp\HPSA\HPSASession_201404081443.xml'. mscorlib    at System.IO.__Error.WinIOError(Int32
 errorCode, String maybeFullPath)     at System.IO.FileStream.Init(String path, FileMode
 mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, 
Boolean bFromProxy)     at System.IO.FileStream..ctor(String path, FileMode mode, 
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)     at 
System.IO.StreamWriter.CreateFile(String path, Boolean append)     at System.IO.StreamWriter..ctor(String
 path, Boolean append, Encoding encoding, Int32 bufferSize)     at System.IO.StreamWriter..ctor(String
 path, Boolean append, Encoding encoding)     at System.IO.File.WriteAllText(String
 path, String contents, Encoding encoding)     at HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
 
 
Error - 4/15/2014 5:29:40 PM | Computer Name = LegacyLA2-HP | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP
 Support Framework\Logs\Temp\HPSA\HPSASession_201404151429.xml'. mscorlib    at System.IO.__Error.WinIOError(Int32
 errorCode, String maybeFullPath)     at System.IO.FileStream.Init(String path, FileMode
 mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, 
Boolean bFromProxy)     at System.IO.FileStream..ctor(String path, FileMode mode, 
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)     at 
System.IO.StreamWriter.CreateFile(String path, Boolean append)     at System.IO.StreamWriter..ctor(String
 path, Boolean append, Encoding encoding, Int32 bufferSize)     at System.IO.StreamWriter..ctor(String
 path, Boolean append, Encoding encoding)     at System.IO.File.WriteAllText(String
 path, String contents, Encoding encoding)     at HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
 
 
Error - 4/22/2014 5:16:05 PM | Computer Name = LegacyLA2-HP | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP
 Support Framework\Logs\Temp\HPSA\HPSASession_201404221416.xml'. mscorlib    at System.IO.__Error.WinIOError(Int32
 errorCode, String maybeFullPath)     at System.IO.FileStream.Init(String path, FileMode
 mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, 
Boolean bFromProxy)     at System.IO.FileStream..ctor(String path, FileMode mode, 
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)     at 
System.IO.StreamWriter.CreateFile(String path, Boolean append)     at System.IO.StreamWriter..ctor(String
 path, Boolean append, Encoding encoding, Int32 bufferSize)     at System.IO.StreamWriter..ctor(String
 path, Boolean append, Encoding encoding)     at System.IO.File.WriteAllText(String
 path, String contents, Encoding encoding)     at HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
 
 
Error - 4/29/2014 6:53:28 PM | Computer Name = LegacyLA2-HP | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP
 Support Framework\Logs\Temp\HPSA\HPSASession_201404291553.xml'. mscorlib    at System.IO.__Error.WinIOError(Int32
 errorCode, String maybeFullPath)     at System.IO.FileStream.Init(String path, FileMode
 mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, 
Boolean bFromProxy)     at System.IO.FileStream..ctor(String path, FileMode mode, 
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)     at 
System.IO.StreamWriter.CreateFile(String path, Boolean append)     at System.IO.StreamWriter..ctor(String
 path, Boolean append, Encoding encoding, Int32 bufferSize)     at System.IO.StreamWriter..ctor(String
 path, Boolean append, Encoding encoding)     at System.IO.File.WriteAllText(String
 path, String contents, Encoding encoding)     at HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
 
 
Error - 5/6/2014 5:03:12 PM | Computer Name = LegacyLA2-HP | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP
 Support Framework\Logs\Temp\HPSA\HPSASession_201405061403.xml'. mscorlib    at System.IO.__Error.WinIOError(Int32
 errorCode, String maybeFullPath)     at System.IO.FileStream.Init(String path, FileMode
 mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, 
Boolean bFromProxy)     at System.IO.FileStream..ctor(String path, FileMode mode, 
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)     at 
System.IO.StreamWriter.CreateFile(String path, Boolean append)     at System.IO.StreamWriter..ctor(String
 path, Boolean append, Encoding encoding, Int32 bufferSize)     at System.IO.StreamWriter..ctor(String
 path, Boolean append, Encoding encoding)     at System.IO.File.WriteAllText(String
 path, String contents, Encoding encoding)     at HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
 
 
Error - 5/13/2014 6:14:58 PM | Computer Name = LegacyLA2-HP | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find a part of the path 'C:\ProgramData\Hewlett-Packard\HP
 Support Framework\Logs\Temp\HPSA\HPSASession_201405131514.xml'. mscorlib    at System.IO.__Error.WinIOError(Int32
 errorCode, String maybeFullPath)     at System.IO.FileStream.Init(String path, FileMode
 mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, 
Boolean bFromProxy)     at System.IO.FileStream..ctor(String path, FileMode mode, 
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)     at 
System.IO.StreamWriter.CreateFile(String path, Boolean append)     at System.IO.StreamWriter..ctor(String
 path, Boolean append, Encoding encoding, Int32 bufferSize)     at System.IO.StreamWriter..ctor(String
 path, Boolean append, Encoding encoding)     at System.IO.File.WriteAllText(String
 path, String contents, Encoding encoding)     at HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
 
 
[ OSession Events ]
Error - 6/4/2012 6:25:17 PM | Computer Name = LegacyLA2-HP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 10666
 seconds with 360 seconds of active time.  This session ended with a crash.
 
Error - 6/28/2012 7:53:55 PM | Computer Name = LegacyLA2-HP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 260640
 seconds with 540 seconds of active time.  This session ended with a crash.
 
Error - 3/11/2013 7:21:09 PM | Computer Name = LegacyLA2-HP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 17160
 seconds with 3060 seconds of active time.  This session ended with a crash.
 
Error - 4/30/2013 8:07:16 PM | Computer Name = LegacyLA2-HP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 861
 seconds with 60 seconds of active time.  This session ended with a crash.
 
Error - 5/1/2013 6:25:46 PM | Computer Name = LegacyLA2-HP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 15473
 seconds with 6480 seconds of active time.  This session ended with a crash.
 
Error - 2/3/2014 11:55:36 PM | Computer Name = LegacyLA2-HP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 8280
 seconds with 120 seconds of active time.  This session ended with a crash.
 
 
< End of report >
 


#4 Valinorum

Valinorum

    Shadow Hide The Hunter


  • Malware Response Instructor
  • 1,653 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:25 PM

Posted 03 June 2014 - 12:56 AM

Hi aapinedo1, :)

How is your system running?
  • Step #4 Fix with AdwCleaner
    • Right-click on AdwCleaner.exe and choose Run as administrator;
    • Click on Scan and let the program run unhindered;
    • From the Registry tab uncheck the box beside the following key --
      HKCU\Software\AppDataLow\Software
    • When done, click on Clean and allow the system to reboot after it is done;
    • A log will be opened automatically after the restart;
    • Copy and Paste the contents of this log in your reply.
 
  • Step #5 Fix with OTL
    • Re-run OTL by right clicking and choosing Run as administrator;
    • Under the Custom Scans/Fixes Box copy and paste the following contents inside the quote box. (Do not include the word 'quote').

      :Commands
      [createrestorepoint]

      :OTL
      SRV - [2010/04/03 16:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
      O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
      O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
      O4 - HKLM..\Run: [] File not found
      O1364bit: - gopher Prefix: missing
      O13 - gopher Prefix: missing
      @Alternate Data Stream - 974 bytes -> C:\ProgramData\Temp:35E5AF34

      :Commands
      [emptytemp]

    • Click on "Run Fix" and let the program run unhindered;
    • Your PC will reboot automatically and a log will be opened;
    • Please post it in your next reply.
 
  • Required Log(s):
    • AdwCleaner Log
    • OTL Fix Log
Regards,
Valinorum

Geek U Graduate

I close my topic(s) with no replies for more than 4 days. PM me or Moderators to reactivate. All helps are provided via forum ergo do not PM me for help.

 


#5 aapinedo1

aapinedo1
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:25 AM

Posted 03 June 2014 - 09:57 AM

The following extnesions installed themselves in chrome after running the fixes.
 
BTControl12DM2
MIXIDJ V8
 
 
# AdwCleaner v3.211 - Report created 03/06/2014 at 07:18:36
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : admin - LEGACYLA2-HP
# Running from : C:\Users\admin\Desktop\adwcleaner_3.211.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
[x] Not Deleted : HKCU\Software\AppDataLow\Software
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17041
 
 
-\\ Google Chrome v35.0.1916.114
 
[ File : C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
 
[ File : C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [6903 octets] - [24/05/2014 13:50:26]
AdwCleaner[R1].txt - [764 octets] - [26/05/2014 18:06:51]
AdwCleaner[R2].txt - [1443 octets] - [02/06/2014 20:00:13]
AdwCleaner[R3].txt - [1503 octets] - [03/06/2014 07:16:30]
AdwCleaner[S0].txt - [6687 octets] - [24/05/2014 13:51:48]
AdwCleaner[S1].txt - [824 octets] - [26/05/2014 18:08:02]
AdwCleaner[S2].txt - [1438 octets] - [03/06/2014 07:18:36]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1498 octets] ##########
 
All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Service GameConsoleService stopped successfully!
Service GameConsoleService deleted successfully!
C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
ADS C:\ProgramData\Temp:35E5AF34 deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: admin
->Temp folder emptied: 9410314 bytes
->Temporary Internet Files folder emptied: 6881934 bytes
->Google Chrome cache emptied: 7153816 bytes
->Flash cache emptied: 826 bytes
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Guest
->Temp folder emptied: 6208280 bytes
->Temporary Internet Files folder emptied: 74162593 bytes
->Java cache emptied: 50076 bytes
->FireFox cache emptied: 577521677 bytes
->Flash cache emptied: 51529 bytes
 
User: LegacyLA2
->Temp folder emptied: 3984371458 bytes
->Temporary Internet Files folder emptied: 181365206 bytes
->Java cache emptied: 421851 bytes
->FireFox cache emptied: 221820880 bytes
->Google Chrome cache emptied: 365403913 bytes
->Flash cache emptied: 1403597 bytes
 
User: Public
 
User: Staff
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2090791027 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 55415649 bytes
RecycleBin emptied: 2029 bytes
 
Total Files Cleaned = 7,231.00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 06032014_074113
 
Files\Folders moved on Reboot...
C:\Users\admin\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
C:\Windows\temp\CitrixLogs\GoToAssist Remote Support Customer\637\log7B37.tmp\GoToAssist Remote Support Customer_01.LOG moved successfully.
C:\Windows\temp\CitrixLogs\GoToAssist Remote Support Customer\637\log7B37.tmp\mgn_service-service_00.log moved successfully.
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
 
PendingFileRenameOperations files...
 
Registry entries deleted on Reboot...
 


#6 Valinorum

Valinorum

    Shadow Hide The Hunter


  • Malware Response Instructor
  • 1,653 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:25 PM

Posted 04 June 2014 - 03:08 AM

The following extnesions installed themselves in chrome after running the fixes.

BTControl12DM2
MIXIDJ V8

Remove the extensions including all the other unknown extensions from Google Chrome. How is your browser running?

Geek U Graduate

I close my topic(s) with no replies for more than 4 days. PM me or Moderators to reactivate. All helps are provided via forum ergo do not PM me for help.

 


#7 aapinedo1

aapinedo1
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:25 AM

Posted 05 June 2014 - 12:44 AM

I uninstalled the chrome extensions and after browsing for a few minutes the extensions re-installed themselves.

 

BTControl12DM2
MIXIDJ V8

 

Thank you,

a



#8 Valinorum

Valinorum

    Shadow Hide The Hunter


  • Malware Response Instructor
  • 1,653 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:25 PM

Posted 05 June 2014 - 01:09 AM

Can you reset Chrome by perusing this?

Geek U Graduate

I close my topic(s) with no replies for more than 4 days. PM me or Moderators to reactivate. All helps are provided via forum ergo do not PM me for help.

 


#9 aapinedo1

aapinedo1
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:25 AM

Posted 05 June 2014 - 01:30 AM

Hi V.

 

I have reset the browser as directed and the plugins are re-installing. 

 

Thank you,

a



#10 Valinorum

Valinorum

    Shadow Hide The Hunter


  • Malware Response Instructor
  • 1,653 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:25 PM

Posted 05 June 2014 - 01:57 AM

Hi aapinedo1, :)

Let's try to see if they are loading from some place else.
  • Step #6 Scan with Malwarebytes' Anti-Malware
    • Download Malwarebytes' Anti-Malware from the suitable link below --
    • Double-click mbam-setup.exe to install the application.
    • Before clicking Finish perform the following actions --
      • Un-check the box beside Enable free trial of Malwarebytes Anti-Malware Premium.
      • Check the box beside Launch Malwarebytes Anti-Malware
    • Once the program has loaded, The MBAM dashboard will appear with an alert to update - click the green button Update Now;
    • Click on Setting--
      • Navigate to the tab Detection and Protection and check all the boxes under Detection Options
    • From the Dashboard click on Scan Now;
    • If threats are detected click on Apply actions. If the program asks to reboot your PC, let it do so;
    • On completion of the scan click on View Detailed Log after that click on Export Button, select Text File and save the log to your Desktop;
    • Copy and Paste the contents of the log in your next reply.
 
  • Step #7 ESET Online Scanner
    Uninstall your current version of ESET Online Scanner.
    Disable your security programs which includes but not limited to anti-virus, anti-malware, anti-spyware et cetera. Peruse this for additional information.
    • Download esetsmartinstaller_enu.exe by clicking here.
    • Right-click on the program and choose Run as administrator.
    • Accept their terms and condition and proceed.
    • Install Add-On/Active X if prompted.
    • From the Computer Scan Setting --
      • Uncheck the box beside Remove Found Threats;
      • Check the box beside Scan archives
    • Click on Advanced Setting and check the following boxes--
      • Scan for potentially unwanted applications
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth Technology
    • Click on Start and wait for the virus signature database to update.
    • The online scan will begin automatically and can take several hours.
      • Note: Do not touch either the Mouse or keyboard during the scan. Otherwise it may stall.
    • After the Scan finishes --
      • If no threats were found:
        • Put a checkmark in Uninstall application on close.
        • Close the program and report that nothing was found
      • If threats were found:
        • Open the file located in C:\Program Files\ESET\ESET Online Scanner\log.txt (32-bit) or C:\Program Files (x86)\ESET\ESET Online Scanner\log.txt (64-bit).
        • Copy and Paste contents of the log file in your next reply.
    Note: Enable your security programs afterwards.
 
  • Required Log(s):
    • Malwarebytes' Anti-Malware Log
    • ESET Scan Log
Regards,
Valinorum

Geek U Graduate

I close my topic(s) with no replies for more than 4 days. PM me or Moderators to reactivate. All helps are provided via forum ergo do not PM me for help.

 


#11 aapinedo1

aapinedo1
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:25 AM

Posted 05 June 2014 - 10:37 AM

Hi V. Here are the requested log files.
 
Thank you,
a
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 6/5/2014
Scan Time: 12:05:56 AM
Logfile: 
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.06.05.05
Rootkit Database: v2014.06.02.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: admin
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 361595
Time Elapsed: 16 min, 10 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 110
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\js\lib, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\js\options, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\js\tabs, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\js\tabs\back, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\js\toolbarAPI, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\plugins, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\API, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\aboutBox, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\aboutBox\images, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\aboutBox\js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ac, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ac\css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ac\img, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ac\res, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\api, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\msd, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\options, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\options\css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\options\images, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\options\js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\options\js\resources, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\sp, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\sp\js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\sp\spbd, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\sp\spbd\images, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\sp\spsd, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\sp\spsd\images, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\dlg, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\dlg\ftd, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\dlg\ftd\images, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\gadgetFrame, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\gf, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\gf\css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\gf\img, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\gf\js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\menu, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\menu\css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\menu\img, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\menu\js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\APPLICATION_BUTTON, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\APPLICATION_BUTTON\Js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\APPLICATION_BUTTON\resources, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\EMAIL_NOTIFIER, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\EMAIL_NOTIFIER\css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\EMAIL_NOTIFIER\js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\EMAIL_NOTIFIER\js\plugins, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\HIGHLIGHTER, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\HIGHLIGHTER\css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\HIGHLIGHTER\js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\MULTI_RSS, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\MULTI_RSS\css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\MULTI_RSS\img, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\MULTI_RSS\js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\MULTI_RSS\js\resources, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\images, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\images\dark, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\images\light, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\Optimizer, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\Optimizer\js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\PRICE_GONG, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\PRICE_GONG\agreement, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\PRICE_GONG\css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\PRICE_GONG\css\custom-theme, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\PRICE_GONG\images, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\PRICE_GONG\menu_dlg, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\RADIO_PLAYER, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\RADIO_PLAYER\css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\RADIO_PLAYER\css\custom-theme, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\RADIO_PLAYER\js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\RADIO_PLAYER\js\resources, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\SEARCH, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\SEARCH\buildSettings, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\SEARCH\Css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\SEARCH\js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\SEARCH\resources, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\SEARCH\view, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\SEARCH\view\script, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\SEARCH\view\style, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\SEARCH\view\style\rsx, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\TWITTER, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\TWITTER\img, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\TWITTER\js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\TWITTER\resources, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\WEATHER, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\WEATHER\css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\WEATHER\js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\core, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\lib, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\lib\jquery.alerts, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\lib\jquery.alerts\images, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\sl, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\_locales, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\_locales\en, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
 
Files: 580
PUP.Optional.OptimumInstaller.A, C:\Users\admin\Downloads\Player-Chrome (1).exe, Quarantined, [4a68343f0e6db87eddcb9db237ca05fb], 
PUP.Optional.OptimumInstaller.A, C:\Users\admin\Downloads\Player-Chrome.exe, Quarantined, [357d1b58e6950f275553341b13eeff01], 
PUP.Optional.OptimumInstaller.A, C:\Users\LegacyLA2\Downloads\flashplayerpro_Setup.exe, Quarantined, [0fa3aac952294fe76246014eb34e7f81], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\634865961498162039.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\634865961499880811.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\ConduitAbstractionLayerBack.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\ConduitAbstractionLayerFront.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\CT3287822.txt, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\CT3287822_public.txt, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\icon.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\initData.json, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\manifest.json, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\js\contentScript.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\js\bcview.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\js\chromeBackstage.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\js\chromeBackstage.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\js\chromeBackstageLoader.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\js\communicator.back.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\js\compatibility.end.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\js\compatibility.service.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\js\compatibility.start.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\js\conduitEnv.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\js\framework.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\js\iframeHost.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\js\iframeHost.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\js\JSONStringify.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\js\logger.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\js\match.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\js\navigationHandler.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\js\pluginLoader.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\js\updatesManager.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\js\verlyEarly.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\js\lib\jquery-1.5.min.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\js\options\Options.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\js\tabs\back\postNavigation.htm, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\js\toolbarAPI\toolbarAPI.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\plugins\ChromeApproveTBPlugin.dll, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\plugins\ChromeAutoApproveTB.dll, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\plugins\ConduitChromeApiPlugin.dll, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\plugins\np-cwmp.dll, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\plugins\np-mswmp.dll, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\initData.json, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\html\SearchBackground.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\html\searchInNewTabAPI.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\API\Applications.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\API\Bookmarks.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\API\DeveloperMode.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\API\EmbeddedConfig.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\API\enable_disable.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\API\EventHandler.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\API\Global.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\API\LocationService.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\API\MostVisited.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\API\NewTabAPI.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\API\RecentlyClosed.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\API\SearchBox.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\API\ServiceMap.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\API\Settings.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\API\startupSequence.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\API\Thumbnails.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\API\Toolbar.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\API\Translation.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\API\Usage.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\css\about_memory.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\css\alert_overlay.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\css\apps_page.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\css\bubble.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\css\chrome_shared.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\css\chrome_shared2.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\css\chrome_shared2_touch.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\css\dialogs.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\css\expandable_bubble.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\css\footer_menu.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\css\list.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\css\menu.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\css\most_visited_page.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\css\nav_dot.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\css\new_tab.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\css\new_tab_theme.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\css\overlay.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\css\spinner.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\css\suggestions_page.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\css\table.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\css\tabs.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\css\throbber.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\css\tile_page.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\css\trash.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\css\tree.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\css\ui_account_tweaks.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\css\widgets.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\html\alert_overlay.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\html\appLauncher.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\html\loadfile.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\html\NewTabBackground.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\html\new_tab.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\html\Options.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\html\redirect.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\html\trash.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\close_bar_mask.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\exclamationIcon.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\history_section.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\app_promo_button.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\check.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\checkbox_black.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\checkbox_white.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\closed_window.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\close_bar.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\close_bar_2x.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\close_bar_h.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\close_bar_h_2x.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\close_bar_mask_2x.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\close_bar_p.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\close_bar_p_2x.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\detected_sd.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\detected_usb.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\disabled_select.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\disclosure_triangle_mask.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\downloads_section.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\favicon.ico, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\favicon.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\folder_closed.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\folder_closed_rtl.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\folder_open.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\folder_open_rtl.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\gear.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\google-transparent.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\guest_icon_standalone.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\help.gif, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\icon128.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\icon16.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\icon48.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\icon_checkmark.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\icon_file.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\icon_folder.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\icon_warning.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\icon_warning2.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\IDR_PRODUCT_LOGO.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\ImagesRepository.json, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\insert.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\minus.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\nub.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\nub_mask.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\otr_icon_standalone.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\phishing_icon.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\plus.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\select.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\small_bubble.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\spinner.svg, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\star_small.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\success.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\throbber.svg, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\thumbnailPlaceHolder.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\trash.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\trashBinN.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\WebStore128.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\x-hover.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\x.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\img\__IDR_PRODUCT_LOGO.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\context_menu_handler.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\i18n_template.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\alert_overlay.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\appLauncher.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\apps_page.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\autocomplete_list.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\Base64.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\bubble.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\card_slider.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\color-thief.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\command.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\command_line.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\context_menu_button.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\cr.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\database.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\dialogs.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\dot_list.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\drag_wrapper.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\event_target.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\event_tracker.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\expandable_bubble.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\focus_outline_manager.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\i18n_process.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\i18n_template2.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\jquery.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\link_controller.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\loadFile.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\load_time_data.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\local_strings.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\logerror.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\logging.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\md5.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\media_common.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\menu.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\menu_button.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\menu_item.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\most_visited_page.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\nav_dot.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\NewTabBackground.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\newTabBeforeStart.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\newTabLoadTimeData.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\new_tab.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\options.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\other_sessions.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\overlay.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\page_list_view.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\page_switcher.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\parse_html_subset.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\position_util.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\promise.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\quantize.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\recently_closed.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\repeating_button.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\SearchBoxPage.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\splitter.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\suggestions_page.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\tile_page.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\touch_handler.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\trash.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\tree.css.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\tree.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\ui.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\ui_account_tweaks.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\util.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\Search\NewTabPages\js\ZipFile.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\backstage.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\searchversion.txt, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\version.txt, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\al.view.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\aboutBox\aboutBox.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\aboutBox\images\conduit-logo-OLD.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\aboutBox\images\conduit-logo.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\aboutBox\images\OK-Button-Default.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\aboutBox\images\OK-Button-MouseOver.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\aboutBox\images\OK-Button-OnClick.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\aboutBox\images\truste.gif, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\aboutBox\images\x.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\aboutBox\js\aboutBox.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ac\appManager.controller.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ac\appManager.model.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ac\appManager.view.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ac\css\toolbar.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ac\img\minibrowser24.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ac\img\ajax-loader.gif, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ac\img\buttonSprites.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ac\img\chevron_sprites.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ac\img\fallback24.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ac\img\ie8_mouseover_button.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ac\img\ie8_onclick_button.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ac\img\loader-icon.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ac\img\menu_arrow.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ac\img\minibrowser.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ac\img\mp_sprites.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ac\img\new_chevron_sprites.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ac\img\rounded_corners_left_transparent.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ac\img\rounded_corners_left_white.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ac\img\rounded_corners_left_white_34.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ac\img\rounded_corners_right_transparent.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ac\img\rounded_corners_right_white.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ac\img\rounded_corners_right_white_34.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ac\img\separator.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ac\img\separator_hover.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ac\img\uus.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ac\res\yoxscroll.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\api\toolbarapi.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\api\webAppApi.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\api\webAppApiFront.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\msd\excanvas.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\msd\trusted.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\msd\trusted.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\msd\untrusted.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\msd\untrusted.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\msd\untrusted.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\options\options.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\options\css\jquery.jscrollpane.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\options\css\options.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\options\css\reset.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\options\images\bg-hide-click.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\options\images\bg-hide.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\options\images\checkbox-check-off.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\options\images\checkbox-check-on.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\options\images\conduit-logo.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\options\images\ic_Closer.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\options\images\ic_Closer_hover.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\options\images\minibrowser.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\options\images\scroller.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\options\images\sprite-ok-button.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\options\images\truste.gif, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\options\images\x.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\options\js\html5SupportIe.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\options\js\options.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\options\js\resources\html5shiv.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\options\js\resources\jquery.jscrollpane.min.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\options\js\resources\jquery.mousewheel.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\sp\js\searchProtectorManager.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\sp\spbd\bubble.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\sp\spbd\bubble.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\sp\spbd\main.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\sp\spbd\images\information.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\sp\spbd\images\x-default-LTR.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\sp\spbd\images\x-default-RTL.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\sp\spbd\images\x-mouseover-LTR.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\sp\spbd\images\x-mouseover-RTL.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\sp\spsd\main.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\sp\spsd\SearchProtector.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\sp\spsd\settings.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\sp\spsd\images\ok-button.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\sp\spsd\images\separation-line.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\sp\spsd\images\warning.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\menus.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\popups.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\dlg\DialogsAPI.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\dlg\excanvas.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\dlg\generalDialogStyle.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\dlg\PIE.htc, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\dlg\settings.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\dlg\ftd\main.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\dlg\ftd\ToolbarFirstTimeDialog.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\dlg\ftd\ToolbarFirstTimeDialog.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\dlg\ftd\images\app-store-icon.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\dlg\ftd\images\arrow.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\dlg\ftd\images\dialog_tip_left.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\dlg\ftd\images\dialog_tip_right.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\dlg\ftd\images\divider.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\dlg\ftd\images\emailNotifier.gif, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\dlg\ftd\images\facebook.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\dlg\ftd\images\radio.GIF, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\dlg\ftd\images\Thumbs.db, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\dlg\ftd\images\truste_welcome.GIF, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\dlg\ftd\images\weather.GIF, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\gadgetFrame\gf.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\gadgetFrame\lgf.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\gf\gf.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\gf\lgf.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\gf\css\gf.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\gf\css\gf_ie.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\gf\img\ie_back.gif, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\gf\img\loader.gif, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\gf\img\resize.gif, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\gf\img\sprites.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\gf\js\gf.view.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\gf\js\lgf.view.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\menu\popup.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\menu\css\menu.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\menu\img\arrow-down-strong.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\menu\img\arrow-down.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\menu\img\arrow-left-strong.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\menu\img\arrow-left.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\menu\img\arrow-right-strong.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\menu\img\arrow-right.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\menu\img\arrows.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\menu\js\jquery.ellipsis.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\menu\js\jquery.scrollTo-1.4.2-min.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\menu\js\menu.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\menu\js\renderHandler.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\menu\js\scrollers.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\ui\menu\js\showHandler.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\browserAppApi.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\APPLICATION_BUTTON\bgpage.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\APPLICATION_BUTTON\Js\bgpage.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\APPLICATION_BUTTON\resources\defaultEngineImage.gif, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\EMAIL_NOTIFIER\bgPage.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\EMAIL_NOTIFIER\popup.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\EMAIL_NOTIFIER\css\en.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\EMAIL_NOTIFIER\css\en_rtl.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\EMAIL_NOTIFIER\css\jquery.jscrollpane.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\EMAIL_NOTIFIER\js\AccountManager.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\EMAIL_NOTIFIER\js\bgPage.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\EMAIL_NOTIFIER\js\EN.model.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\EMAIL_NOTIFIER\js\IMAPExecuter.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\EMAIL_NOTIFIER\js\Inboxer.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\EMAIL_NOTIFIER\js\Invoker.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\EMAIL_NOTIFIER\js\MailDecoder.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\EMAIL_NOTIFIER\js\MailMerger.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\EMAIL_NOTIFIER\js\POP3Executer.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\EMAIL_NOTIFIER\js\Popup.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\EMAIL_NOTIFIER\js\providerHelper.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\EMAIL_NOTIFIER\js\Providers.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\EMAIL_NOTIFIER\js\sdk.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\EMAIL_NOTIFIER\js\SettingsManager.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\EMAIL_NOTIFIER\js\Timer.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\EMAIL_NOTIFIER\js\Translation.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\EMAIL_NOTIFIER\js\Utils.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\EMAIL_NOTIFIER\js\plugins\jquery.jscrollpane.min.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\EMAIL_NOTIFIER\js\plugins\jquery.mousewheel.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\EMAIL_NOTIFIER\js\plugins\jquery.text-overflow.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\EMAIL_NOTIFIER\js\plugins\jquery.watermark.min.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\HIGHLIGHTER\bgpage.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\HIGHLIGHTER\embedded.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\HIGHLIGHTER\popup.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\HIGHLIGHTER\css\embedded.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\HIGHLIGHTER\css\popup.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\HIGHLIGHTER\css\reset.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\HIGHLIGHTER\js\bgpage.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\HIGHLIGHTER\js\embedded.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\HIGHLIGHTER\js\higlighter_script.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\HIGHLIGHTER\js\popup.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\MULTI_RSS\bgpage.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\MULTI_RSS\popup.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\MULTI_RSS\css\popup.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\MULTI_RSS\img\arrows.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\MULTI_RSS\img\badges.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\MULTI_RSS\img\icons.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\MULTI_RSS\js\bgpage.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\MULTI_RSS\js\popup.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\MULTI_RSS\js\sdk.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\MULTI_RSS\js\resources\jquery.text-overflow.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\MULTI_RSS\js\resources\jquery.tmpl.min.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\MULTI_RSS\js\resources\webAppUtils.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\MULTI_RSS\js\resources\xml2json.custom.min.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\bgpage.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\embedded.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\NotificationPopup.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\Settings.htm, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\Settings.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\css\gadget.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\css\general.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\css\Main.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\css\newMain.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\css\settings.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\css\ui.stepper.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\images\closeIcon.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\images\downArrow.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\images\settingsIcon.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\images\upArrow.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\images\dark\close.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\images\dark\Next.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\images\dark\Next_hover.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\images\dark\powered-by.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\images\dark\Prev.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\images\dark\Prev_hover.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\images\dark\settings.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\images\light\close.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\images\light\Next.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\images\light\Next_hover.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\images\light\powered-by.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\images\light\Prev.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\images\light\Prev_hover.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\images\light\settings.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\js\AppName.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\js\bgpage.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\js\bgpageEarly.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\js\commons.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\js\jquery.ezmark.min.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\js\notification.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\js\NotificationSettings.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\js\notificationUIManger.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\js\sdk.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\js\Settings.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\js\stepper.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\NOTIFICATION\js\ToolbarAndAppsSettings.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\Optimizer\bgpage.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\Optimizer\js\bgpage.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\PRICE_GONG\bgpage.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\PRICE_GONG\bgpage.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\PRICE_GONG\pg_offers.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\PRICE_GONG\pg_offers.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\PRICE_GONG\agreement\agree.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\PRICE_GONG\agreement\agree.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\PRICE_GONG\agreement\Close.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\PRICE_GONG\agreement\Image.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\PRICE_GONG\agreement\Logo.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\PRICE_GONG\agreement\OK_Btn.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\PRICE_GONG\agreement\Topbg.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\PRICE_GONG\css\gadget.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\PRICE_GONG\css\ie7styles.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\PRICE_GONG\css\iestyle.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\PRICE_GONG\css\custom-theme\jquery-ui-1.8.10.custom.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\PRICE_GONG\images\icon.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\PRICE_GONG\menu_dlg\email.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\PRICE_GONG\menu_dlg\h.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\PRICE_GONG\menu_dlg\info.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\PRICE_GONG\menu_dlg\pg_dlg.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\PRICE_GONG\menu_dlg\v.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\PRICE_GONG\menu_dlg\x.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\RADIO_PLAYER\bgpage.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\RADIO_PLAYER\embedded.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\RADIO_PLAYER\popup2.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\RADIO_PLAYER\css\gadget.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\RADIO_PLAYER\css\jquery.jscrollpane.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\RADIO_PLAYER\css\reset.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\RADIO_PLAYER\css\stations.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\RADIO_PLAYER\css\custom-theme\jquery-ui-1.8.10.custom.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\RADIO_PLAYER\js\bgpage.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\RADIO_PLAYER\js\bgpageEarly.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\RADIO_PLAYER\js\embedded.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\RADIO_PLAYER\js\embeddedEarly.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\RADIO_PLAYER\js\localization.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\RADIO_PLAYER\js\player.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\RADIO_PLAYER\js\popup.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\RADIO_PLAYER\js\resources\BrowserDetect.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\RADIO_PLAYER\js\resources\jquery-ui-1.8.10.custom.min.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\RADIO_PLAYER\js\resources\jquery.jscrollpane.min.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\RADIO_PLAYER\js\resources\jquery.mousewheel.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\RADIO_PLAYER\js\resources\jquery.scrollTo-1.4.2-min.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\RADIO_PLAYER\js\resources\radioCommon.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\RADIO_PLAYER\js\resources\sdk.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\RADIO_PLAYER\js\resources\system.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\RADIO_PLAYER\js\resources\utils.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\SEARCH\bgpage.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\SEARCH\embedded.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\SEARCH\information.popup.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\SEARCH\buildSettings\SearchApp_Ant.xml, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\SEARCH\Css\information.popup.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\SEARCH\js\bgpage.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\SEARCH\js\common.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\SEARCH\js\contentManager.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\SEARCH\js\historyProvider.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\SEARCH\js\information.popup.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\SEARCH\js\layoutManager.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\SEARCH\js\sdk.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\SEARCH\js\searchListener.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\SEARCH\js\selectionListener.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\SEARCH\js\suggestProvider.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\SEARCH\resources\buttonSprites.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\SEARCH\resources\defaultEngineImage.gif, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\SEARCH\resources\dropdownButton.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\SEARCH\resources\history--x-default.jpg, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\SEARCH\resources\history--x-default.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\SEARCH\resources\history--x-mouseover.jpg, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\SEARCH\resources\history--x-mouseover.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\SEARCH\resources\removeButton.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\SEARCH\resources\removeButtonHover.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\SEARCH\view\script\view.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\SEARCH\view\style\default.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\SEARCH\view\style\rsx\dd-arrow.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\SEARCH\view\style\rsx\ie8.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\TWITTER\bgpage.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\TWITTER\popup.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\TWITTER\popup.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\TWITTER\img\icons.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\TWITTER\img\inbox.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\TWITTER\img\scroll_down.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\TWITTER\img\scroll_up.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\TWITTER\js\bgpage.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\TWITTER\js\Config.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\TWITTER\js\localization.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\TWITTER\js\popup.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\TWITTER\js\sdk.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\TWITTER\js\Utils.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\TWITTER\resources\ajax-loader.gif, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\TWITTER\resources\icons.png, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\TWITTER\resources\jquery.tmpl.min.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\TWITTER\resources\yManager.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\TWITTER\resources\yStore.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\WEATHER\bgpage.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\WEATHER\popup.html, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\WEATHER\css\gadget.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\WEATHER\css\ie7styles.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\WEATHER\css\iestyle.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\WEATHER\js\bgpage.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\WEATHER\js\common.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\WEATHER\js\date-functions.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\WEATHER\js\gadget.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\WEATHER\js\jquery.autocomplete.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\WEATHER\js\jquery.textshadow.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\WEATHER\js\logic.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\WEATHER\js\main.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\al\wa\WEATHER\js\xPath.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\core\corelibs.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\core\framework.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\core\utils.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\lib\al.view.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\lib\al.viewPerformanceLog.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\lib\background.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\lib\ie_fix.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\lib\jquery.min.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\lib\jquery.tmpl.min.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\lib\jquery.xml2json.custom.min.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\lib\jquery.xml2json.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\lib\json2.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\lib\json2.min.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\lib\script2injectEmbedded.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\lib\script2injectPopup.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\lib\jquery.alerts\jquery.alerts.css, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\lib\jquery.alerts\jquery.alerts.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\lib\jquery.alerts\images\help.gif, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\lib\jquery.alerts\images\important.gif, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\lib\jquery.alerts\images\info.gif, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\lib\jquery.alerts\images\title.gif, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\tb\sl\serviceLayer.js, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
PUP.Optional.MixiDJ.A, C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\_locales\en\messages.json, Quarantined, [fbb7a7ccaccfcd69bfca374f59a92fd1], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=7b812da1f62ccf4eb8d9c49323293719
# engine=18564
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-06-05 09:15:47
# local_time=2014-06-05 02:15:47 (-0800, Pacific Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 0 153503197 0 0
# scanned=331585
# found=13
# cleaned=0
# scan_time=5666
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir"
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert0.dll.vir"
sh=EB472A5F5CDBE47E5B53942F1971B26AF19A4945 ft=1 fh=c2ec1e05be884624 vn="a variant of Win32/Toolbar.Conduit.Y potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\LegacyLA2\AppData\Local\Conduit\Community Alerts\Alert.dll.vir"
sh=C4B4E661DBB040F34CFCE39EB481F8DA69C767D9 ft=0 fh=0000000000000000 vn="a variant of Win32/Toolbar.Conduit.AH potentially unwanted application" ac=I fn="C:\Users\LegacyLA2\AppData\Local\CRE\dknnnemlggnbpceofncdgnakmgfnhbli.crx"
sh=02FD771C18E390DE31A664FA6F243CDD6CA10385 ft=0 fh=0000000000000000 vn="a variant of Win32/Toolbar.Conduit.AH potentially unwanted application" ac=I fn="C:\Users\LegacyLA2\AppData\Local\CRE\oajgghejjpgkmpgbchgjieahoefimdle.crx"
sh=FC1D4D0CB36E4C0259A1CD3B60D1EF6EF48C0BB5 ft=1 fh=32d1c175243ad0eb vn="a variant of Win32/Toolbar.Conduit.AH potentially unwanted application" ac=I fn="C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dknnnemlggnbpceofncdgnakmgfnhbli\10.15.0.62_0\plugins\ConduitChromeApiPlugin.dll"
sh=FC1D4D0CB36E4C0259A1CD3B60D1EF6EF48C0BB5 ft=1 fh=32d1c175243ad0eb vn="a variant of Win32/Toolbar.Conduit.AH potentially unwanted application" ac=I fn="C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data-old\Default\Extensions\dknnnemlggnbpceofncdgnakmgfnhbli\10.15.0.62_0\plugins\ConduitChromeApiPlugin.dll"
sh=F1AD8D1A515416F4A9CD288CF89309253B7E6F22 ft=1 fh=cd8d8ac6fdd37d8e vn="a variant of Win32/Toolbar.Conduit.AH potentially unwanted application" ac=I fn="C:\Users\LegacyLA2\AppData\Local\Google\Chrome\User Data-old\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\plugins\ConduitChromeApiPlugin.dll"
sh=AB7E4869880EC9577223E725E1210984BE8D9ED4 ft=1 fh=8b92c8db0bd3434b vn="a variant of Win32/Toolbar.Conduit.AH potentially unwanted application" ac=I fn="C:\Users\LegacyLA2\AppData\Local\Google\Chrome Frame\User Data\iexplore\Default\Extensions\dknnnemlggnbpceofncdgnakmgfnhbli\10.16.2.509_0\plugins\ConduitChromeApiPlugin.dll"
sh=25826473F0F16074D70DEA5859F3E63CD950C52A ft=1 fh=b0e16b56ab8bf4c5 vn="a variant of Win32/Conduit.SearchProtect.N potentially unwanted application" ac=I fn="C:\Users\LegacyLA2\AppData\Local\Google\Chrome Frame\User Data\iexplore\Default\Extensions\dknnnemlggnbpceofncdgnakmgfnhbli\10.26.0.540_0\APISupport\APISupport.dll"
sh=47684BC9F96872C4134DD46689D013BD8E51A14A ft=1 fh=47ffb6bc73749a57 vn="Win32/Toolbar.Conduit.AH potentially unwanted application" ac=I fn="C:\Users\LegacyLA2\AppData\Local\Google\Chrome Frame\User Data\iexplore\Default\Extensions\dknnnemlggnbpceofncdgnakmgfnhbli\10.26.0.540_0\nativeMessaging\TBMessagingHost.exe"
sh=25826473F0F16074D70DEA5859F3E63CD950C52A ft=1 fh=b0e16b56ab8bf4c5 vn="a variant of Win32/Conduit.SearchProtect.N potentially unwanted application" ac=I fn="C:\Users\LegacyLA2\AppData\Local\Google\Chrome Frame\User Data\iexplore\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.26.0.540_0\APISupport\APISupport.dll"
sh=47684BC9F96872C4134DD46689D013BD8E51A14A ft=1 fh=47ffb6bc73749a57 vn="Win32/Toolbar.Conduit.AH potentially unwanted application" ac=I fn="C:\Users\LegacyLA2\AppData\Local\Google\Chrome Frame\User Data\iexplore\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.26.0.540_0\nativeMessaging\TBMessagingHost.exe"


#12 Valinorum

Valinorum

    Shadow Hide The Hunter


  • Malware Response Instructor
  • 1,653 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:25 PM

Posted 05 June 2014 - 10:43 AM

Before I post my fix can you please check Chrome extension to see if everything is in order. If you see the culprit extensions please remove them and tell me if they returns.

Geek U Graduate

I close my topic(s) with no replies for more than 4 days. PM me or Moderators to reactivate. All helps are provided via forum ergo do not PM me for help.

 


#13 aapinedo1

aapinedo1
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:25 AM

Posted 05 June 2014 - 11:10 AM

Hi V.

 

I have checked Chrome and the suspect extensions are not installed.

 

a



#14 aapinedo1

aapinedo1
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:25 AM

Posted 05 June 2014 - 11:14 AM

I am still being redirected to suspect sites however. McAfee site adviser is now blocking the sites however.

 

a



#15 Valinorum

Valinorum

    Shadow Hide The Hunter


  • Malware Response Instructor
  • 1,653 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:25 PM

Posted 05 June 2014 - 11:19 AM

Yes, I also see traces of the infection. One more query, does the redirection happens with every browser? I will be out now and will post a reply by tomorrow. Thanks for your patience.

Geek U Graduate

I close my topic(s) with no replies for more than 4 days. PM me or Moderators to reactivate. All helps are provided via forum ergo do not PM me for help.

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users