Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Is this a virus "trackid=sp-006" and how do i remove it?


  • This topic is locked This topic is locked
8 replies to this topic

#1 MassagePS

MassagePS

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Palm Springs Great-Grandmother
  • Local time:02:32 PM

Posted 25 July 2015 - 10:18 PM

Vista PC.

 

This is the Farbar scan:  (I have also included the Malwarebytes scan further in post)

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-07-2015
Ran by Sandy (administrator) on SANDY-PC- (25-07-2015 20:45:47)
Running from C:\Users\Sandy\Desktop
Loaded Profiles: Sandy & UpdatusUser (Available Profiles: Sandy & UpdatusUser)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files\NETGEAR\WNA1100\WifiSvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files\NETGEAR\WNA1100\WNA1100.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
() C:\Program Files\Everything\Everything.exe
() C:\Program Files\Everything\Everything.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [602624 2009-03-12] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-22] (Avast Software s.r.o.)
HKLM\...\Run: [jswtrayutil] => "C:\Program Files\NETGEAR\WNA1100\jswtrayutil.exe"
HKU\S-1-5-21-2675523129-3664480364-4030225571-1000\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner.exe [4626712 2014-07-23] (Piriform Ltd)
HKU\S-1-5-21-2675523129-3664480364-4030225571-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2014-07-16] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA1100 Genie.lnk [2014-07-24]
ShortcutTarget: NETGEAR WNA1100 Genie.lnk -> C:\Program Files\NETGEAR\WNA1100\WNA1100.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-05-22] (Avast Software s.r.o.)
BootExecute: autocheck autochk * sdnclean.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2675523129-3664480364-4030225571-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyServer: [S-1-5-21-2675523129-3664480364-4030225571-1000] => localhost:8080
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_page_URL = http://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=nofound&Br=EM&Loc=ENG_US&Sys=DTP&M=T3642
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2675523129-3664480364-4030225571-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2675523129-3664480364-4030225571-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
SearchScopes: HKU\S-1-5-21-2675523129-3664480364-4030225571-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2675523129-3664480364-4030225571-1000 -> {67D7E2F6-D94C-4E82-8C49-9C5183E57C00} URL = 
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-11] (Avast Software s.r.o.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-17] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-17] (Google Inc.)
Toolbar: HKU\S-1-5-21-2675523129-3664480364-4030225571-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-17] (Google Inc.)
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2013-04-16] (Belarc, Inc.)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{CD926C69-C072-4051-8187-8EBD08515688}: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-04-18]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-13]
 
Chrome: 
=======
CHR Profile: C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-08]
CHR Extension: (Google Drive) - C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-08]
CHR Extension: (YouTube) - C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-08]
CHR Extension: (Google Search) - C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-08]
CHR Extension: (No Name) - C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm [2015-03-29]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Gmail) - C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-08]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-18]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 AOL ACS; C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe [46640 2006-10-23] (AOL LLC)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-22] (Avast Software s.r.o.)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2008-11-19] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [694784 2009-09-08] (Hewlett-Packard Co.) [File not signed]
S3 jswpsapi; C:\Program Files\NETGEAR\WNA1100\jswpsapi.exe [960992 2010-03-22] (Atheros Communications, Inc.)
R2 KSS; C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328 2012-12-07] (Kaspersky Lab ZAO)
S2 MBAMService; C:\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)
R2 WSWNA1100; C:\Program Files\NETGEAR\WNA1100\WifiSvc.exe [297440 2011-07-28] ()
S4 sprtsvc_verizondm; C:\Program Files\VERIZONDM\bin\sprtsvc.exe /service /p verizondm [X]
S4 tgsrvc_verizondm; C:\Program Files\VERIZONDM\bin\tgsrvc.exe /p verizondm [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 ac97intc; C:\Windows\System32\drivers\ac97intc.sys [108032 2006-11-02] (Intel Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-05-22] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-05-22] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55200 2015-05-22] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-05-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-05-22] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [428120 2015-06-26] (Avast Software s.r.o.)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57888 2015-05-22] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-05-22] ()
R3 athur; C:\Windows\System32\DRIVERS\athur.sys [1439744 2010-10-10] (Atheros Communications, Inc.)
S3 ATWPKT2; C:\Windows\system32\drivers\ATWPKT2.SYS [24696 2012-09-18] (America Online)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-07-13] (AVG Technologies)
R1 Cdr4_xp; C:\Windows\system32\Drivers\Cdr4_xp.sys [44288 2005-09-07] (Sonic Solutions) [File not signed]
R1 Cdralw2k; C:\Windows\system32\Drivers\Cdralw2k.sys [24960 2005-09-07] (Sonic Solutions) [File not signed]
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [164952 2013-04-22] (BitDefender LLC)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [94936 2015-06-18] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [98520 2015-07-25] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation)
S3 NETw2v32; C:\Windows\System32\DRIVERS\NETw2v32.sys [2589184 2006-11-02] (Intel® Corporation)
R3 Nmea; C:\Windows\System32\DRIVERS\pctnullport.sys [38680 2008-10-15] (PCTEL Inc.)
S3 PCASp50; C:\Windows\System32\Drivers\PCASp50.sys [27072 2008-10-15] (Printing Communications Assoc., Inc. (PCAUSA))
R0 SCMNdisP; C:\Windows\System32\DRIVERS\scmndisp.sys [21472 2011-07-22] (Windows ® Win 7 DDK provider)
S3 swmsflt; C:\Windows\System32\drivers\swmsflt.sys [28288 2009-01-14] ()
S3 SWNC8U80; C:\Windows\System32\DRIVERS\swnc8u80.sys [190080 2009-03-31] (Sierra Wireless Inc.)
S3 SWNC8UA3; C:\Windows\System32\DRIVERS\swnc8ua3.sys [190080 2009-03-31] (Sierra Wireless Inc.)
S3 SWUMX80; C:\Windows\System32\DRIVERS\swumx80.sys [148096 2009-05-04] (Sierra Wireless Inc.)
S3 SWUMXA3; C:\Windows\System32\DRIVERS\swumxa3.sys [148096 2009-05-04] (Sierra Wireless Inc.)
R1 tcpipBM; C:\Windows\system32\Drivers\tcpipBM.sys [24064 2009-10-09] (Bytemobile, Inc.) [File not signed]
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [26624 2014-06-04] () [File not signed]
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [355744 2013-05-28] (BitDefender S.R.L.)
R3 wanatw; C:\Windows\System32\DRIVERS\wanatw4.sys [33588 2006-11-29] (America Online, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S1 bdselfpr; \??\C:\Users\Sandy\AppData\Local\Temp\RarSFX0\bdselfpr.sys [X]
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; \??\C:\Users\Sandy\AppData\Local\Temp\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 MREMP50; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 SymIM; system32\DRIVERS\SymIM.sys [X]
S3 SymIMMP; system32\DRIVERS\SymIM.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-07-25 20:45 - 2015-07-25 20:47 - 00015328 _____ C:\Users\Sandy\Desktop\FRST.txt
2015-07-25 20:07 - 2015-07-25 20:08 - 01650688 _____ (Farbar) C:\Users\Sandy\Desktop\FRST.exe
2015-07-25 19:44 - 2015-07-25 19:46 - 162979904 _____ C:\Users\Sandy\Desktop\Unconfirmed 475126.crdownload
2015-07-25 19:28 - 2015-07-25 19:32 - 162979904 _____ C:\Users\Sandy\Desktop\EmsisoftEmergencyKit.exe
2015-07-25 19:13 - 2015-07-25 19:13 - 00070224 _____ C:\PUP mindspark.A files and folders.txt
2015-07-25 18:11 - 2015-07-25 18:11 - 00000653 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-07-25 18:11 - 2015-07-25 18:11 - 00000000 ____D C:\Malwarebytes Anti-Malware
2015-07-25 17:17 - 2015-07-25 17:17 - 00000430 _____ C:\Users\Sandy\Desktop\joe piscopo.htm
2015-07-25 17:05 - 2015-07-25 17:05 - 00021661 _____ C:\Users\Sandy\Joe Piscopo6.html
2015-07-25 17:05 - 2015-07-25 17:05 - 00000000 ____D C:\Users\Sandy\Joe Piscopo6_files
2015-07-24 20:42 - 2015-07-24 20:43 - 00000000 ____D C:\Windows\LastGood.Tmp
2015-07-13 23:12 - 2015-07-13 23:12 - 00002531 _____ C:\Users\Sandy\Desktop\Cell Phone Plans _ Cellular Phone Plans – Consumer Cellular.lnk
2015-07-10 22:11 - 2015-05-22 01:03 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-07-06 20:38 - 2015-07-06 20:38 - 00002179 _____ C:\Users\Sandy\Desktop\End Times _ Bible Prophecy.lnk
2015-07-02 17:47 - 2015-07-02 17:47 - 00003972 _____ C:\Users\Sandy\prophsy by kim clement.txt
2015-06-29 21:16 - 2015-06-26 11:15 - 00428120 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\asw1286.tmp
2015-06-29 21:16 - 2015-05-22 01:03 - 00787760 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswE5C.tmp
2015-06-29 21:16 - 2015-05-22 01:03 - 00209048 _____ C:\Windows\system32\Drivers\asw12E5.tmp
2015-06-29 21:16 - 2015-05-22 01:03 - 00074976 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\asw10CF.tmp
2015-06-29 21:16 - 2015-05-22 01:03 - 00057888 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\asw142D.tmp
2015-06-29 21:16 - 2015-05-22 01:03 - 00055200 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswFC4.tmp
2015-06-29 21:16 - 2015-05-22 01:03 - 00049904 _____ C:\Windows\system32\Drivers\asw118B.tmp
2015-06-29 21:16 - 2015-05-22 01:03 - 00024144 _____ C:\Windows\system32\Drivers\asw1042.tmp
2015-06-27 16:18 - 2015-06-27 16:18 - 00041546 _____ C:\Users\Sandy\Desktop\CELL PHONES.txt
2015-06-25 04:24 - 2015-06-25 04:24 - 00002415 _____ C:\Users\Sandy\Desktop\Home - Coast to Coast AM.lnk
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-07-25 20:45 - 2014-05-27 22:52 - 00000000 ____D C:\FRST
2015-07-25 20:43 - 2013-07-12 07:49 - 00000000 ____D C:\Program Files\Everything
2015-07-25 20:14 - 2006-11-02 05:47 - 00003168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-25 20:14 - 2006-11-02 05:47 - 00003168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-25 20:11 - 2007-11-17 18:16 - 02092872 _____ C:\Windows\WindowsUpdate.log
2015-07-25 20:08 - 2014-12-30 21:37 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-25 20:03 - 2013-08-18 19:48 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-25 18:26 - 2014-05-24 22:41 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-25 18:16 - 2013-08-18 11:25 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-25 18:15 - 2013-06-26 08:44 - 00016384 _____ C:\Windows\system32\Ikeext.etl
2015-07-25 18:14 - 2014-03-23 17:34 - 00132630 _____ C:\Windows\PFRO.log
2015-07-25 18:14 - 2006-11-02 06:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-25 18:12 - 2006-11-02 06:01 - 00032654 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-25 18:11 - 2014-06-04 14:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2
2015-07-25 17:06 - 2008-04-14 12:37 - 00000000 ____D C:\Users\Sandy
2015-07-25 10:19 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\tracing
2015-07-24 20:42 - 2014-07-24 14:03 - 00000866 _____ C:\Users\Public\Desktop\NETGEAR WNA1100 Genie.lnk
2015-07-20 16:57 - 2007-11-17 18:32 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-14 23:04 - 2008-04-17 15:19 - 00006998 _____ C:\Users\Sandy\AppData\Roaming\wklnhst.dat
2015-07-10 22:11 - 2015-06-09 12:12 - 00001789 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-07-10 22:04 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\system32\spool
2015-07-10 22:04 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\registration
2015-07-10 22:04 - 2006-11-02 03:22 - 49020928 _____ C:\Windows\system32\config\software_previous
2015-07-10 22:04 - 2006-11-02 03:22 - 40632320 _____ C:\Windows\system32\config\components_previous
2015-07-10 22:04 - 2006-11-02 03:22 - 31719424 _____ C:\Windows\system32\config\system_previous
2015-07-10 22:04 - 2006-11-02 03:22 - 06029312 _____ C:\Windows\system32\config\default_previous
2015-07-10 22:04 - 2006-11-02 03:22 - 00262144 _____ C:\Windows\system32\config\security_previous
2015-07-10 22:04 - 2006-11-02 03:22 - 00262144 _____ C:\Windows\system32\config\sam_previous
2015-07-06 16:34 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\system32\Msdtc
2015-07-06 16:33 - 2015-03-13 22:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-06-26 11:15 - 2014-04-13 00:01 - 00428120 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
 
==================== Files in the root of some directories =======
 
2013-09-27 13:59 - 2013-09-27 14:00 - 0000005 _____ () C:\Users\Sandy\AppData\Roaming\mbam.context.scan
2014-04-10 21:13 - 2014-04-10 21:13 - 0031007 _____ () C:\Users\Sandy\AppData\Roaming\UserTile.png
2008-04-17 15:19 - 2015-07-14 23:04 - 0006998 _____ () C:\Users\Sandy\AppData\Roaming\wklnhst.dat
2013-07-14 04:41 - 2013-07-14 04:41 - 0179193 _____ () C:\Users\Sandy\AppData\Local\ars.cache
2013-07-14 04:41 - 2013-07-14 04:41 - 0189759 _____ () C:\Users\Sandy\AppData\Local\census.cache
2008-09-23 13:04 - 2014-08-26 20:36 - 0001356 _____ () C:\Users\Sandy\AppData\Local\d3d9caps.dat
2008-04-14 12:55 - 2013-06-09 10:00 - 0024064 _____ () C:\Users\Sandy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-14 04:09 - 2013-07-14 04:09 - 0000036 _____ () C:\Users\Sandy\AppData\Local\housecall.guid.cache
2008-09-11 13:54 - 2014-02-06 15:18 - 0010273 _____ () C:\ProgramData\hpzinstall.log
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-07-25 18:20
 
==================== End of log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 25-07-2015
Ran by Sandy at 2015-07-25 20:47:38
Running from C:\Users\Sandy\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2675523129-3664480364-4030225571-500 - Administrator - Disabled)
Guest (S-1-5-21-2675523129-3664480364-4030225571-501 - Limited - Disabled)
Sandy (S-1-5-21-2675523129-3664480364-4030225571-1000 - Administrator - Enabled) => C:\Users\Sandy
UpdatusUser (S-1-5-21-2675523129-3664480364-4030225571-1001 - Limited - Enabled) => C:\Users\UpdatusUser
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
4500_G510nz_Help_Web (Version: 000.0.440.000 - Hewlett-Packard) Hidden
4500_Help (Version: 1.00.0000 - Hewlett-Packard) Hidden
4500G510nz_Software_Min (Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510nz_web (Version: 000.0.439.000 - Hewlett-Packard) Hidden
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Reader 8.3.1 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A83000000003}) (Version: 8.3.1 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-2675523129-3664480364-4030225571-1000\...\Amazon Kindle) (Version:  - Amazon)
AOL Uninstaller (Choose which Products to Remove) (HKLM\...\AOL Uninstaller) (Version:  - AOL Inc.)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.2.2218 - AVAST Software)
Belarc Advisor 8.4 (HKLM\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
BPD_HPSU (Version: 1.00.0000 - Hewlett-Packard) Hidden
bpd_scan (Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (Version: 50.0.165.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (Version: 1.00.0000 - Hewlett-Packard) Hidden
BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
CCScore (Version: 6.02.1001.0001 - EASTMAN KODAK Company) Hidden
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Destination Component (Version: 100.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 100.0.190.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Digital Media Reader (HKLM\...\InstallShield_{BE2CC4A5-2128-4EA2-941D-14F7A6A1AB61}) (Version: 2.01.03.01 - AlcorMicro)
Digital Media Reader (Version: 2.01.03.01 - AlcorMicro) Hidden
DocMgr (Version: 100.0.201.000 - Hewlett-Packard) Hidden
DocProc (Version: 10.0.0.0 - Hewlett-Packard) Hidden
DocProcQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
eMachines Connect (HKLM\...\{DF86A72C-4585-4D75-B592-968C8C6604A1}) (Version: 1.1.0 - Acceller)
eMachines Recovery Center Installer (HKLM\...\{7F3BCF8A-8E02-4659-AF25-F9AB66BD6718}) (Version: 1.01.033 - eMachines)
ESSBrwr (Version: 6.04.0000.0001 - EASTMAN KODAK Company) Hidden
ESSCDBK (Version: 6.04.0000.0001 - EASTMAN KODAK Company) Hidden
ESScore (Version: 6.04.0000.0003 - EASTMAN KODAK Company) Hidden
ESSgui (Version: 6.04.0000.0001 - EASTMAN KODAK Company) Hidden
ESSini (Version: 6.04.0000.0001 - EASTMAN KODAK Company) Hidden
ESSPCD (Version: 6.04.0000.0001 - EASTMAN KODAK Company) Hidden
ESSPDock (Version: 6.03.0001.0004 - EASTMAN KODAK Company) Hidden
ESSSONIC (Version: 6.4.0000.0001 - EASTMAN KODAK Company) Hidden
ESSTOOLS (Version: 5.00.0000.0004 - EASTMAN KODAK Company) Hidden
essvatgt (Version: 6.04.0000.0001 - EASTMAN KODAK Company) Hidden
eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Everything 1.2.1.371 (HKLM\...\Everything) (Version:  - )
Fax (Version: 100.0.187.000 - Hewlett-Packard) Hidden
fflink (Version: 6.02.1001.0001 - EASTMAN KODAK Company) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 44.0.2403.107 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6710.2136 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.1 - Google Inc.) Hidden
GPBaseService (Version: 100.0.187.000 - Hewlett-Packard) Hidden
HijackThis 1.99.1 (HKLM\...\HijackThis) (Version: 1.99.1 - Soeperman Enterprises Ltd.)
HP Document Manager 1.0 (HKLM\...\HP Document Manager) (Version: 1.0 - HP)
HP Imaging Device Functions 10.0 (HKLM\...\HP Imaging Device Functions) (Version: 10.0 - HP)
HP Officejet 4500 G510n-z (HKLM\...\{F27CFD16-939A-4232-98CD-180898D14713}) (Version: 13.0 - HP)
HP Officejet J4500 Series (HKLM\...\{CD0773D5-C18E-495c-B39B-21A96415EDD5}) (Version: 1.0 - HP)
HP Photosmart Essential (HKLM\...\{EB21A812-671B-4D08-B974-2A347F0D8F70}) (Version: 1.12.0.46 - HP)
HP Photosmart Essential 2.5 (HKLM\...\HP Photosmart Essential) (Version: 2.5 - HP)
HP Product Detection (HKLM\...\{8A9FC225-75F6-4B5D-911C-0ED230565643}) (Version: 11.15.0009 - HP)
HP Smart Web Printing (HKLM\...\HP Smart Web Printing) (Version: 3.5 - HP)
HP Solution Center 10.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 10.0 - HP)
HP Update (HKLM\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
HPProductAssistant (Version: 100.0.170.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 100.0.170.000 - Hewlett-Packard) Hidden
IHA_MessageCenter (HKLM\...\{80813829-BE27-4799-8BC7-2F75A7B6CB50}) (Version: 1.1.0 - Verizon)
J4500 (Version: 50.0.165.000 - Hewlett-Packard) Hidden
Kaspersky Security Scan (HKLM\...\InstallWIX_{56009CA3-423B-41F8-884A-E5B049534F15}) (Version: 12.0.1.340 - Kaspersky Lab)
Kaspersky Security Scan (Version: 12.0.1.340 - Kaspersky Lab) Hidden
kgcbaby (Version: 5.03.0000.0002 - EASTMAN KODAK Company) Hidden
kgcbase (Version: 5.03.0000.0004 - EASTMAN KODAK Company) Hidden
kgchday (Version: 5.03.0000.0002 - EASTMAN KODAK Company) Hidden
kgchlwn (Version: 5.03.0000.0002 - EASTMAN KODAK Company) Hidden
kgcinvt (Version: 5.03.0000.0003 - EASTMAN KODAK Company) Hidden
kgckids (Version: 6.03.0001.0001 - EASTMAN KODAK Company) Hidden
kgcmove (Version: 6.03.0001.0001 - EASTMAN KODAK Company) Hidden
kgcvday (Version: 5.03.0000.0002 - EASTMAN KODAK Company) Hidden
Kodak EasyShare software (HKLM\...\{D32470A1-B10C-4059-BA53-CF0486F68EBC}) (Version:  - Eastman Kodak Company)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft WSE 2.0 SP3 Runtime (HKLM\...\{F3CA9611-CD42-4562-ADAB-A554CF8E17F1}) (Version: 2.0.5050.0 - Microsoft Corp.)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Napster Burn Engine (Version: 3.5.0000 - Roxio) Hidden
netbrdg (Version: 6.04.0000.0001 - EASTMAN KODAK Company) Hidden
NETGEAR WNA1100 N150 Wireless USB Adapter (HKLM\...\{A2AE9709-283B-4B48-AA34-729C070A62FB}) (Version: 1.0.0.133 - NETGEAR)
Network (Version: 130.0.550.000 - Hewlett-Packard) Hidden
Nova Invoices & Estimates Pro (HKLM\...\{71022CF8-16D5-48AA-8654-B5F74A01EC37}) (Version: 7.2.239 - Nova Development)
NVIDIA Graphics Driver 307.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.83 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
OCR Software by I.R.I.S. 10.0 (HKLM\...\HPOCR) (Version: 10.0 - HP)
Octoshape add-in for Adobe Flash Player (HKU\S-1-5-21-2675523129-3664480364-4030225571-1000\...\Octoshape add-in for Adobe Flash Player) (Version:  - )
OfotoXMI (Version: 6.04.0000.0001 - EASTMAN KODAK Company) Hidden
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
Palette Previewer™ (HKLM\...\Palette Previewer™) (Version:  - Autech)
Power2Go 5.0 (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version:  - )
ProductContext (Version: 50.0.165.000 - Hewlett-Packard) Hidden
PSSWCORE (Version: 2.02.0000 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5485 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.0.7 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.7 - VS Revo Group, Ltd.)
RTC Client API v1.2 (HKLM\...\{44CDBD1B-89FB-4E02-8319-2A4C550F664A}) (Version: 1.2.0000 - Microsoft)
Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Security Task Manager 2.0d (HKLM\...\Security Task Manager) (Version: 2.0d - Neuber Software)
SFR (Version: 6.04.0000.0001 - Eastman Kodak Company) Hidden
SHASTA (Version: 6.04.0000.0001 - EASTMAN KODAK Company) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 10.0 - HP)
skin0001 (Version: 6.04.0000.0004 - EASTMAN KODAK Company) Hidden
SKINXSDK (Version: 6.02.1001.0001 - EASTMAN KODAK Company) Hidden
SmartWebPrintingOC (Version: 100.0.189.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 100.0.175.000 - Hewlett-Packard) Hidden
Spare Backup (HKLM\...\{A57C6094-FC5A-4DEC-B1E0-1B2F48EEE8F4}) (Version: 3.2 - Spare Backup, Inc)
staticcr (Version: 6.04.0000.0005 - EASTMAN KODAK Company) Hidden
Status (Version: 100.0.175.000 - Hewlett-Packard) Hidden
Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
tooltips (Version: 6.04.0000.0001 - EASTMAN KODAK Company) Hidden
TrayApp (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VideoToolkit01 (Version: 100.0.128.000 - Hewlett-Packard) Hidden
VPRINTOL (Version: 6.04.0000.0001 - EASTMAN KODAK Company) Hidden
WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
WIRELESS (Version: 6.04.0000.0001 - EASTMAN KODAK Company) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2675523129-3664480364-4030225571-1000_Classes\CLSID\{1853e19a-4e54-4190-8deb-2e1cc947cd60}\InprocServer32 -> C:\Program Files\AOL Desktop 9.7\axtrack.dll (AOL Inc.)
CustomCLSID: HKU\S-1-5-21-2675523129-3664480364-4030225571-1000_Classes\CLSID\{7629C9DE-2E38-4963-A01C-02FFAC203D87}\InprocServer32 -> C:\Program Files\AOL Desktop 9.7\axtrack.dll (AOL Inc.)
CustomCLSID: HKU\S-1-5-21-2675523129-3664480364-4030225571-1000_Classes\CLSID\{B9F3009B-976B-41C4-A992-229DCCF3367C}\InprocServer32 -> C:\Program Files\AOL Desktop 9.7\axtrack.dll (AOL Inc.)
CustomCLSID: HKU\S-1-5-21-2675523129-3664480364-4030225571-1001_Classes\CLSID\{1853e19a-4e54-4190-8deb-2e1cc947cd60}\InprocServer32 -> C:\Program Files\AOL Desktop 9.6\axtrack.dll (AOL Inc.)
CustomCLSID: HKU\S-1-5-21-2675523129-3664480364-4030225571-1001_Classes\CLSID\{4052D303-74C5-49EA-BC6B-66099C8D4007}\InprocServer32 -> C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll No File
CustomCLSID: HKU\S-1-5-21-2675523129-3664480364-4030225571-1001_Classes\CLSID\{7629C9DE-2E38-4963-A01C-02FFAC203D87}\InprocServer32 -> C:\Program Files\AOL Desktop 9.6\axtrack.dll (AOL Inc.)
CustomCLSID: HKU\S-1-5-21-2675523129-3664480364-4030225571-1001_Classes\CLSID\{B9F3009B-976B-41C4-A992-229DCCF3367C}\InprocServer32 -> C:\Program Files\AOL Desktop 9.6\axtrack.dll (AOL Inc.)
 
==================== Restore Points =========================
 
05-07-2015 15:13:03 Windows Update
06-07-2015 16:28:24 Restore Operation
06-07-2015 16:37:12 avast! antivirus system restore point
06-07-2015 16:44:11 Windows Update
07-07-2015 22:38:48 Scheduled Checkpoint
09-07-2015 00:00:17 Scheduled Checkpoint
10-07-2015 00:00:20 Scheduled Checkpoint
10-07-2015 22:00:03 Restore Operation
10-07-2015 22:07:12 avast! antivirus system restore point
12-07-2015 00:19:40 Scheduled Checkpoint
12-07-2015 20:51:43 Windows Update
14-07-2015 00:00:20 Scheduled Checkpoint
15-07-2015 00:30:40 Scheduled Checkpoint
16-07-2015 00:00:22 Scheduled Checkpoint
17-07-2015 00:00:22 Scheduled Checkpoint
18-07-2015 00:08:32 Scheduled Checkpoint
19-07-2015 00:16:28 Scheduled Checkpoint
20-07-2015 16:42:48 Windows Update
22-07-2015 00:00:21 Scheduled Checkpoint
23-07-2015 00:00:21 Scheduled Checkpoint
24-07-2015 00:00:21 Scheduled Checkpoint
24-07-2015 20:42:02 Installed NETGEAR WNA1100 N150 Wireless USB Adapter
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2006-11-02 03:23 - 2014-06-15 21:10 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {05DD0931-49D6-4072-A2EC-62FF3A6AD4D3} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Sandy => C:\Program Files\Windows Calendar\WinCal.exe [2008-01-19] (Microsoft Corporation)
Task: {06C4423D-3B5C-457C-9274-0A2C19DC9D57} - System32\Tasks\{C6D1B1F1-6FB7-45E8-B56A-3957BCF3C37F} => pcalua.exe -a "C:\Program Files\QuickTime\QTSystem\QuickTime.cpl" -c QuickTime
Task: {514907DD-EF42-403E-AAF1-AA784A686BFA} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-10] (Avast Software s.r.o.)
Task: {59B89F37-B808-48B6-AE34-E3ABF9E11629} - System32\Tasks\{6BB390F6-BCD3-49C4-AA91-139181EB18E0} => pcalua.exe -a E:\setup.exe -d E:\
Task: {7A942346-5833-48DE-A808-CF1218C5E848} - System32\Tasks\{E8A7629C-7BF8-49B9-BD63-D72C05A53387} => pcalua.exe -a J:\setupSNK.exe -d J:\
Task: {8502CC64-938F-40AE-9F7C-AA82423393B7} - System32\Tasks\{2FD26BAD-5980-40F6-B3D6-C82AAFB0BE31} => pcalua.exe -a C:\ComboFix\NircmdB.exe -d C:\ComboFix
Task: {87F5AEA4-55B1-43DE-966D-CA3895B5F6BF} - System32\Tasks\{C380E015-8FA3-43FC-8EE9-F9DC5EB9266E} => pcalua.exe -a "C:\Program Files\QuickTime\QTSystem\QuickTime.cpl" -c QuickTime
Task: {9148C512-D8BD-42C6-8524-A3D3E780B012} - System32\Tasks\{A052DF78-669C-4D9F-9263-40A686DF645A} => pcalua.exe -a C:\Windows\system32\javacpl.cpl -c Java
Task: {9EFDD391-C563-468D-9071-1B89C2FB2E58} - System32\Tasks\{47C0AC3A-1B55-4B33-BEAE-B631B363A730} => pcalua.exe -a D:\I386\APPS\APP001833\DPInst.exe -d D:\I386\APPS\APP001833\ -c /s /f
Task: {D6C43C93-7D9B-4A67-B909-B8DFA63EA5E4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {D725398D-6140-45E0-A6AB-C2CF93148DE2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-18] (Adobe Systems Incorporated)
Task: {EA957C97-DD2A-4A6F-8698-52B0030417D0} - System32\Tasks\{B6740C14-BAE8-4099-A086-8979247D1E23} => pcalua.exe -a "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" -d "C:\Program Files\HP\Digital Imaging\bin" -c -inst "#Hewlett-Packard#HP Officejet J4500 Series#1239578322" -f "C:\Program Files\HP\Digital Imaging\{CD0773D5-C18E-495c-B39B-21A96415EDD5}\autorun.inf" -testfax "yes"
Task: {EC1A6DAA-05B0-4176-9D27-A751D796EB57} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-18] (Google Inc.)
Task: {FE6C63A6-5A96-458F-9424-5A36334B3E5A} - System32\Tasks\avastBCLRestartS-1-5-21-2675523129-3664480364-4030225571-1000 => Chrome.exe 
Task: {FFDDCAB6-649E-4DC7-91F9-FF7680938A40} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-18] (Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{0EEFA240-F56A-4B20-B82C-3BC99ABE5E09}.job => C:\Windows\system32\msfeedssync.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2007-05-18 22:59 - 2007-05-18 22:59 - 00356928 _____ () C:\Program Files\Spare Backup\sqlite3.dll
2015-03-18 16:27 - 2015-05-22 01:03 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-03-18 16:27 - 2015-05-22 01:03 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-25 13:30 - 2015-07-25 13:30 - 02960384 _____ () C:\Program Files\AVAST Software\Avast\defs\15072501\algo.dll
2013-07-11 00:17 - 2011-07-28 17:06 - 00297440 _____ () C:\Program Files\NETGEAR\WNA1100\WifiSvc.exe
2013-07-11 00:17 - 2011-07-27 11:53 - 00360448 _____ () C:\Program Files\NETGEAR\WNA1100\WifiLib.dll
2015-03-13 22:54 - 2015-03-18 16:29 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-07-11 00:17 - 2011-07-28 17:06 - 08247264 _____ () C:\Program Files\NETGEAR\WNA1100\WNA1100.exe
2013-07-11 00:17 - 2009-08-28 16:50 - 00282624 _____ () C:\Program Files\NETGEAR\WNA1100\WifiSvcLib.dll
2014-04-10 12:42 - 2014-02-10 13:44 - 04592128 _____ () C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-04-10 12:42 - 2014-02-10 13:44 - 00112128 _____ () C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
2015-07-25 01:14 - 2015-07-23 15:39 - 16308040 _____ () C:\Program Files\Google\Chrome\Application\44.0.2403.107\PepperFlash\pepflashplayer.dll
2009-03-12 18:18 - 2009-03-12 18:18 - 00602624 _____ () C:\Program Files\Everything\Everything.exe
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\.DEFAULT\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\.DEFAULT\...\01i.info -> 01i.info
IE restricted site: HKU\.DEFAULT\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\.DEFAULT\...\05p.com -> 05p.com
IE restricted site: HKU\.DEFAULT\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\.DEFAULT\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\.DEFAULT\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\.DEFAULT\...\0calories.net -> 0calories.net
IE restricted site: HKU\.DEFAULT\...\0cj.net -> 0cj.net
IE restricted site: HKU\.DEFAULT\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\.DEFAULT\...\1-se.com -> 1-se.com
IE restricted site: HKU\.DEFAULT\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\.DEFAULT\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\.DEFAULT\...\100gal.net -> 100gal.net
IE restricted site: HKU\.DEFAULT\...\101hotteens.com -> 101hotteens.com
IE restricted site: HKU\.DEFAULT\...\101lottery.com -> 101lottery.com
IE restricted site: HKU\.DEFAULT\...\123expressview.com -> 123expressview.com
IE restricted site: HKU\.DEFAULT\...\123found.com -> 123found.com
IE restricted site: HKU\.DEFAULT\...\123keno.com -> 123keno.com
IE restricted site: HKU\.DEFAULT\...\12don.info -> 12don.info
 
There are 4198 more restricted sites.
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2675523129-3664480364-4030225571-1000\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-2675523129-3664480364-4030225571-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\img24.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Kodak EasyShare software.lnk => C:\Windows\pss\Kodak EasyShare software.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NETGEAR WNA1100 Genie.lnk => C:\Windows\pss\NETGEAR WNA1100 Genie.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Sandy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AOL Fast Start => "C:\Program Files\AOL Desktop 9.7\AOL.EXE" -b
MSCONFIG\startupreg: ehTray.exe => C:\Windows\ehome\ehTray.exe
MSCONFIG\startupreg: HostManager => C:\Program Files\Common Files\AOL\1208202769\ee\AOLSoftware.exe
MSCONFIG\startupreg: KSS => "C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe" /autorun
MSCONFIG\startupreg: Launcher => %WINDIR%\SMINST\launcher.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RtHDVCpl => RtHDVCpl.exe
MSCONFIG\startupreg: SDTray => "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Spare Backup => "C:\Program Files\Spare Backup\SpareBackup.exe" /silent
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [TCP Query User{6EA84325-32B3-4AA1-A84A-74E168AB3750}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe
FirewallRules: [UDP Query User{C2134986-B548-4192-96C1-76D12EBDC69A}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe
FirewallRules: [{6BEE49FF-E9D2-4EFF-BE9C-A6C31C8D7484}] => (Allow) LPort=50000
FirewallRules: [{629F8CB3-59BC-49E4-A83F-30E31F248793}] => (Allow) C:\Program Files\Common Files\aol\acs\AOLDial.exe
FirewallRules: [{ECFEC0FE-9402-4090-B705-EA6F358B5369}] => (Allow) C:\Program Files\Common Files\aol\acs\AOLDial.exe
FirewallRules: [{CB3E8EBC-ACEB-4854-BBE7-F9549E792A99}] => (Allow) C:\Program Files\Common Files\aol\acs\AOLacsd.exe
FirewallRules: [{1A349EFA-B540-46FB-A104-69110EDA61C2}] => (Allow) C:\Program Files\Common Files\aol\acs\AOLacsd.exe
FirewallRules: [{2C4E2ADA-EEF2-4B46-9263-3556BC0C5C1F}] => (Allow) C:\Program Files\Common Files\aol\1208202769\ee\aolsoftware.exe
FirewallRules: [{2F5C7E32-C925-4B32-ACBF-FE56BD321A62}] => (Allow) C:\Program Files\Common Files\aol\1208202769\ee\aolsoftware.exe
FirewallRules: [{5EE39FDA-C5D0-4B79-909E-0EB3DCB50E74}] => (Allow) C:\Program Files\Common Files\aol\System Information\sinf.exe
FirewallRules: [{A8A62FC4-5C66-4D7D-90F7-A355239DAED7}] => (Allow) C:\Program Files\Common Files\aol\System Information\sinf.exe
FirewallRules: [{E3259D9B-776D-47B0-A419-1EA23F98136E}] => (Allow) C:\Program Files\AOL Desktop 9.7\AOLBrowser\aolbrowser.exe
FirewallRules: [{0222F6AE-686F-4748-9C4A-567D37C3327F}] => (Allow) C:\Program Files\AOL Desktop 9.7\AOLBrowser\aolbrowser.exe
FirewallRules: [{E22E3465-E2B2-47B3-BC71-66BB44BBBB3E}] => (Allow) LPort=50001
FirewallRules: [{D256F9B3-D111-43E7-AC7A-8780CBD15D81}] => (Allow) LPort=50001
FirewallRules: [{B4E870EA-F2EF-45F2-BB10-F8015750F01E}] => (Allow) C:\Program Files\NETGEAR\WNA1100\WNA1100.exe
FirewallRules: [{0AF6C964-6F89-4878-BAEF-7FDC219AEF01}] => (Allow) C:\Program Files\NETGEAR\WNA1100\WNA1100.exe
FirewallRules: [{D764F751-C0B5-4564-9F83-6421947EE774}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{0EE690BA-11D3-465D-90A1-0E791D8DF1D4}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{F600F6D9-17C2-4C45-A389-A2C5C7464C51}C:\program files\everything\everything.exe] => (Allow) C:\program files\everything\everything.exe
FirewallRules: [UDP Query User{F935CC35-A983-40CC-91EE-335BE6E02C70}C:\program files\everything\everything.exe] => (Allow) C:\program files\everything\everything.exe
FirewallRules: [WMP-Out-TCP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-Out-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-In-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [{DC5FA52D-2EA4-4A63-8CD3-CE3CF4B3D717}] => (Allow) LPort=2869
FirewallRules: [{8C4C9F01-E6ED-4EE4-A861-ED9D6069E637}] => (Allow) LPort=1900
FirewallRules: [{F936AA1A-019D-4E9D-B31F-4BB48EE6C739}] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [{5260BFDC-33FF-4DD1-A3CA-6DD1226708CD}] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [{B898C53B-71DE-4492-A9BD-BC2CE15796A0}] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [{3733C92E-EC05-4014-B40F-9E9C9CEC76FE}] => (Allow) LPort=48113
FirewallRules: [{740197B5-9B91-43DC-9448-5F2FAA99E4ED}] => (Allow) LPort=48113
FirewallRules: [TCP Query User{E37493F8-C5FE-44CF-BE19-A6D716132D7A}E:\programmation\qtchat\release\qtchat.exe] => (Allow) E:\programmation\qtchat\release\qtchat.exe
FirewallRules: [UDP Query User{44823339-CF28-4006-8630-458A16074A94}E:\programmation\qtchat\release\qtchat.exe] => (Allow) E:\programmation\qtchat\release\qtchat.exe
FirewallRules: [{640A91B0-ECDA-4E2F-9B8E-339A3EFA9BD3}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{3633311B-57BD-4FF2-811D-6769C8EEEECA}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{86B9713E-F1DF-49D5-B019-CBF628C100F3}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{5CD5B567-597F-41FE-851A-33585F693777}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{BB9C35EF-9835-4F95-A255-B36A57E54DC7}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{7C2A9EA4-50DF-44FB-860A-4AFC58B156D0}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{AECD9C48-61BC-4131-9F70-3702A645707D}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{7CAFCD45-A529-4A7A-8466-9216F3037AFC}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{671043FD-726E-455D-A518-32A0D07074F1}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{9DF06165-2439-4AD4-BE7D-CEC28D5CE066}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{73CDE7CF-C7FC-49EC-BFDC-A5AC4EFAF57E}] => (Allow) C:\Program Files\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{529C7B17-B67D-4B0D-8F7B-367DF2260140}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{1CE57D4E-AABB-4DC3-A622-4D0CAF97CEF3}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{0CE5FC83-0B78-4984-A831-EE4A08BE539A}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{D5F8CABD-8962-49E3-98EF-403248318F4B}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{707B089F-074F-4A55-A32D-72AF2F865C81}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{8EDCDF97-D757-4D7B-B499-A11C56FA81E8}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{0A6C10DE-A5AA-494F-BFD6-447FFF3CE971}] => (Allow) C:\Program Files\HP\hp software update\hpwucli.exe
FirewallRules: [{3075A184-EF62-4324-A553-45B186BE29A8}] => (Allow) C:\Program Files\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [TCP Query User{523E1FF5-6A41-47D1-810C-8CF25D9D93D2}C:\program files\spybot - search & destroy 2\sdupdate.exe] => (Block) C:\program files\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [UDP Query User{D92BB2E9-47AF-4758-BDC2-52C439730331}C:\program files\spybot - search & destroy 2\sdupdate.exe] => (Block) C:\program files\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [TCP Query User{D1FB3E58-CD03-44BA-B7FF-1B48B96FC860}C:\program files\spybot - search & destroy 2\sdupdsvc.exe] => (Block) C:\program files\spybot - search & destroy 2\sdupdsvc.exe
FirewallRules: [UDP Query User{DDD91939-3807-43F8-9735-3FC422B992C0}C:\program files\spybot - search & destroy 2\sdupdsvc.exe] => (Block) C:\program files\spybot - search & destroy 2\sdupdsvc.exe
FirewallRules: [{9FA5C797-0B85-4DDD-9061-D5B491AE4F7E}] => (Allow) C:\Users\Sandy\AppData\Local\temp\7zS66E4\HPDiagnosticCoreUI.exe
FirewallRules: [{C05EA97B-9164-4F09-B34C-3BFBD2512BC2}] => (Allow) C:\Users\Sandy\AppData\Local\temp\7zS66E4\HPDiagnosticCoreUI.exe
FirewallRules: [{1B140B8E-13E7-4611-8701-DF67C4FC2BF4}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
Name: Officejet 4500 G510n-z
Description: Officejet 4500 G510n-z
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Officejet 4620 series
Description: Officejet 4620 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Sprint Connection Manager NMEA Port (COM5)
Description: Sprint Connection Manager NMEA Port
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: PCTEL
Service: Nmea
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Sprint Connection Manager NMEA Port (COM6)
Description: Sprint Connection Manager NMEA Port
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: PCTEL
Service: Nmea
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Sprint Connection Manager NMEA Port (COM8)
Description: Sprint Connection Manager NMEA Port
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: PCTEL
Service: Nmea
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/25/2015 07:31:40 PM) (Source: ESENT) (EventID: 439) (User: )
Description: Windows (3464) Windows: Unable to write a shadowed header for file C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk. Error -1032.
 
Error: (07/25/2015 07:31:39 PM) (Source: ESENT) (EventID: 490) (User: )
Description: Windows (3464) Windows: An attempt to open the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (07/25/2015 06:12:34 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\vistasp1_gdr\com\complus\src\events\tier1\eventsystemobj.cpp4580070005
 
Error: (07/20/2015 06:01:04 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: File backup failed due to an error writing to the backup location J:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check your hardware configuration. (0x81000006).
 
Error: (07/20/2015 04:56:26 PM) (Source: Windows Search Service) (EventID: 3026) (User: )
Description: Advise Status Change failed. The system is probably low on resources. Free up resources and restart the service.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
The content index service was stopped.   (0x80041812)
 
Error: (07/12/2015 10:10:13 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: File backup failed due to an error writing to the backup location J:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check your hardware configuration. (0x81000006).
 
Error: (07/10/2015 10:07:11 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {27f8dfa3-45a2-4659-ac9e-4673ef40e8ce}
 
Error: (07/10/2015 10:01:46 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x80040206.
 
Error: (07/10/2015 10:01:46 PM) (Source: VSS) (EventID: 19) (User: )
Description: Volume Shadow Copy Service error: The EventSystem service is disabled or is attempting to start during Safe Mode. 
The Volume Shadow Copy service cannot start while in safe mode.
If not in safe mode, make sure that EventSystem service is enabled.
CLSID:{4e14fba2-2e22-11d1-9964-00c04fbbb345} Name:CEventSystem [0x80040206]
 
Error: (07/10/2015 10:01:46 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\vistasp1_gdr\com\complus\src\events\tier1\eventsystemobj.cpp4580070005
 
 
System errors:
=============
Error: (07/25/2015 06:17:49 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: bdselfpr
 
Error: (07/25/2015 06:17:49 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: HP CUE DeviceDiscovery Service
 
Error: (07/25/2015 06:14:58 PM) (Source: HTTP) (EventID: 15016) (User: )
Description: \Device\Http\ReqQueueKerberos
 
Error: (07/24/2015 08:43:29 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: WSWNA1100
 
Error: (07/23/2015 04:51:51 AM) (Source: Dhcp) (EventID: 1002) (User: )
Description: The IP address lease 192.168.1.7 for the Network Card with network address 28C68E53835F has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
 
Error: (07/20/2015 04:58:13 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Error: (07/20/2015 04:57:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Windows Search%%1053
 
Error: (07/20/2015 04:57:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Windows Search
 
Error: (07/20/2015 04:57:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Windows Search%%1053
 
Error: (07/20/2015 04:57:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Windows Search
 
 
Microsoft Office:
=========================
 
CodeIntegrity Error:
===================================
  Date: 2015-07-25 20:46:53.103
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-07-25 20:46:52.502
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-07-25 20:46:52.185
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-07-25 20:46:51.909
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-07-25 20:46:51.416
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-07-25 20:46:50.991
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-07-25 20:46:50.627
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-07-25 20:46:50.192
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-07-25 20:46:18.868
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-07-25 20:46:18.471
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: AMD Athlon™ 64 Processor 4000+
Percentage of memory in use: 86%
Total physical RAM: 894.82 MB
Available physical RAM: 119.52 MB
Total Virtual: 2282.38 MB
Available Virtual: 700.86 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:222.22 GB) (Free:152.09 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:10.66 GB) (Free:2.36 GB) NTFS ==>[system with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 232.9 GB) (Disk ID: C5B06B6A)
Partition 1: (Not Active) - (Size=10.7 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=222.2 GB) - (Type=07 NTFS)
 
==================== End of log ============================

 

Any help in proceeding would be greatly appreciated.

===============================

Here is the Malwarebytes scan.  When I hit the delete button, it appeared to delete all but about 70 of the Malwarebyte files.

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 7/25/2015
Scan Time: 6:30:36 PM
Logfile: PUP mindspark.A files and folders.txt
Administrator: Yes
 
Version: 2.1.8.1057
Malware Database: v2015.07.25.04
Rootkit Database: v2015.07.22.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows Vista Service Pack 1
CPU: x86
File System: NTFS
User: Sandy
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 388037
Time Elapsed: 37 min, 53 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 85
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\adapter, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\abstractbutton, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\abstractbutton\background, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\alert, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\alert\background, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\embedhtml, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\embedhtml\background, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\embedhtml\html, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\embedhtml\js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\embedscript, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\embedscript\background, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\embedscript\html, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\embedscript\js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\flare, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\flare\background, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\flare\icons, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\generic, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\generic\background, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\link, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\link\background, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\menu, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\menu\background, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\menu\css, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\menu\html, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\menu\images, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\menu\js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\rss, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\rss\background, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\thirdparty, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\thirdparty\background, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\uninstall, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\uninstall\background, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\weather, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\weather\background, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\common, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\radio, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\radio\css, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\radio\js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\rss, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\rss\js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\test, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\topapps, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\topapps\css, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\topapps\js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\weather, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\weather\css, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\weather\js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\api, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\api\background, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\api\window, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\defaultSearch, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\defaultSearch\background, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\defaultSearch\foreground, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\moviereviews, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\moviereviews\background, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\moviereviews\css, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\moviereviews\html, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\moviereviews\js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\radio, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\radio\background, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\radio\css, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\radio\foreground, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\radio\radioWrapper, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\search, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\search\background, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\search\html, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\supertab, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\supertab\css, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\supertab\html, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\supertab\js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\icons, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\images, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\native, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\native\libs, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\shared, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\_metadata, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm, , [f40415d099f170c6dfbf9fd22ed73ac6], 
 
Files: 230
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\manifest.json, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\bg.html, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\buildVars, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\buildVars.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\companionSW.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\config.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\contentScript.css, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\contentScript.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\debug.html, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\debug.jade, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\extension_toolbar_api.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\initWidgetWindow.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\newTabContentScript.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\options.html, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\spent.css, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\spent.html, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\spent.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\spent2.css, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\spent2.html, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\spentJ.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\spentK.html, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\spentK.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\startup.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\stub.html, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\stubby.html, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\superFrame.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\toolbar.html, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\toolbar.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\toolbarUI.css, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\toolbarUI.html, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\toolbarUI.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\url.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\adapter\adapterUtil.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\adapter\widget-adapter.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\abstractbutton\background\abstractButton.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\alert\background\alertButton.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\embedhtml\background\embedHtmlWidget.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\embedhtml\html\embedHtmlTemplate.html, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\embedhtml\html\innerEmbedHtmlTemplate.html, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\embedhtml\js\embedHtmlUI.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\embedscript\background\embedScriptWidget.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\embedscript\html\embedScriptTemplate.html, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\embedscript\html\innerEmbedScriptTemplate.html, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\embedscript\js\embedScriptUI.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\flare\background\FlareWidget.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\flare\icons\Icon_Flare_blue.png, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\flare\icons\Icon_Flare_pink.png, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\flare\icons\Thumbs.db, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\generic\background\GenericWidget.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\link\background\linkButton.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\menu\README.txt, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\menu\background\menuButton.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\menu\css\menuframe.css, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\menu\html\menuframe.html, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\menu\images\right_arrow.png, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\menu\images\right_arrow_white.png, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\menu\js\jquery-1.7.1.min.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\menu\js\menuframe.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\menu\js\query-string.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\menu\js\underscore-1.3.1.min.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\rss\background\RssWidget.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\thirdparty\background\thirdPartyWidget.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\uninstall\background\uninstallButton.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\components\weather\background\weatherButton.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\js\bs.30.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\js\common.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\js\dynamic.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\js\enableDetect.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\js\eventListening.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\js\global.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\js\jquery-1.7.1.min.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\js\list-interaction.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\js\messageEventListener.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\js\navRedirector.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\js\paramReplacer.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\js\PartnerId.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\js\set.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\js\underscore-1.3.1.min.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\js\underscore-1.5.2.min.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\js\unifiedLogging.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widget-context-1.0.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\common\common.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\common\eventListening.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\common\jquery-1.7.1.min.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\common\list-interaction.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\common\set.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\common\underscore-1.3.1.min.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\radio\radio-widget.html, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\radio\css\radio-widget.css, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\radio\js\radio-custom.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\radio\js\radio-parser.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\radio\js\radio-widget-ui.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\radio\js\radio-widget.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\rss\rssWidget.html, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\rss\js\rss-widget-custom.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\rss\js\rss-widget-parse.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\rss\js\rss-widget.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\test\invalid.json, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\test\jquery.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\test\qunit.css, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\test\qunit.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\test\resource.json, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\test\resource.xml, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\test\testWidget.html, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\test\testWidget.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\topapps\widget.html, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\topapps\css\widget.css, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\topapps\js\nanigans-topapps-feed.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\topapps\js\topapps-config.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\topapps\js\widget.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\weather\weatherButton.html, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\weather\css\weatherButton.css, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\common\widget-api\widgets\weather\js\weather.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\api\background\ApiBasedWidget.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\api\background\widget-api-impl.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\api\window\hiddenWidgetWindow.html, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\api\window\hiddenWidgetWindow.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\api\window\hiddenWidgetWindowInit.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\api\window\widgetWindow.html, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\api\window\widgetWindow.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\defaultSearch\background\updateSearch.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\defaultSearch\background\updateSearchPromptBg.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\defaultSearch\foreground\07_buttons2.png, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\defaultSearch\foreground\08_buttons2.png, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\defaultSearch\foreground\defaultSearchModal.html, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\defaultSearch\foreground\defaultSearchModalInjector.css, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\defaultSearch\foreground\defaultSearchModalInjector.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\defaultSearch\foreground\tvf_btn_ok.png, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\defaultSearch\foreground\tvf_btn_ok2.png, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\defaultSearch\foreground\tvf_restart_alert_icon.png, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\defaultSearch\foreground\tvf_restart_icon.png, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\defaultSearch\foreground\updateSearchPromptFg.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\moviereviews\background\MovieReviewsWidget.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\moviereviews\css\movieReviews.css, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\moviereviews\html\movieReviews.html, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\moviereviews\js\movieReviews.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\radio\background\RadioWidget.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\radio\css\toolbar-item.css, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\radio\foreground\button.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\radio\radioWrapper\radioWrapper.html, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\radio\radioWrapper\radioWrapper.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\search\background\searchBox.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\search\html\searchSuggestions.css, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\search\html\searchSuggestions.html, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\search\html\searchSuggestions.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\search\html\searchSuggestionsInit.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\supertab\css\supertab.css, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\supertab\html\supertab.html, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\supertab\js\newtabfork.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\supertab\js\reporting.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\supertab\js\srchsugg.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\supertab\js\supertab.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\supertab\js\unifiedLogging.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\components\supertab\js\__utm.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\icons\arrowSprite.png, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\icons\icon128.png, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\icons\icon16.png, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\icons\icon19disabled.png, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\icons\icon19on.png, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\icons\icon48.png, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\icons\tb_icon_search_disappearing_ask.png, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\images\223762119.png, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\images\223762123.png, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\images\223762130.png, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\images\223762131.png, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\images\223762132.png, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\images\223762145.png, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\images\down_arrow.png, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\images\IDR_PRODUCT_LOGO_16.png, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\images\IDR_WEBSTORE_ICON.png, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\images\magnifying_glass.png, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\images\RadioPlayerSprite.png, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\images\search_button.png, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\images\tvf_icon_guide.png, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\images\tvf_logo.png, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\images\wrench.png, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\js\chromeUtils.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\js\exeManager.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\js\exeManagerNMD.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\js\exePackageManager.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\js\focusManager.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\js\globalBlacklistManager.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\js\messaging.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\js\mutation_summary-min.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\js\mutation_summary.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\js\nativeMessagingDispatcher.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\js\newTabInfo.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\js\newTabInitialize.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\js\options.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\js\readLocalStorage.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\js\reservespacefortoolbar.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\js\reservespaceifenabled.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\js\scriptInjector.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\js\searchContext.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\js\settingsOverrides.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\js\toolbarCookieParser.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\js\toolbarPreinit.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\js\underscore-1.3.1.min.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\js\URILoaderContentScript.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\js\Widget.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\js\widgetContentScriptInjectee.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\js\widgetFactory.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\js\widgetWindowManager.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\native\cache.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\native\ce.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\native\debug.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\native\ss.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\native\libs\jquery-1.7.1.min.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\native\libs\jquery-1.9.1.min.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\native\libs\underscore-1.5.2.min.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\shared\activePing.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\shared\buttonLogger.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\shared\competitorDnsList.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\shared\console.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\shared\FFPreferencesPersister.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\shared\httpTransport.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\shared\HttpURL.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\shared\internationalSearch.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\shared\LocalStoragePersister.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\shared\MindsparkGlobal.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\shared\MindsparkGlobal.unitTest.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\shared\MindsparkGlobalNotes.txt, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\shared\rsvp-latest.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\shared\searchSuggestLocale.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\shared\testHttpTransport.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\shared\unifiedLogger.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\shared\unifiedLogging.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\shared\universalConsole.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\shared\utils.js, , [f40415d099f170c6dfbf9fd22ed73ac6], 
PUP.Optional.Mindspark.A, C:\Users\Sandy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhkemhaommecijlogcmoeaogjjpkihm\12.14.7.39957_0\_metadata\verified_contents.json, , [f40415d099f170c6dfbf9fd22ed73ac6], 
 
Physical Sectors: 0
(No malicious items detected)
 
(end)
Any help is appreciated.

Edited by MassagePS, 25 July 2015 - 10:58 PM.

Once saved; always saved.


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,969 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:32 PM

Posted 27 July 2015 - 07:32 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
 
start

EmptyTemp:
CloseProcesses:

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2675523129-3664480364-4030225571-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-18]
S4 sprtsvc_verizondm; C:\Program Files\VERIZONDM\bin\sprtsvc.exe /service /p verizondm [X]
S4 tgsrvc_verizondm; C:\Program Files\VERIZONDM\bin\tgsrvc.exe /p verizondm [X]
S1 bdselfpr; \??\C:\Users\Sandy\AppData\Local\Temp\RarSFX0\bdselfpr.sys [X]
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; \??\C:\Users\Sandy\AppData\Local\Temp\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 MREMP50; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 SymIM; system32\DRIVERS\SymIM.sys [X]
S3 SymIMMP; system32\DRIVERS\SymIM.sys [X]
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

End
Save the files as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===


Reset Chrome...
Open Google Chrome, click on menu icon google-chrome-setting-icon.png which is located right side top of the google chrome.
 
Click "Settings" then "Show advanced settings" at the bottom of the screen.
 
Click "Reset browser settings" button.
 
Clear your cache and cookies
https://support.google.com/chromebook/answer/183083?hl=en
Select "From the beginning of time"

Restart Chrome.

====

How is the computer running now?

#3 MassagePS

MassagePS
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Palm Springs Great-Grandmother
  • Local time:02:32 PM

Posted 27 July 2015 - 05:29 PM

Hi nasdaq,

Before I forget, please let me know if it's possible to donate a small amount thru PayPal and how would I go about doing that for you?

 

Here is the requested log:

 

Fix result of Farbar Recovery Scan Tool (x86) Version: 25-07-2015
Ran by Sandy at 2015-07-27 14:44:25 Run:2
Running from C:\Users\Sandy\Desktop
Loaded Profiles: Sandy & UpdatusUser (Available Profiles: Sandy & UpdatusUser)
Boot Mode: Normal
 
==============================================
 
fixlist content:
*****************
start
 
EmptyTemp:
CloseProcesses:
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2675523129-3664480364-4030225571-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-18]
S4 sprtsvc_verizondm; C:\Program Files\VERIZONDM\bin\sprtsvc.exe /service /p verizondm [X]
S4 tgsrvc_verizondm; C:\Program Files\VERIZONDM\bin\tgsrvc.exe /p verizondm [X]
S1 bdselfpr; \??\C:\Users\Sandy\AppData\Local\Temp\RarSFX0\bdselfpr.sys [X]
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; \??\C:\Users\Sandy\AppData\Local\Temp\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 MREMP50; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 SymIM; system32\DRIVERS\SymIM.sys [X]
S3 SymIMMP; system32\DRIVERS\SymIM.sys [X]
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
 
End
*****************
 
Processes closed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
"HKU\S-1-5-21-2675523129-3664480364-4030225571-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck" => key removed successfully.
Could not move "C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx" => Scheduled to move on reboot.
"HKLM\SOFTWARE\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki" => key removed successfully.
Could not move "C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx" => Scheduled to move on reboot.
sprtsvc_verizondm => service removed successfully.
tgsrvc_verizondm => service removed successfully.
bdselfpr => service removed successfully.
blbdrive => service removed successfully.
catchme => service removed successfully.
IpInIp => service removed successfully.
MREMP50 => service removed successfully.
MREMPR5 => service removed successfully.
MRENDIS5 => service removed successfully.
MRESP50 => service removed successfully.
NwlnkFlt => service removed successfully.
NwlnkFwd => service removed successfully.
SymIM => service removed successfully.
SymIMMP => service removed successfully.
C:\ProgramData\TEMP => ":5C321E34" ADS removed successfully..
EmptyTemp: => 86.9 MB temporary data Removed.
 
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-07-27 14:52:45)<=
 
"C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx" => Could not move
"C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx" => Could not move
 
==== End of Fixlog 14:52:45 ====
 
I did everything you asked but am a little confused about "reset browser settings"' ; Can you let me know exactly where that is?
 
I also don't have sound and wonder if its related to what happened.  Any help with that?
 
Many thanks for your kind help with all this.
 
Aleta
 
trackid is still there  =(

Edited by MassagePS, 27 July 2015 - 08:25 PM.

Once saved; always saved.


#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,969 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:32 PM

Posted 28 July 2015 - 06:43 AM

Before I forget, please let me know if it's possible to donate a small amount thru PayPal and how would I go about doing that for you?

My services are free. Thank you for the offer.

===

I did everything you asked but am a little confused about "reset browser settings"' ; Can you let me know exactly where that is?


Reset Chrome...
Open Google Chrome, click on menu icon google-chrome-setting-icon.png which is located right side top of the google chrome.
 
Click "Settings" then "Show advanced settings" at the bottom of the screen.
 
Click "Reset browser settings" button. <- at the bottom of the Advanced settings.

===

Clear your cache and cookies
https://support.google.com/chromebook/answer/183083?hl=en
Select "From the beginning of time"

Restart Chrome.

How is it now?

#5 MassagePS

MassagePS
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Palm Springs Great-Grandmother
  • Local time:02:32 PM

Posted 29 July 2015 - 01:03 AM

OK nasdaq.  Have done all and it appears I do not see it anymore.  Could it be that easy!?  Still no sound yet. (The last couple of weeks, I had to roll back on quick restore to get sound? I seem to be loosing sound and don't know why.....anyway

 

Many thanks again,

Aleta

 

I thought we were able to donate to those who help us, no?


Edited by MassagePS, 29 July 2015 - 01:06 AM.

Once saved; always saved.


#6 nasdaq

nasdaq

  • Malware Response Team
  • 38,969 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:32 PM

Posted 29 July 2015 - 08:02 AM

Open you control panel select the Sound option.
Open the Sound tab.
Change your setting to an other sound.
Click the apply button.

How is it now?


My services are free.
Thanks for the offer.

#7 MassagePS

MassagePS
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Palm Springs Great-Grandmother
  • Local time:02:32 PM

Posted 29 July 2015 - 08:05 PM

WE are GOOD to go!!  On everything.  Many thanks for your kind help.  What goes around. Comes around. I want to say once more, thank you for your help.

 

Aleta


Once saved; always saved.


#8 nasdaq

nasdaq

  • Malware Response Team
  • 38,969 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:32 PM

Posted 30 July 2015 - 09:22 AM

Glad we could help.

If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/
===

#9 nasdaq

nasdaq

  • Malware Response Team
  • 38,969 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:32 PM

Posted 05 August 2015 - 07:54 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users