Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Laptop running slow again - virus?


  • Please log in to reply
23 replies to this topic

#1 tyl604

tyl604

  • Members
  • 373 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Atlanta, GA
  • Local time:11:51 AM

Posted 22 July 2016 - 08:57 PM

On June 3, 2015, I posted a thread called "Laptop running slow as molasses; could I have a virus?"  Broni helped me with many suggestions and it seemed to run a bit better.  Lately it is almost too slow to use.  The Task Manager screen shows that my memory (4 gigs) is not being used up but that 100% of my processor is in use all the time.  Hence the slowing down.  If I close the internet, it runs better but with Chrome, all the processor is taken up.  A lot of times it seems to be SvcHost or multiple Chrome.exe files running.

 

Emachines laptop E627

4G Ram

160 G Hard drive with 53 G free

AMD Athlon 64 TF20 cpu

Running Windows XP

 

So before posting this thread I again downloaded all the programs recommended by Broni and ran them; the files are attached.  Programs are:

Security Check

Farbar Service Scanner

MiniToolBox

MBAM

MBAR

Rkill

TFC

Adw Cleaner

and Sophos Free Virus Removal Tool

 

In anticipation of being asked to run the same programs, I am attaching the new txt reports.  Not quite sure how but will try to attach all to this thread.

 

Nope - no way to attach a file so guess I will  maybe paste the txt files.  Here they are; I apologize for the length and would rather have attached files but no luck.

 

 

Security Check:

 

 Results of screen317's Security Check version 1.014 --- 12/23/15  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Norton Security Suite   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Secunia PSI (3.0.0.10004)   
 Adobe Reader XI  
 Google Chrome (50.0.2661.102) 
 Google Chrome (51.0.2704.103) 
 Google Chrome (SetupMetrics.pma..) 
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 4% 
````````````````````End of Log`````````````````````` 
 

 

_______________________________________________________

 

FSS:

 

Farbar Service Scanner Version: 27-01-2016
Ran by Bleepingcomputer (administrator) on 21-07-2016 at 09:58:36
Running from "C:\Users\Bleepingcomputer\Desktop\Bleeping May 19 2016\July 21 2016"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
 
 
**** End of log ****
 
________________________________________________________
 
MiniToolBox
 

MiniToolBox by Farbar  Version: 17-06-2016
Ran by Bleepingcomputer (administrator) on 21-07-2016 at 10:06:42
Running from "C:\Users\Bleepingcomputer\Desktop\Bleeping May 19 2016\July 21 2016"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: eMachines E627 Manufacturer: eMachines
Boot Mode: Normal
***************************************************************************
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================
127.0.0.1       localhost
========================= IP Configuration: ================================
 
Broadcom 802.11g Network Adapter = Wireless Network Connection 2 (Connected)
Atheros AR8132 PCI-E Fast Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : tyl604-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hsd1.ga.comcast.net
 
Wireless LAN adapter Wireless Network Connection 2:
 
   Connection-specific DNS Suffix  . : hsd1.ga.comcast.net
   Description . . . . . . . . . . . : Broadcom 802.11g Network Adapter
   Physical Address. . . . . . . . . : 90-4C-E5-11-B1-54
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2601:c0:8001:14ec::f84e(Preferred) 
   Lease Obtained. . . . . . . . . . : Thursday, July 21, 2016 9:51:16 AM
   Lease Expires . . . . . . . . . . : Thursday, July 28, 2016 10:05:28 AM
   IPv6 Address. . . . . . . . . . . : 2601:c0:8001:14ec:7164:4004:1ec9:908c(Preferred) 
   Temporary IPv6 Address. . . . . . : 2601:c0:8001:14ec:3553:9139:7e8:701d(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::7164:4004:1ec9:908c%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 10.0.0.102(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, July 21, 2016 9:51:15 AM
   Lease Expires . . . . . . . . . . : Thursday, July 28, 2016 10:05:17 AM
   Default Gateway . . . . . . . . . : fe80::68ee:96ff:fed4:e093%11
                                       10.0.0.1
   DHCP Server . . . . . . . . . . . : 10.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 328223973
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-B0-66-1D-00-26-22-86-47-09
   DNS Servers . . . . . . . . . . . : 2001:558:feed::1
                                       2001:558:feed::2
                                       75.75.75.75
                                       75.75.76.76
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : hr.cox.net
   Description . . . . . . . . . . . : Atheros AR8132 PCI-E Fast Ethernet Controller (NDIS 6.20)
   Physical Address. . . . . . . . . : 00-26-22-86-47-09
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.hsd1.ga.comcast.net:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : hsd1.ga.comcast.net
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 9:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  cdns01.comcast.net
Address:  2001:558:feed::1
 
Name:    google.com
Addresses:  2607:f8b0:4002:c03::64
 74.125.138.102
 74.125.138.101
 74.125.138.139
 74.125.138.138
 74.125.138.113
 74.125.138.100
 
 
Pinging google.com [2607:f8b0:4002:c0c::65] with 32 bytes of data:
Reply from 2607:f8b0:4002:c0c::65: time=26ms 
Reply from 2607:f8b0:4002:c0c::65: time=35ms 
 
Ping statistics for 2607:f8b0:4002:c0c::65:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 26ms, Maximum = 35ms, Average = 30ms
Server:  cdns01.comcast.net
Address:  2001:558:feed::1
 
Name:    yahoo.com
Addresses:  2001:4998:58:c02::a9
 2001:4998:c:a06::2:4008
 2001:4998:44:204::a7
 206.190.36.45
 98.139.183.24
 98.138.253.109
 
 
Pinging yahoo.com [2001:4998:c:a06::2:4008] with 32 bytes of data:
Reply from 2001:4998:c:a06::2:4008: time=86ms 
Reply from 2001:4998:c:a06::2:4008: time=97ms 
 
Ping statistics for 2001:4998:c:a06::2:4008:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 86ms, Maximum = 97ms, Average = 91ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 11...90 4c e5 11 b1 54 ......Broadcom 802.11g Network Adapter
 10...00 26 22 86 47 09 ......Atheros AR8132 PCI-E Fast Ethernet Controller (NDIS 6.20)
  1...........................Software Loopback Interface 1
 20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 18...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.0.0.1       10.0.0.102     30
         10.0.0.0    255.255.255.0         On-link        10.0.0.102    286
       10.0.0.102  255.255.255.255         On-link        10.0.0.102    286
       10.0.0.255  255.255.255.255         On-link        10.0.0.102    286
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      169.254.0.0      255.255.0.0         On-link        10.0.0.102    311
  169.254.255.255  255.255.255.255         On-link        10.0.0.102    286
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link        10.0.0.102    286
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link        10.0.0.102    286
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 11    286 ::/0                     fe80::68ee:96ff:fed4:e093
  1    306 ::1/128                  On-link
 11     38 2601:c0:8001:14ec::/64   On-link
 11    286 2601:c0:8001:14ec::f84e/128
                                    On-link
 11    286 2601:c0:8001:14ec:3553:9139:7e8:701d/128
                                    On-link
 11    286 2601:c0:8001:14ec:7164:4004:1ec9:908c/128
                                    On-link
 11    286 fe80::/64                On-link
 11    286 fe80::7164:4004:1ec9:908c/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    286 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [133392] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (07/21/2016 09:56:44 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (07/21/2016 09:56:33 AM) (Source: Application Error) (User: )
Description: Faulting application name: PSIA.exe, version: 3.0.0.10004, time stamp: 0x54784a82
Faulting module name: PSIA.exe, version: 3.0.0.10004, time stamp: 0x54784a82
Exception code: 0xc0000005
Fault offset: 0x0004c19c
Faulting process id: 0xadc
Faulting application start time: 0xPSIA.exe0
Faulting application path: PSIA.exe1
Faulting module path: PSIA.exe2
Report Id: PSIA.exe3
 
Error: (07/21/2016 09:51:29 AM) (Source: RealPlayerUpdateSvc) (User: )
Description: RealPlayerUpdateSvcSearchPath failed w/err 0x00000002
 
Error: (07/21/2016 09:51:29 AM) (Source: RealPlayerUpdateSvc) (User: )
Description: RealPlayerUpdateSvcSearchPath failed w/err 0x00000002
 
Error: (07/21/2016 09:45:02 AM) (Source: RealPlayerUpdateSvc) (User: )
Description: RealPlayerUpdateSvcSearchPath failed w/err 0x00000002
 
Error: (07/21/2016 09:45:02 AM) (Source: RealPlayerUpdateSvc) (User: )
Description: RealPlayerUpdateSvcSearchPath failed w/err 0x00000002
 
Error: (07/21/2016 08:04:05 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15413
 
Error: (07/21/2016 08:04:05 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15413
 
Error: (07/21/2016 08:04:04 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (07/21/2016 08:04:03 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14289
 
 
System errors:
=============
Error: (07/21/2016 09:57:13 AM) (Source: Service Control Manager) (User: )
Description: The Secunia PSI Agent service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (07/21/2016 09:53:03 AM) (Source: Service Control Manager) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error: 
%%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
 
 
Error: (07/21/2016 09:52:58 AM) (Source: DCOM) (User: )
Description: 1068upnphost{204810B9-73B2-11D4-BF42-00B0D0118B56}
 
Error: (07/21/2016 09:52:57 AM) (Source: Service Control Manager) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error: 
%%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
 
 
Error: (07/21/2016 09:52:57 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
PxHelp20
 
Error: (07/21/2016 09:52:44 AM) (Source: WMPNetworkSvc) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070422'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
 
Error: (07/21/2016 09:50:56 AM) (Source: atikmdag) (User: )
Description: Display is not active
 
Error: (07/21/2016 09:50:56 AM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter
 
Error: (07/21/2016 09:50:39 AM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\drivers\pfc.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (07/21/2016 09:50:39 AM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\DRIVERS\PxHelp20.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
 
Microsoft Office Sessions:
=========================
Error: (04/17/2011 08:45:20 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: 1Microsoft Office Excel12.0.6550.500412.0.6425.100012600
 
Error: (04/16/2011 11:32:08 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: 1Microsoft Office Excel12.0.6550.500412.0.6425.100041350
 
Error: (12/10/2010 10:55:22 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: 0Microsoft Office Word12.0.6545.500012.0.6425.10001010
 
Error: (11/18/2010 12:22:24 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: 1Microsoft Office Excel12.0.6545.500012.0.6425.1000830
 
Error: (09/14/2010 06:43:19 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: 0Microsoft Office Word12.0.6541.500012.0.6425.100011360
 
 
=========================== Installed Programs ============================
 
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AnyPic Image Resizer 1.0.1 (HKLM-x32\...\{97A730EA-218E-4C1C-8D62-18001C410DB4}_is1) (Version:  - PearlMountain Soft)
Apple Application Support (32-bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ArcSoft PhotoImpression 6 (HKLM-x32\...\{063E409E-3D7C-4A4A-95AB-2F124B9224B3}) (Version:  - ArcSoft)
ArcSoft ShowBiz 2 (HKLM-x32\...\{791B20D4-AE59-4DE9-B45F-BA01F3D0A493}) (Version:  - )
Astroburn Lite (HKLM-x32\...\Astroburn Lite) (Version: 1.2.0.0087 - Disk Software Ltd)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.10 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{ACCA82EB-7088-919E-5E1C-100A24F11CCF}) (Version: 3.0.732.0 - ATI Technologies, Inc.)
Auslogics BitReplica (HKLM-x32\...\{B6AEA771-9737-41A2-AA07-772CB1A1CC27}_is1) (Version: 2.1.1.0 - Auslogics Software Pty Ltd)
Auslogics Disk Defrag Professional (HKLM-x32\...\{ADE1535C-C836-4F2E-BDA1-1C7C304743E3}_is1) (Version: 4.8.0.0 - Auslogics Labs Pty Ltd)
Belarc Advisor 8.4 (HKLM-x32\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom Driver Installation Program (HKLM-x32\...\{153F839F-0A63-41D8-890F-7324C0E13743}) (Version: 5.60.18.9 - Broadcom)
Bulk Rename Utility 2.7.1.2 (HKLM\...\Bulk Rename Utility_is1) (Version:  - TGRMN Software)
Bullzip PDF Printer 7.1.0.1195 (HKLM\...\Bullzip PDF Printer_is1) (Version:  - Bullzip)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Canon MP Navigator EX 5.1 (HKLM-x32\...\MP Navigator EX 5.1) (Version:  - )
Canon MP470 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP470_series) (Version:  - )
Canon MX430 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX430_series) (Version:  - )
Canon MX430 series On-screen Manual (HKLM-x32\...\Canon MX430 series On-screen Manual) (Version:  - )
Canon MX430 series User Registration (HKLM-x32\...\Canon MX430 series User Registration) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version:  - )
ccc-core-static (HKLM-x32\...\{23E9588B-05ED-BC2F-EB69-101A96511EF1}) (Version: 2009.0729.2227.38498 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.17 - Piriform)
ChromecastApp (HKCU\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.)
Cisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.3.11083.1 - Cisco Consumer Products LLC)
Citrix Online Launcher (HKLM-x32\...\{6740FE60-43C1-4D15-8C4A-001624134B14}) (Version: 1.0.312 - Citrix)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAO 3.5 (HKLM-x32\...\DAO 3.5) (Version:  - )
Defraggler (HKLM\...\Defraggler) (Version: 2.14 - Piriform)
Dropbox (HKCU\...\Dropbox) (Version: 6.4.14 - Dropbox, Inc.)
eMachines Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.05.3004 - Acer Incorporated)
eMachines Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3006 - Acer Incorporated)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Fast Duplicate File Finder 3.0.0.1 (HKLM-x32\...\{AFECFED6-0A43-488F-8511-1DC6B52F31C3}_is1) (Version: 3.0.0.1 - MindGems, Inc.)
Folder Size 3.4.0.0 (HKLM-x32\...\{2DFA85ED-588F-4CE3-A175-29E52C3804A8}_is1) (Version: 3.4.0.0 - MindGems, Inc.)
Free Picture Resize Starter 4.5 (HKLM-x32\...\Picture Resize_is1) (Version: 5.5.18 - Bidgood Svcs)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.15.0 - Futuremark Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Photos Backup (HKCU\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.30.3 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.153 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GoToMeeting 7.20.0.5174 (HKCU\...\GoToMeeting) (Version: 7.20.0.5174 - CitrixOnline)
GPL Ghostscript Lite 8.70 (HKLM-x32\...\GPL Ghostscript Lite_is1) (Version:  - )
HP DC3000 (HKLM-x32\...\{F6B252D4-39FF-4A76-8E34-DF86DB0C5149}) (Version: 1.00.702 - )
HP DVD Movie Writer (HKLM-x32\...\HP DVD) (Version:  - )
HP Software Update (HKLM-x32\...\{6FA269F8-38CB-4DF7-AA0D-36E3CE789485}) (Version: 1.0.3.1 - Hewlett-Packard)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
InCD (ahead software) (HKLM-x32\...\InCD!UninstallKey) (Version:  - )
iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.02 - eMachines)
Light Image Resizer 4.3.3.0 (HKLM-x32\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.3.3.0 - ObviousIdea)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2000 Professional (HKLM-x32\...\{00010409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee autoProducer DVD Edition - HPC (HKLM-x32\...\{121CD452-53B9-45AC-AEBC-B6C221DD135B}) (Version: 2.1.3.23 - muvee Technologies)
MyDriveConnect 4.0.2.2123 (HKLM-x32\...\MyDriveConnect) (Version: 4.0.2.2123 - TomTom)
Nitro PDF Reader (HKLM\...\{31D83475-EC8C-4838-B82D-00679229556D}) (Version: 1.1.2.1 - Nitro PDF Software)
Norton Security Suite (HKLM-x32\...\N360) (Version: 22.7.0.76 - Symantec Corporation)
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.627 - NewTech Infosystems)
NTI Backup Now Standard (HKLM-x32\...\{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.627 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6623 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6623 - NewTech Infosystems)
Nuance PDF Reader (HKLM-x32\...\{B480904D-F73F-4673-B034-8A5F492C9184}) (Version: 6.00.0041 - Nuance Communications, Inc.)
PDF Form Filler 2 (HKLM-x32\...\{DF02A1B9-B4FB-4873-98A4-0793AF76557F}) (Version: 2.0.480 - Blueberry Consultants)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PowerDVD (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version:  - )
Quicken Basic 99 (HKLM-x32\...\Quicken Basic 99) (Version:  - )
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RealDownloader (HKLM-x32\...\{13743594-F75E-491E-9EFF-203C8F8DF705}) (Version: 18.1.4.144 - RealNetworks) Hidden
RealDownloader (HKLM-x32\...\{9F3B20DF-76F2-47F4-9372-F0F56485A58D}) (Version: 18.0.1.10 - RealNetworks, Inc.) Hidden
RealDownloader (HKLM-x32\...\{f05bfa4b-0c78-4a3e-aa74-8c220b4a7782}) (Version: 18.1.4.144 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM-x32\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM-x32\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5904 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30102 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (HKLM-x32\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
RecordNow (HKLM-x32\...\{8214CC02-6271-4DC8-B8DD-779933450264}) (Version: 4.56 - Hewlett-Packard)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
ScanSoft OmniPage SE 4 (HKLM-x32\...\{DEE88727-779B-47A9-ACEF-F87CA5F92A65}) (Version: 15.2.0020 - Nuance Communications, Inc.)
Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
Security Task Manager 2.0d (HKLM-x32\...\Security Task Manager) (Version: 2.0d - Neuber Software)
Shrink Pic (remove) (HKLM-x32\...\Shrink Pic) (Version:  - )
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.5 - Sophos Limited)
Speccy (HKLM\...\Speccy) (Version: 1.24 - Piriform)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 2.2.1 - Krzysztof Kowalczyk)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.2.0 - Synaptics Incorporated)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.25942 - TeamViewer)
TreeSize Free V2.7 (HKLM-x32\...\TreeSize Free_is1) (Version: 2.7 - JAM Software)
Tweaking.com - Simple System Tweaker (HKLM-x32\...\Tweaking.com - Simple System Tweaker) (Version: 2.0.0 - Tweaking.com)
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.8.3 - Tweaking.com)
UpdateService (HKLM-x32\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden
Verizon Mobile Broadband Drivers (HKLM-x32\...\{171B6E08-E57A-4FC4-8A43-79FDA555E647}) (Version: 3.22.017.001.14 - Novatel Wireless)
Verizon Wireless USB551L Firmware Updates (HKLM-x32\...\{BBB95D0D-D40F-4F46-808D-4D295BBB9490}) (Version: 1.0.5 - Smith Micro Software, Inc.)
Verizon Wireless USB760 Firmware Updates (HKLM-x32\...\{629CCE02-041D-4577-892C-577861181771}) (Version: 1.0.0 - Smith Micro Software, Inc.)
Video Downloader (HKLM-x32\...\{8B6202FD-3790-4DD4-B343-51736F7FF4E5}) (Version: 1.2.0 - RealNetworks) Hidden
Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VNC Free Edition 4.1.3 (HKLM-x32\...\RealVNC_is1) (Version: 4.1.3 - RealVNC Ltd.)
VZAccess Manager (HKLM-x32\...\{A19BD7EF-9D03-48B2-B912-7112893CAAB3}) (Version: 7.7.7.0 - Smith Micro Software Inc.)
Welcome Center (HKLM-x32\...\eMachines Welcome Center) (Version: 1.00.3009 - Acer Incorporated)
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17332 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 50%
Total physical RAM: 3836.05 MB
Available physical RAM: 1892.25 MB
Total Virtual: 7670.29 MB
Available Virtual: 5951.61 MB
 
========================= Partitions: =====================================
 
1 Drive c: (eMachines) (Fixed) (Total:136.95 GB) (Free:36.66 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\TYL604-PC
 
Administrator            Bleepingcomputer         Guest                    
tyl604                   
 
========================= Restore Points ==================================
 
23-06-2016 14:49:00 Installed iTunes
23-06-2016 19:07:12 Installed RecordNow
23-06-2016 19:12:46 Installed ArcSoft ShowBiz 2
23-06-2016 19:32:55 Installed Simple Backup
23-06-2016 19:43:14 Installed HP Software Update
23-06-2016 19:49:53 Installed HP DC3000
23-06-2016 20:46:08 Removed RecordNow
23-06-2016 20:51:05 Installed RecordNow
23-06-2016 21:24:48 Removed RecordNow
23-06-2016 21:26:57 Installed RecordNow
18-07-2016 07:01:03 Windows Update
 
**** End of log ****
_________________________________________________________________________________________
 
MBAM
 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 7/21/2016
Scan Time: 10:14 AM
Logfile: Mbam text file.txt
Administrator: Yes
 
Version: 2.2.1.1043
Malware Database: v2016.07.21.02
Rootkit Database: v2016.05.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Bleepingcomputer
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 350093
Time Elapsed: 36 min, 43 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 85
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\adapter, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\abstractbutton, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\abstractbutton\background, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\alert, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\alert\background, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\embedhtml, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\embedhtml\background, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\embedhtml\html, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\embedhtml\js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\embedscript, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\embedscript\background, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\embedscript\html, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\embedscript\js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\flare, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\flare\background, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\flare\icons, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\generic, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\generic\background, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\link, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\link\background, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\menu, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\menu\background, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\menu\css, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\menu\html, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\menu\images, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\menu\js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\rss, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\rss\background, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\thirdparty, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\thirdparty\background, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\uninstall, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\uninstall\background, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\weather, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\weather\background, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\common, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\radio, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\radio\css, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\radio\js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\rss, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\rss\js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\test, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\topapps, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\topapps\css, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\topapps\js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\weather, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\weather\css, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\weather\js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\api, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\api\background, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\api\window, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\defaultSearch, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\defaultSearch\background, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\defaultSearch\foreground, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\moviereviews, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\moviereviews\background, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\moviereviews\css, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\moviereviews\html, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\moviereviews\js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\radio, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\radio\background, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\radio\css, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\radio\foreground, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\radio\radioWrapper, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\search, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\search\background, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\search\html, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\supertab, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\supertab\css, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\supertab\html, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\supertab\js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\icons, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\images, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\native, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\native\libs, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\shared, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\_metadata, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
 
Files: 234
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\manifest.json, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\spent.css, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\bg.html, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\buildVars, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\buildVars.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\companionSW.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\config.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\contentScript.css, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\contentScript.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\debug.html, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\debug.jade, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\extension_toolbar_api.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\initWidgetWindow.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\newTabContentScript.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\options.html, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\spent.html, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\spent.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\spent2.css, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\spent2.html, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\spentJ.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\spentK.html, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\spentK.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\startup.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\stub.html, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\stubby.html, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\superFrame.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\toolbar.html, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\toolbar.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\toolbarUI.css, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\toolbarUI.html, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\toolbarUI.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\url.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\webtooltab.cs.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\adapter\adapterUtil.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\adapter\widget-adapter.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\abstractbutton\background\abstractButton.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\alert\background\alertButton.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\embedhtml\background\embedHtmlWidget.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\embedhtml\html\embedHtmlTemplate.html, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\embedhtml\html\innerEmbedHtmlTemplate.html, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\embedhtml\js\embedHtmlUI.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\embedscript\background\embedScriptWidget.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\embedscript\html\embedScriptTemplate.html, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\embedscript\html\innerEmbedScriptTemplate.html, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\embedscript\js\embedScriptUI.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\flare\background\FlareWidget.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\flare\icons\Icon_Flare_blue.png, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\flare\icons\Icon_Flare_pink.png, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\flare\icons\Thumbs.db, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\generic\background\GenericWidget.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\link\background\linkButton.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\menu\README.txt, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\menu\background\menuButton.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\menu\css\menuframe.css, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\menu\html\menuframe.html, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\menu\images\right_arrow.png, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\menu\images\right_arrow_white.png, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\menu\js\jquery-1.7.1.min.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\menu\js\menuframe.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\menu\js\query-string.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\menu\js\underscore-1.3.1.min.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\rss\background\RssWidget.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\thirdparty\background\thirdPartyWidget.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\uninstall\background\uninstallButton.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\components\weather\background\weatherButton.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\js\bs.30.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\js\common.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\js\dynamic.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\js\enableDetect.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\js\eventListening.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\js\global.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\js\jquery-1.7.1.min.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\js\list-interaction.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\js\messageEventListener.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\js\navRedirector.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\js\paramReplacer.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\js\PartnerId.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\js\set.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\js\underscore-1.3.1.min.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\js\underscore-1.5.2.min.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\js\unifiedLogging.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widget-context-1.0.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\common\common.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\common\eventListening.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\common\jquery-1.7.1.min.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\common\list-interaction.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\common\set.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\common\underscore-1.3.1.min.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\radio\radio-widget.html, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\radio\css\radio-widget.css, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\radio\js\radio-custom.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\radio\js\radio-parser.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\radio\js\radio-widget-ui.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\radio\js\radio-widget.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\rss\rssWidget.html, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\rss\js\rss-widget-custom.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\rss\js\rss-widget-parse.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\rss\js\rss-widget.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\test\invalid.json, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\test\jquery.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\test\qunit.css, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\test\qunit.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\test\resource.json, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\test\resource.xml, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\test\testWidget.html, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\test\testWidget.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\topapps\widget.html, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\topapps\css\widget.css, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\topapps\js\nanigans-topapps-feed.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\topapps\js\topapps-config.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\topapps\js\widget.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\weather\weatherButton.html, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\weather\css\weatherButton.css, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\common\widget-api\widgets\weather\js\weather.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\api\background\ApiBasedWidget.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\api\background\widget-api-impl.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\api\window\hiddenWidgetWindow.html, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\api\window\hiddenWidgetWindow.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\api\window\hiddenWidgetWindowInit.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\api\window\widgetWindow.html, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\api\window\widgetWindow.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\defaultSearch\background\updateSearch.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\defaultSearch\background\updateSearchPromptBg.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\defaultSearch\foreground\07_buttons2.png, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\defaultSearch\foreground\08_buttons2.png, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\defaultSearch\foreground\defaultSearchModal.html, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\defaultSearch\foreground\defaultSearchModalInjector.css, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\defaultSearch\foreground\defaultSearchModalInjector.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\defaultSearch\foreground\tvf_btn_ok.png, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\defaultSearch\foreground\tvf_btn_ok2.png, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\defaultSearch\foreground\tvf_restart_alert_icon.png, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\defaultSearch\foreground\tvf_restart_icon.png, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\defaultSearch\foreground\updateSearchPromptFg.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\moviereviews\background\MovieReviewsWidget.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\moviereviews\css\movieReviews.css, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\moviereviews\html\movieReviews.html, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\moviereviews\js\movieReviews.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\radio\background\RadioWidget.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\radio\css\toolbar-item.css, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\radio\foreground\button.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\radio\radioWrapper\radioWrapper.html, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\radio\radioWrapper\radioWrapper.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\search\background\searchBox.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\search\html\searchSuggestions.css, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\search\html\searchSuggestions.html, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\search\html\searchSuggestions.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\search\html\searchSuggestionsInit.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\supertab\css\supertab.css, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\supertab\html\supertab.html, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\supertab\js\newtabfork.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\supertab\js\reporting.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\supertab\js\srchsugg.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\supertab\js\supertab.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\supertab\js\unifiedLogging.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\components\supertab\js\__utm.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\icons\arrowSprite.png, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\icons\icon128.png, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\icons\icon16.png, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\icons\icon19disabled.png, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\icons\icon19on.png, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\icons\icon48.png, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\icons\tb_icon_search_disappearing_ask.png, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\images\223764870.png, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\images\223764873.png, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\images\223764895.png, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\images\223764907.png, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\images\223764921.png, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\images\223764937.png, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\images\224383999.png, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\images\down_arrow.png, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\images\IDR_PRODUCT_LOGO_16.png, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\images\IDR_WEBSTORE_ICON.png, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\images\magnifying_glass.png, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\images\RadioPlayerSprite.png, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\images\search_button.png, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\images\tvf_icon_guide.png, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\images\tvf_logo.png, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\images\wrench.png, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\js\chromeUtils.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\js\companionSWUtils.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\js\exeManager.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\js\exeManagerNMD.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\js\exePackageManager.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\js\focusManager.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\js\globalBlacklistManager.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\js\messaging.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\js\mutation_summary-min.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\js\mutation_summary.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\js\nativeMessagingDispatcher.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\js\newTabInfo.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\js\newTabInitialize.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\js\options.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\js\readLocalStorage.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\js\reservespacefortoolbar.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\js\reservespaceifenabled.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\js\scriptInjector.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\js\searchContext.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\js\settingsOverrides.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\js\toolbarCookieParser.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\js\toolbarPreinit.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\js\underscore-1.3.1.min.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\js\URILoaderContentScript.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\js\webTooltabAPI.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\js\Widget.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\js\widgetContentScriptInjectee.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\js\widgetFactory.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\js\widgetWindowManager.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\native\cache.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\native\ce.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\native\debug.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\native\ss.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\native\libs\jquery-1.7.1.min.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\native\libs\jquery-1.9.1.min.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\native\libs\underscore-1.5.2.min.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\shared\activePing.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\shared\buttonLogger.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\shared\competitorDnsList.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\shared\console.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\shared\FFPreferencesPersister.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\shared\httpTransport.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\shared\HttpURL.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\shared\internationalSearch.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\shared\LocalStoragePersister.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\shared\MindsparkGlobal.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\shared\MindsparkGlobal.unitTest.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\shared\MindsparkGlobalNotes.txt, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\shared\rsvp-latest.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\shared\searchSuggestLocale.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\shared\testHttpTransport.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\shared\unifiedLogger.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\shared\unifiedLogging.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\shared\universalConsole.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\shared\utils.js, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
PUP.Optional.MindSpark, C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib\12.41.9.60936_0\_metadata\verified_contents.json, Quarantined, [e2c4c066bcde2313ae2db6e4d52f847c], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
____________________________________________________________________________________________________
 
MBAR - found nothing
 
______________________________________________
 
Rkill:
 

Rkill 2.8.4 by Lawrence Abrams (Grinler)
Copyright 2008-2016 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 07/21/2016 02:53:45 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
Checking Windows Service Integrity: 
 
 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Manual
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * HOSTS file entries found: 
 
  127.0.0.1       localhost
 
Program finished at: 07/21/2016 03:07:05 PM
Execution time: 0 hours(s), 13 minute(s), and 20 seconds(s)
 
_______________________________________________________
 
TFC - ran it but do not believe it gave me a report
 
____________________________________
 
AdwCleaner:
 

# AdwCleaner v5.201 - Logfile created 21/07/2016 at 17:32:49
# Updated 30/06/2016 by ToolsLib
# Database : 2016-07-21.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (X64)
# Username : Bleepingcomputer - TYL604-PC
# Running from : C:\Users\Bleepingcomputer\Desktop\Bleeping May 19 2016\July 21 2016\adwcleaner_5.201.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
 
***** [ Files ] *****
 
 
***** [ DLLs ] *****
 
 
***** [ WMI ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
[-] Key Deleted : HKCU\Software\APN PIP
 
***** [ Web browsers ] *****
 
[-] [C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
[-] [C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aol.com
[-] [C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : windows-7-christmas-theme.en.softonic.com
 
*************************
 
:: "Tracing" keys deleted
:: Winsock settings cleared
 
*************************
 
C:\AdwCleaner\AdwCleaner[C1].txt - [6434 bytes] - [20/05/2016 09:02:39]
C:\AdwCleaner\AdwCleaner[C2].txt - [1313 bytes] - [21/07/2016 17:32:49]
C:\AdwCleaner\AdwCleaner[R0].txt - [659 bytes] - [05/01/2014 13:09:27]
C:\AdwCleaner\AdwCleaner[R10].txt - [7305 bytes] - [30/01/2015 12:09:19]
C:\AdwCleaner\AdwCleaner[R11].txt - [2816 bytes] - [04/06/2015 21:24:37]
C:\AdwCleaner\AdwCleaner[R12].txt - [3808 bytes] - [25/06/2015 09:55:18]
C:\AdwCleaner\AdwCleaner[R13].txt - [2195 bytes] - [26/06/2015 09:02:55]
C:\AdwCleaner\AdwCleaner[R1].txt - [779 bytes] - [10/01/2014 23:46:09]
C:\AdwCleaner\AdwCleaner[R2].txt - [1225 bytes] - [21/05/2014 13:46:47]
C:\AdwCleaner\AdwCleaner[R3].txt - [1070 bytes] - [01/06/2014 14:45:10]
C:\AdwCleaner\AdwCleaner[R4].txt - [1191 bytes] - [24/06/2014 15:35:29]
C:\AdwCleaner\AdwCleaner[R5].txt - [1327 bytes] - [26/06/2014 16:25:45]
C:\AdwCleaner\AdwCleaner[R7].txt - [1652 bytes] - [31/07/2014 21:17:59]
C:\AdwCleaner\AdwCleaner[R8].txt - [1598 bytes] - [01/08/2014 15:23:13]
C:\AdwCleaner\AdwCleaner[R9].txt - [2682 bytes] - [18/11/2014 11:38:44]
C:\AdwCleaner\AdwCleaner[S0].txt - [719 bytes] - [05/01/2014 13:21:46]
C:\AdwCleaner\AdwCleaner[S10].txt - [2854 bytes] - [04/06/2015 21:31:45]
C:\AdwCleaner\AdwCleaner[S11].txt - [3869 bytes] - [25/06/2015 10:03:45]
C:\AdwCleaner\AdwCleaner[S12].txt - [2261 bytes] - [26/06/2015 09:12:38]
C:\AdwCleaner\AdwCleaner[S1].txt - [7294 bytes] - [10/01/2014 23:51:13]
C:\AdwCleaner\AdwCleaner[S2].txt - [4559 bytes] - [21/05/2014 13:51:10]
C:\AdwCleaner\AdwCleaner[S3].txt - [1134 bytes] - [01/06/2014 14:47:49]
C:\AdwCleaner\AdwCleaner[S4].txt - [1255 bytes] - [24/06/2014 15:37:00]
C:\AdwCleaner\AdwCleaner[S5].txt - [1391 bytes] - [26/06/2014 16:48:17]
C:\AdwCleaner\AdwCleaner[S6].txt - [675 bytes] - [20/07/2014 14:07:27]
C:\AdwCleaner\AdwCleaner[S7].txt - [1715 bytes] - [31/07/2014 21:22:30]
C:\AdwCleaner\AdwCleaner[S8].txt - [1660 bytes] - [01/08/2014 15:27:32]
C:\AdwCleaner\AdwCleaner[S9].txt - [7483 bytes] - [30/01/2015 12:39:08]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [3287 bytes] ##########
 
_________________________________________
 
JRT:
 

Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Premium x64
Ran by Bleepingcomputer on Thu 07/21/2016 at 17:40:19.12
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Empty Folder] C:\Users\Bleepingcomputer\appdata\local\{1BDF0C23-9635-47AA-B4F8-5BE97A38FB7A}
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 07/21/2016 at 19:12:01.74
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 



BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:51 AM

Posted 22 July 2016 - 08:59 PM

Scan & Clean With Ads Fix

 

  • Disable Windows Defender & Antivirus Prior To Running This Tool!!
  • Save Ads Fix to your desktop.
  • Right Click & Run As Administrator.
  • You will then be prompted to install Certificates.
  • Install then click OK.
  • Right Click & Run As Administrator Again.
  • Click Options then select Unlock the deletion.
  • Then click on clean.
  • Post the log created, if the tool does not run then skip it.

 

Reset Host File

 

 

  • Click here to download RstHosts v2.0
  • Save the file to your desktop.
  • Right Click and Run as Administrator.
  • Click on Restaurer, then click OK at the prompt.
  • This will restore the default host file.
  • Next Click on Creer Un Rapport.
  • This will open a logfile, post that in your next reply.

 

 

Pre_Scan

 

Please download Pre_Scan.

Save it to your desktop.

Disable your antivirus, and windows defender.

Close All open work Pre_Scan will close all processes to run.

Right Click Run as Admin.

Allow completion, when it completes the program will reboot your machine and open a log.

Please post that log here in your next reply.

 

 

 

9-Lab Scan.

 

  • Download 9-Lab Removal Tool.
  • CLICK HERE to determine whether you're running 32-bit or 64-bit for Windows.
  • Install the program onto your computer, then right click the icon  run as administrator.
  • Update the program and then run a full scan!
  • Make sure the program updates, might be better to install it update reboot and check for updates again.
  • You need to make sure the database updates!!!
  • Upon Scan Completion Click on Show Results.
  • Then Click On Clean 
  • Then Click on Save Log.
  • Save it to your desktop, copy and paste the contents of the log here in your next reply.


#3 tyl604

tyl604
  • Topic Starter

  • Members
  • 373 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Atlanta, GA
  • Local time:11:51 AM

Posted 25 July 2016 - 08:29 PM

Inadequate - I have tried to run everything and here are the logs.

 

Ads Fix:

 

---------- | AdsFix | g3n-h@ckm@n | 3_23.07.2016.1
 
----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 22:19:59 - 22/07/2016
 
update on : 23/07/2016 | 00.05 by g3n-h@ckm@n
C:\Users\Bleepingcomputer\Desktop\Bleeping May 19 2016\July 21 2016\adsfix_3_23.07.2016.1.exe
Boot: Normal boot
[Bleepingcomputer (Administrator)] - [TYL604-PC] -  (usa [0409])
SID = S-1-5-21-214847889-3071151494-2151588813-1003 || [426c656570696e67636f6d7075746572205e5e]
PC : eMachines - eMachines E627 - 123456789
Processor : X64 - 1596 - AMD Athlon™ Processor TF-20
Bios : eMachines - 11/30/2009 - V.V1.09
CoreTemp : 80 C
 
CPU #1 value:27 %
Total Overall CPU Usage value:27 %
 
System : Windows 7 Home Premium (64 bits) HomePremium Service Pack 1
RAM memory = Total (MB) : 3928 | Free (MB) : 1952
Pagefile = Total (MB) : 7854 | Free (MB) : 5883
Virtual = Total (MB) : 4194 | Free (MB) : 3995
 
C:\ -> [Fixed] | [eMachines] | Total : 136.95 Go | Free : 34.93 Go -> NTFS [SATA]
 
Registry saved, to restore :  Click on Options & Restore the register (C:\AdsFix\Save\Registry [22.07.2016 @ 22_19_53]) or an element
Restore files or folders deleted by mistake : Click on Options & Restore Files | Folders, Select an item >> "restore"
 
---------- | Windows Updates
 
Last detection : 2016-05-25 15:21:27
Last downloaded : 2016-07-18 05:29:11
Last installation : 2016-07-18 08:13:59
Next search : 2016-07-21 21:37:20
 
---------- | Browsers
 
IE : 11.0.9600.16428     (© Microsoft Corporation. All rights reserved.)
GC : 51.0.2704.103     (Copyright 2015 Google Inc. All rights reserved.)
 
---------- | Security (atcav : 0)
 
AV : Norton Security Suite Disabled
AS : Norton Security Suite Disabled
AM : Malwarebytes' Anti-Malware   (2.3.173.0)     [Update : 15/05/2014 15:17:01]
FW : Norton Security Suite Disabled
WMI : OK
WU: Windows Update Service [Auto(2)] = Order
AS: Windows Defender [Manual(3)] = Order
FW: Windows FireWall Service [Auto(2)] = Started
WMI: Windows Management Instrumentation (System Information) [Auto(2)] = Started
 
---------- | FlashPlayer
 
ActiveX : 11.8.800.168
 
---------- | Killed processes
 
884 | [Owner :  |Parent : 576(services.exe)] - (.AMD - AMD External Events Service Module.) - (6.14.11.1033) = C:\Windows\System32\atiesrxx.exe
1228 | [Owner :  |Parent : 884()] - (.AMD - AMD External Events Client Module.) - (6.14.11.1033) = C:\Windows\System32\atieclxx.exe
1420 | [Owner :  |Parent : 576(services.exe)] - (.Microsoft Corporation - Spooler SubSystem App.) - (6.1.7601.17777) = C:\Windows\System32\spoolsv.exe
1564 | [Owner : SYSTEM |Parent : 576(services.exe)] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.801.10.4720) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1596 | [Owner : SYSTEM |Parent : 576(services.exe)] - (.Apple Inc. - MobileDeviceService.) - (17.364.0.84) = C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1636 | [Owner : SYSTEM |Parent : 576(services.exe)] - (.Apple Inc. - Bonjour Service.) - (3.1.0.1) = C:\Program Files\Bonjour\mDNSResponder.exe
1868 | [Owner : SYSTEM |Parent : 576(services.exe)] - (.Acer Incorporated - ePowerSvc.) - (4.5.3004.0) = C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe
1964 | [Owner : SYSTEM |Parent : 576(services.exe)] - (.- Inkjet Printer/Scanner/Fax Extended Survey Program Service.) - (3.5.0.0) = C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
1216 | [Owner : SYSTEM |Parent : 576(services.exe)] - (.Nitro PDF Software - Solid Spool Service.) - (6.1.0.1) = C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe
1156 | [Owner : SYSTEM |Parent : 576(services.exe)] - (.NewTech Infosystems, Inc. - NTI Backup Now 5 SchedulerSvc NT Service.) - (5.1.0.627) = C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
1908 | [Owner : SYSTEM |Parent : 576(services.exe)] - (.Novatel Wireless Inc. - NWHelper Module.) - (1.0.0.8) = C:\Program Files (x86)\Novatel Wireless\Verizon\Drivers\NWHelper_001.exe
2204 | [Owner : SYSTEM |Parent : 576(services.exe)] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2276 | [Owner : SYSTEM |Parent : 576(services.exe)] - (.RealNetworks, Inc. - RealTimes Desktop Service.) - (18.0.1.42) = C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
2384 | [Owner : NETWORK SERVICE |Parent : 576(services.exe)] - (.Microsoft Corporation - Rpc Locator.) - (6.1.7600.16385) = C:\Windows\System32\Locator.exe
2816 | [Owner : Bleepingcomputer |Parent : 576(services.exe)] - (.Microsoft Corporation - Host Process for Windows Tasks.) - (6.1.7601.18010) = C:\Windows\System32\taskhost.exe
2132 | [Owner : Bleepingcomputer |Parent : 340(svchost.exe)] - (.Microsoft Corporation - Task Scheduler Engine.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe
3492 | [Owner : SYSTEM |Parent : 576(services.exe)] - (.Novatel Wireless Inc. - VZW Config Utility Service.) - (1.0.19.0) = C:\Program Files (x86)\Novatel Wireless\LTE Support\VZWMSConfig.exe
3536 | [Owner : SYSTEM |Parent : 576(services.exe)] - (.RealVNC Ltd. - VNC Server Free Edition for Win32.) - (4.1.3.0) = C:\Program Files (x86)\RealVNC\VNC4\winvnc4.exe
3304 | [Owner : Bleepingcomputer |Parent : 2212()] - (.Acer Incorporated - ePowerTray.) - (4.5.3004.0) = C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe
2272 | [Owner : Bleepingcomputer |Parent : 2212()] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) - (13.2.2.0) = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
988 | [Owner : Bleepingcomputer |Parent : 2212()] - (.CANON INC. - Canon My Printer.) - (2.9.5.0) = C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
3888 | [Owner : Bleepingcomputer |Parent : 2272()] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) - (13.2.2.0) = C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
3236 | [Owner : Bleepingcomputer |Parent : 2212()] - (.Apple Inc. - iTunesHelper.) - (12.4.1.6) = C:\Program Files\iTunes\iTunesHelper.exe
1092 | [Owner : Bleepingcomputer |Parent : 2212()] - (.Piriform Ltd - CCleaner.) - (5.17.0.5590) = C:\Program Files (x86)\CCleaner\CCleaner64.exe
4196 | [Owner : Bleepingcomputer |Parent : 2212()] - (.Secunia - Secunia PSI Tray.) - (3.0.0.10004) = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
4340 | [Owner : Bleepingcomputer |Parent : 956()] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\Hewlett-Packard\HP PrecisionScan\PrecisionScan Pro\HPLamp.exe
4660 | [Owner : Bleepingcomputer |Parent : 956()] - (.CANON INC. - Canon Solution Menu EX.) - (1.4.0.0) = C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
4868 | [Owner : Bleepingcomputer |Parent : 956()] - (.CANON INC. - Canon IJ Network Scanner Selector EX.) - (1.2.1.8) = C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
4888 | [Owner : Bleepingcomputer |Parent : 956()] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\Hewlett-Packard\HP Software Update\hpwuSchd.exe
5108 | [Owner : SYSTEM |Parent : 576(services.exe)] - (.Apple Inc. - iPodService Module (64-bit).) - (12.4.1.6) = C:\Program Files\iPod\bin\iPodService.exe
4208 | [Owner : Bleepingcomputer |Parent : 956()] - (.Hewlett-Packard Company - HP DVD Tray.) - (2.0.0.1) = C:\PROGRA~2\HPDVD~1\Umbrella\DVDTray.exe
1692 | [Owner : Bleepingcomputer |Parent : 956()] - (.- RealDownloader.) - (18.1.4.144) = C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
2924 | [Owner : SYSTEM |Parent : 576(services.exe)] - (.Secunia - Secunia Update Agent.) - (3.0.0.10004) = C:\Program Files (x86)\Secunia\PSI\sua.exe
4464 | [Owner : Bleepingcomputer |Parent : 4660()] - (.Microsoft Corporation - Print driver host for 32bit applications.) - (6.1.7601.17777) = C:\Windows\splwow64.exe
5740 | [Owner : Bleepingcomputer |Parent : 4660()] - (.CANON INC. - Canon Solution Menu EX Updater.) - (1.4.0.0) = C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
5900 | [Owner : Bleepingcomputer |Parent : 2132()] - (.Microsoft Corporation - Windows Memory Diagnostic.) - (6.1.7600.16385) = C:\Windows\System32\MdRes.exe
5936 | [Owner : SYSTEM |Parent : 1868()] - (.Acer Incorporated - ePowerEvent.) - (4.5.3004.0) = C:\Program Files\eMachines\eMachines Power Management\ePowerEvent.exe
4128 | [Owner : Bleepingcomputer |Parent : 576(services.exe)] - (.Microsoft Corporation - Host Process for Windows Tasks.) - (6.1.7601.18010) = C:\Windows\System32\taskhost.exe
5984 | [Owner : Bleepingcomputer |Parent : 4532()] - (.RealNetworks, Inc. - RealNetworks Scheduler.) - (18.0.1.9) = C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
3264 | [Owner : SYSTEM |Parent : 576(services.exe)] - (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - (7.250.4225.0) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
4968 | [Owner : SYSTEM |Parent : 3264()] - (.Microsoft Corp. - Microsoft® Windows Live ID Service Monitor.) - (7.250.4225.0) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
2588 | [Owner : Bleepingcomputer |Parent : 1076(explorer.exe)] - (.Google Inc. - Google Chrome.) - (51.0.2704.103) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
4136 | [Owner : Bleepingcomputer |Parent : 2588(chrome.exe)] - (.Google Inc. - Google Chrome.) - (51.0.2704.103) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
1500 | [Owner : Bleepingcomputer |Parent : 2588(chrome.exe)] - (.Google Inc. - Google Chrome.) - (51.0.2704.103) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
2524 | [Owner : Bleepingcomputer |Parent : 2588(chrome.exe)] - (.Google Inc. - Google Chrome.) - (51.0.2704.103) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
---------- | AdsFix | g3n-h@ckm@n | 3_23.07.2016.1
 
----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 22:20:53 - 22/07/2016
 
update on : 23/07/2016 | 00.05 by g3n-h@ckm@n
C:\Users\Bleepingcomputer\Desktop\Bleeping May 19 2016\July 21 2016\adsfix_3_23.07.2016.1.exe
Boot: Normal boot
[Bleepingcomputer (Administrator)] - [TYL604-PC] -  (usa [0409])
SID = S-1-5-21-214847889-3071151494-2151588813-1003 || [426c656570696e67636f6d7075746572205e5e]
PC : eMachines - eMachines E627 - 123456789
Processor : X64 - 1596 - AMD Athlon™ Processor TF-20
Bios : eMachines - 11/30/2009 - V.V1.09
CoreTemp : 80 C
 
CPU #1 value:0 %
Total Overall CPU Usage value:0 %
 
System : Windows 7 Home Premium (64 bits) HomePremium Service Pack 1
RAM memory = Total (MB) : 3928 | Free (MB) : 2363
Pagefile = Total (MB) : 7854 | Free (MB) : 6408
Virtual = Total (MB) : 4194 | Free (MB) : 3995
 
C:\ -> [Fixed] | [eMachines] | Total : 136.95 Go | Free : 34.82 Go -> NTFS [SATA]
 
Registry saved, to restore :  Click on Options & Restore the register (C:\AdsFix\Save\Registry [22.07.2016 @ 22_20_47]) or an element
Restore files or folders deleted by mistake : Click on Options & Restore Files | Folders, Select an item >> "restore"
 
---------- | Windows Updates
 
Last detection : 2016-05-25 15:21:27
Last downloaded : 2016-07-18 05:29:11
Last installation : 2016-07-18 08:13:59
Next search : 2016-07-21 21:37:20
 
---------- | Browsers
 
IE : 11.0.9600.16428     (© Microsoft Corporation. All rights reserved.)
GC : 51.0.2704.103     (Copyright 2015 Google Inc. All rights reserved.)
 
---------- | Security (atcav : 0)
 
AV : Norton Security Suite Disabled
AS : Norton Security Suite Disabled
AM : Malwarebytes' Anti-Malware   (2.3.173.0)     [Update : 15/05/2014 15:17:01]
FW : Norton Security Suite Disabled
WMI : OK
WU: Windows Update Service [Auto(2)] = Order
AS: Windows Defender [Manual(3)] = Order
FW: Windows FireWall Service [Auto(2)] = Started
WMI: Windows Management Instrumentation (System Information) [Auto(2)] = Started
 
---------- | FlashPlayer
 
ActiveX : 11.8.800.168
 
---------- | Killed processes
 
4268 | [Owner :  |Parent : 576(services.exe)] - (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - (7.250.4225.0) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
 
---------- | Tasks
 
Deleted successfully : TechUtilities
 
 
---------- | Services
 
 
---------- | AppCertDlls | AppInit_DLLs
 
 
---------- | DNSapi.dll
 
C:\Windows\System32\dnsapi.dll : \drivers\etc\hosts
C:\Windows\SysWOW64\dnsapi.dll : \drivers\etc\hosts
 
---------- | Hosts
 
 
---------- | SafeBoot
 
 
---------- | Winsock
 
 
---------- | DNS
 
 
---------- | Register
 
Deleted successfully : HKLM\SOFTWARE\Classes\MEDVIEW.MedviewCtrl.141kn : Mediaview 1.41k Control     
Deleted successfully : HKLM\SOFTWARE\Classes\SaveAsGIF.cDIB : SaveAsGIF.cDIB     
Deleted successfully : HKLM\SOFTWARE\Classes\Xceed.BWTCompression : XceedBWTCompression Class     
Deleted successfully : HKLM\SOFTWARE\Classes\Xceed.BWTCompression.1 : XceedBWTCompression Class     
Deleted successfully : HKLM\SOFTWARE\Classes\Xceed.BZip2CompressionFormat.1 : XceedBZip2CompressionFormat Class     
Deleted successfully : HKLM\SOFTWARE\Classes\Xceed.Deflate64Compression.1 : XceedDeflate64Compression Class     
Deleted successfully : HKLM\SOFTWARE\Classes\Xceed.DeflateCompression.1 : XceedDeflateCompression Class     
Deleted successfully : HKLM\SOFTWARE\Classes\Xceed.Encryption.1 : XceedEncryption ActiveX     
Deleted successfully : HKLM\SOFTWARE\Classes\Xceed.GZipCompressionFormat.1 : XceedGZipCompressionFormat Class     
Deleted successfully : HKLM\SOFTWARE\Classes\Xceed.RijndaelEncryptionMethod : XceedRijndaelEncryptionMethod Class     
Deleted successfully : HKLM\SOFTWARE\Classes\Xceed.RijndaelEncryptionMethod.1 : XceedRijndaelEncryptionMethod Class     
Deleted successfully : HKLM\SOFTWARE\Classes\Xceed.RSAEncryptionMethod.1 : XceedRSAEncryptionMethod Class     
Deleted successfully : HKLM\SOFTWARE\Classes\Xceed.RSASigningMethod.1 : XceedRSASigningMethod Class     
Deleted successfully : HKLM\SOFTWARE\Classes\Xceed.SHAHashingMethod.1 : XceedSHAHashingMethod Class     
Deleted successfully : HKLM\SOFTWARE\Classes\Xceed.Signing.1 : XceedSigning Class     
Deleted successfully : HKLM\SOFTWARE\Classes\Xceed.StoreCompression : XceedStoreCompression Class     
Deleted successfully : HKLM\SOFTWARE\Classes\Xceed.StoreCompression.1 : XceedStoreCompression Class     
Deleted successfully : HKLM\SOFTWARE\Classes\Xceed.StreamingCompression.1 : XceedStreamingCompression ActiveX     
Deleted successfully : HKLM\SOFTWARE\Classes\Xceed.ZLibCompressionFormat : XceedZLibCompressionFormat Class     
Deleted successfully : HKLM\SOFTWARE\Classes\Xceed.ZLibCompressionFormat.1 : XceedZLibCompressionFormat Class     
Deleted successfully : HKLM\SOFTWARE\Classes\Applications\WeatherBugSetup.exe
Deleted successfully : HKLM\SOFTWARE\Classes\AppID\SoftwareUpdate.exe
Deleted successfully : HKLM\SOFTWARE\Classes\AppID\{6A070EEA-E3F8-411E-9D3A-F3814ED6D1A8} : SoftwareUpdateApp
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Classes\SaveAsGIF.clsGifSave : SaveAsGIF.clsGifSave     
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Classes\Xceed.BZip2CompressionFormat : XceedBZip2CompressionFormat Class     
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Classes\Xceed.DeflateCompression : XceedDeflateCompression Class     
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Classes\Xceed.GZipCompressionFormat : XceedGZipCompressionFormat Class     
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Classes\Xceed.RSAEncryptionMethod : XceedRSAEncryptionMethod Class     
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Classes\Xceed.SHAHashingMethod : XceedSHAHashingMethod Class     
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Classes\Xceed.StreamingCompression : XceedStreamingCompression ActiveX     
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Classes\Applications\WeatherBugStub.exe
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Classes\AppID\SoftwareUpdateAdmin.DLL
Deleted successfully : HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484} : C:\Program Files\Reimage\Reimage Repair\REI_Axcontrol.dll # 
Deleted successfully : HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB} : C:\Program Files\Reimage\Reimage Repair\REI_Axcontrol.dll # 
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1EF89626-358F-11D5-8071-0060082AE372}
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{231D1CF6-C578-411D-9B9B-48264355805D}
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2D594C78-EC80-11D4-8016-0060082AE372}
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3B547065-F434-11CF-824A-00AA006B1B5F}
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{43FD1592-3A84-11D5-8077-0060082AE372}
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{43FD1596-3A84-11D5-8077-0060082AE372}
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{444EC86F-03BD-4e9b-9FCD-A87407A78710} : C:\Windows\SysWOW64\XceedSco.dll # 
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{47D7ED16-3901-11D5-8074-0060082AE372} : C:\Windows\SysWOW64\XceedSco.dll # 
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7EC04D5B-19A8-45EE-BCB0-6FE0067F9468} : C:\Windows\SysWOW64\XceedCry.dll # 
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{8913C82B-385B-48c1-8AE0-5D837DB4ADC5}
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{90FDB7BD-EB76-4AC9-8385-D1EE80BBCDCD}
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9FF62CEC-3A69-11D5-8077-0060082AE372}
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A02A65C1-50E4-4E5D-B9D0-625D5DEBC671} : C:\Windows\SysWOW64\XceedCry.dll # 
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A0A61B00-96A6-457F-AA5E-AFA5167852E5}
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BBA63CAC-9913-4A13-9212-E97BB70C05C9}
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BEBDC1DF-D793-4F6C-B8FF-E831A1C2595C} : C:\Windows\SysWow64\bzpdfc.dll # 
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C3271080-C57A-4520-8066-337AD212D7E0}
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D3E95E1D-D003-42A0-91FD-465DC624BC7A} : C:\Windows\SysWOW64\XceedCry.dll # 
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D45FD2FC-5C6E-11D1-9EC1-00C04FD7081F} : C:\Windows\Msagent\AGENTSVR.EXE
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D865F1E7-BAC6-4ECA-B37B-0A5DDFF2D031}
Deleted successfully : HKLM\SOFTWARE\Classes\TypeLib\{4A19B209-EAEB-11D4-8014-0060082AE372} : C:\Windows\SysWOW64\XceedSco.dll
Deleted successfully : HKLM\SOFTWARE\Classes\TypeLib\{55A560A7-E3F9-4790-8D22-F3A97009AC8F} : C:\Windows\SysWOW64\XceedCry.dll
Deleted successfully : HKLM\SOFTWARE\Classes\TypeLib\{61CB5BFA-AFE6-4B0F-A4BB-7F3D4999EE52} : C:\Windows\SysWow64\bzpdfc.dll
Deleted successfully : HKLM\SOFTWARE\Classes\TypeLib\{73D1A59C-ABDD-407C-B0CE-C395B851B7EA} : C:\Program Files\Picture Resize\saveasgif.dll
Deleted successfully : HKLM\SOFTWARE\Classes\TypeLib\{74304480-AC4B-11D1-A50A-00C04FD7A1BD} : C:\PROGRA~2\COMMON~1\MICROS~1\Msinfo\MSIOFF9.OCX
Deleted successfully : HKLM\SOFTWARE\Classes\TypeLib\{760C4B74-E211-11D2-BF3E-00805FBE84A6} : C:\Windows\SysWow64\drmstor.dll
Deleted successfully : HKLM\SOFTWARE\Classes\TypeLib\{A7B93C73-7B81-11D0-AC5F-00C04FD97575} : C:\Windows\Msagent\AGENTSVR.EXE
Deleted successfully : HKLM\SOFTWARE\Classes\TypeLib\{D6589123-FC70-11D0-AC94-00C04FD97575} : C:\Windows\Msagent\AGENTSVR.EXE\2
Deleted successfully : HKLM\SOFTWARE\Classes\Interface\{02084676-181B-4E44-9E8A-7D2C38BFF609} : {55A560A7-E3F9-4790-8D22-F3A97009AC8F} # DXceedEncryption
Deleted successfully : HKLM\SOFTWARE\Classes\Interface\{04E2B652-35C8-11D5-8071-0060082AE372} : {4A19B209-EAEB-11D4-8014-0060082AE372} # DXceedStreamingCompression__0100
Deleted successfully : [HKU\S-1-5-21-214847889-3071151494-2151588813-1003\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]~[InstallConverter_brie.exe]
Deleted successfully : [HKU\S-1-5-21-214847889-3071151494-2151588813-1003\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted]~[C:\Users\Bleepingcomputer\Downloads\InstallConverter_brie.exe]
Deleted successfully : HKU\S-1-5-21-214847889-3071151494-2151588813-1003\SOFTWARE\Digital River
Deleted successfully : HKU\S-1-5-21-214847889-3071151494-2151588813-1003\SOFTWARE\AOL
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\CodeGear
Deleted successfully : [HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] : {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted successfully : [HKU\S-1-5-21-214847889-3071151494-2151588813-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope]
Deleted successfully : [HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope]
Deleted successfully : [HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope]
Deleted successfully : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope]
Deleted successfully : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope]
Deleted successfully : HKU\S-1-5-21-214847889-3071151494-2151588813-1003\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\39805143_0 : {0.0.0.00000000}.{1c266e38-86f5-4c4c-a874-d71834328770}|\Device\HarddiskVolume3\Windows\Msagent\AGENTSVR.EXE%b{00000000-0000-0000-0000-000000000000}
Deleted successfully : HKU\S-1-5-21-214847889-3071151494-2151588813-1003\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\cb68253d_0 : {0.0.0.00000000}.{1c266e38-86f5-4c4c-a874-d71834328770}|\Device\HarddiskVolume3\Program Files (x86)\HP DVD\Umbrella\HP DVD.exe%b{00000000-0000-0000-0000-000000000000}
Deleted successfully : HKU\S-1-5-21-214847889-3071151494-2151588813-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} : C:\Users\Bleepingcomputer\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7BD9A644-9DC6-42be-8872-CBF5524276BD} : %CommonProgramFiles%\Software Update Utility
Deleted successfully : HKLM\Software\Classes\Installer\Components\DFDE92CC2CB71D119A12000A9CE1A22A
Deleted successfully : HKLM\Software\Classes\Installer\Features\904010001E872D116BF00006799C897E : WORDWizAndTempFiles
Deleted successfully : HKLM\Software\Classes\Installer\Features\D409084BF37F37640B43A8F594C21948
Deleted successfully : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\516B7E0F2733E294203FFECFD932B027 : C:\Program Files (x86)\Blueberry Consultants\PDF Form Filler 2\DevExpress.Tutorials.v11.1.dll
Deleted successfully : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\72AE92CC2CB71D119A12000A9CE1A22A : C:\Windows\Msagent\AGENTSVR.EXE
Deleted successfully : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\SlimCleaner\]
Deleted successfully : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Program Files\Picture Resize\saveasgif.dll]
Deleted successfully : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]~[DVDTray] : C:\PROGRA~2\HPDVD~1\Umbrella\DVDTray.exe
 
---------- | Folders | Files
 
Deleted successfully : C:\Program Files\Picture Resize\saveasgif.dll     (.-.SaveAsGIF)     SaveAsGIF.dll
Deleted successfully : C:\Program Files (x86)\Everything
Deleted successfully : C:\Users\Public\Desktop\HP DVD.lnk     (.-.)     C:\Program Files (x86)\HP DVD\Umbrella\HP DVD.exe
Deleted successfully : C:\ProgramData\Start Menu\Software Updates.lnk     (.-.)     
Deleted successfully : C:\Users\tyl604\AppData\Local\{10C0BBF9-6C0B-4F0E-BE24-5D42718C2345}     (.-.)     
Deleted successfully : C:\Users\tyl604\AppData\Local\{B9C50C88-C48F-476C-95D2-787A4635285A}     (.-.)     
Deleted successfully : C:\Users\tyl604\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico     (.-.)     
Deleted successfully : C:\Users\Bleepingcomputer\AppData\Local\CrashRpt
Deleted successfully : C:\Users\Bleepingcomputer\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico     (.-.)     
Deleted successfully : C:\Users\Bleepingcomputer\Downloads\ReimageRepair (1).exe     (© Reimage 2015.-.Reimage Repair)     
Deleted successfully : C:\Users\Bleepingcomputer\Downloads\ReimageRepair.exe     (© Reimage 2015.-.Reimage Repair)     
Deleted successfully : C:\Users\Bleepingcomputer\Downloads\SlimCleaner-setup.exe     (Copyright SlimWare Utilities, Inc. 2011-2012.-.SlimCleaner)     SlimCleaner-setup.exe
Deleted successfully : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallConverter
Deleted successfully : C:\ProgramData\TechUtilities64
Deleted successfully : C:\Program Files (x86)\Common Files\lpuninstall.exe     (.-.)     
Deleted successfully : C:\Users\tyl604\AppData\Roaming\IObit
Deleted successfully : C:\ProgramData\IObit
Deleted successfully : C:\Program Files (x86)\IObit
Deleted successfully : C:\Program Files (x86)\McAfee Security Scan
 
---------- | .LNK
 
 
---------- | opening unknown extension
 
 
---------- | Proxy
 
 
---------- | Internet Explorer
 
Repaired : [HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]~[Start Page] : http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=21.1.0.18 -> https://www.google.com/
Repaired : [HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : C:\Windows\SysWOW64\blank.htm -> C:\Windows\System32\blank.htm
Repaired : [HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]~[Search Page] : http://securityresponse.symantec.com/avcenter/fix_homepage/ -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Repaired : [HKU\S-1-5-21-214847889-3071151494-2151588813-1003\SOFTWARE\Microsoft\Internet Explorer\Main]~[Start Page] : http://www.aol.com/ -> https://www.google.com/
Repaired : [HKU\S-1-5-21-214847889-3071151494-2151588813-1003\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : C:\Windows\SysWOW64\blank.htm -> C:\Windows\System32\blank.htm
Repaired : [HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]~[Start Page] : http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=21.1.0.18 -> https://www.google.com/
Repaired : [HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : C:\Windows\SysWOW64\blank.htm -> C:\Windows\System32\blank.htm
Repaired : [HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]~[Search Page] : http://securityresponse.symantec.com/avcenter/fix_homepage/ -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Repaired : [HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]~[Start Page] : http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=21.1.0.18 -> https://www.google.com/
Repaired : [HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : C:\Windows\SysWOW64\blank.htm -> C:\Windows\System32\blank.htm
Repaired : [HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]~[Search Page] : http://securityresponse.symantec.com/avcenter/fix_homepage/ -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Repaired : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main]~[Local Page] : C:\Windows\SysWOW64\blank.htm -> C:\Windows\System32\blank.htm
Repaired : [HKU\S-1-5-21-214847889-3071151494-2151588813-1003\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[Enabled] :  -> 2
Repaired : [HKU\S-1-5-21-214847889-3071151494-2151588813-1003\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[EnabledV8] :  -> 1
Repaired : [HKU\S-1-5-21-214847889-3071151494-2151588813-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonBadCertReceving] :  -> 1
Repaired : [HKU\S-1-5-21-214847889-3071151494-2151588813-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonHTTPSToHTTPRedirect] :  -> 1
 
---------- | Yandex
 
 
 
---------- | Google Chrome
 
Deleted successfully : C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Web Data     (.-.)     Reseted successfully : SearchURL
Deleted successfully : C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Preferences     (.-.)     Reseted successfully : Preferences 
Deleted successfully : C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences     (.-.)     Reseted successfully : Preferences 
Deleted successfully : C:\Users\tyl604\AppData\Local\Google\Chrome\User Data\Default\Web Data     (.-.)     Reseted successfully : SearchURL
Deleted successfully : C:\Users\tyl604\AppData\Local\Google\Chrome\User Data\Default\Preferences     (.-.)     Reseted successfully : Preferences 
Deleted successfully : C:\Users\tyl604\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences     (.-.)     Reseted successfully : Preferences 
Deleted successfully : C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\extensions\hdokiejnpimakedhajhdlcegeplioahd =  optional_permissions: [ nativeMessaging privacy history ]
Deleted successfully : C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\extensions\iikflkcanblccfahdhdonehdalibjnif =  key: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4OiZhL5/1WascgsIZ3E6l9Cm4UFQXTxkJH846oUDaWBvQ2/gQLRMhgn13lW66+jsYUiongY4JOUUd0uUPCu54uWA7bQXRGSO6e1XtQpSNkl7tuvKcjmTRPJXCkICJDFQcCNIVgQurqVSTUPPHyj3w4BIg1Q1tKDc9lOirjOxc7DBg6zFXhge3aujVcy1FITwTKW+iKXvbfkBXhqs1r577pppeZ4EAvxzu8ca2IVcFBevu3oaP08c8Ln5neNXPaBp5316kjKDhsTe/iB2xzYXa35iTtgYhEvB1688zURsY2OTO81h4GVe27gmp9yyHDaor1fxshXuyYp4MZ+zYpR5QIDAQAB
Deleted successfully : C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\System Profile\extensions\bbjllphbppobebmjpjcijfbakobcheof =  key: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxT02YhtD5aXE1dtEvxBxaRjRnyie0pnRZSDL8jDUjFvEFYK1UVK2wBERyPO8li9Pgn488eHcCuI2A2mc1O13Jh/fKlIAKyOreO2x73hfVDH6BSZ80QPjHf9YgpQ7Mf9ifaP+PpzkoVxOgF/zRuN1LO9G87EoQKqOilCV2xelZMQoO74jM0a7PHssyheokND/hTnNYrut0jF4zKVu9r0gQyLCnNX7N0fIIn2AWnVOpCvGJqBPd6V7m/lqOZbj5dJkHqXgf6F6dN0Tlxzy8Snff6gKf6Msah+UU7qnMkczIoUDZA+iaVXy9w8cvU8O/W8y0hBe+1civt4Cod8R35rzwIDAQAB
Deleted successfully : C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\System Profile\extensions\iikflkcanblccfahdhdonehdalibjnif =  key: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4OiZhL5/1WascgsIZ3E6l9Cm4UFQXTxkJH846oUDaWBvQ2/gQLRMhgn13lW66+jsYUiongY4JOUUd0uUPCu54uWA7bQXRGSO6e1XtQpSNkl7tuvKcjmTRPJXCkICJDFQcCNIVgQurqVSTUPPHyj3w4BIg1Q1tKDc9lOirjOxc7DBg6zFXhge3aujVcy1FITwTKW+iKXvbfkBXhqs1r577pppeZ4EAvxzu8ca2IVcFBevu3oaP08c8Ln5neNXPaBp5316kjKDhsTe/iB2xzYXa35iTtgYhEvB1688zURsY2OTO81h4GVe27gmp9yyHDaor1fxshXuyYp4MZ+zYpR5QIDAQAB
Deleted successfully : C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\System Profile\extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk =  description: RealPlayer HTML5Video Downloader Extension
Deleted successfully : C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\System Profile\extensions\lccekmodgklaepjeofjdjpbminllajkg =  key: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxhwmnepSrtvEcatE9K4SxOUTy6U1LNpuaT3BNr12cuehQT5YAGeUcgeIMQmE0/h/EefU53TcjUEn9vgE8+aSZW0VirROE36hfcWpqyxf9jh0mPRluLIxCW+ObD/B5YoXj0kxTWIaDQqKYBJyo+QCRwef5hwfAoUoDggnYDRHHG4z3mfZJ4duY2H3ISEw4/tsvAm8SxCZm+W6laCV0AkJxO+s4bNNC0z0Y5+G3nw24uV8cdMnfQcFUWJncnwqDSTUp7vOZb570Wv02TD+qhpA2rlF0/ym6edXoKzapR4+SQQllDXZ0yLZ3GQ6uf7IsCufSoYPoIsmYExHrlZbgVkWwIDAQAB
Deleted successfully : C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\System Profile\extensions\mkfokfffehpeedafpekjeddnmnjhmcmk = js: [ jquery.js docstart.js wcid.js wax.js toolbar.js SafeWeb/Scripts/Google.js SafeWeb/Scripts/Yahoo.js SafeWeb/Scripts/Shasta.js SafeWeb/Scripts/XPath.js SafeWeb/Scripts/Utils.js SafeWeb/Scripts/Ask.js SafeWeb/Scripts/Bing.js ]
Deleted successfully : C:\Users\tyl604\AppData\Local\Google\Chrome\User Data\Default\extensions\hdokiejnpimakedhajhdlcegeplioahd =  optional_permissions: [ nativeMessaging history privacy ]
Deleted successfully : C:\Users\tyl604\AppData\Local\Google\Chrome\User Data\Default\extensions\iikflkcanblccfahdhdonehdalibjnif =  key: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4OiZhL5/1WascgsIZ3E6l9Cm4UFQXTxkJH846oUDaWBvQ2/gQLRMhgn13lW66+jsYUiongY4JOUUd0uUPCu54uWA7bQXRGSO6e1XtQpSNkl7tuvKcjmTRPJXCkICJDFQcCNIVgQurqVSTUPPHyj3w4BIg1Q1tKDc9lOirjOxc7DBg6zFXhge3aujVcy1FITwTKW+iKXvbfkBXhqs1r577pppeZ4EAvxzu8ca2IVcFBevu3oaP08c8Ln5neNXPaBp5316kjKDhsTe/iB2xzYXa35iTtgYhEvB1688zURsY2OTO81h4GVe27gmp9yyHDaor1fxshXuyYp4MZ+zYpR5QIDAQAB
 
C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek =  : Google & co - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake =  : Google & co - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf =  : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx
C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo =  : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx
C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\extensions\boadgeojelhgndaghljhdicfkmllpafd =  :     __MSG_6392731103614271560__ -     Google Cast - 919648714761-b2gcrl9iu82luhiq2dpo7jnecikdnrlf.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx
C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\extensions\coobgpohoikkiipiblmjeljniedjpjpf =  : Google & co - http://www.google.com/webhp?source=search_app - Google & co - [*://www.google.com/search*://www.google.com/webhp*://www.google.com/imgres] - http://clients2.google.com/service/update2/crx
C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap =  : Google & co - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi =  :     __MSG_extDesc__ -     __MSG_extName__ - https://clients2.google.com/service/update2/crx
C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\extensions\nmgcfemagnogdodbambjhdcmfcpicngl =  :     Search safely online by enabling Norton Safe Search as your default search provider for maximum protection on Chrome. -     Norton Safe Search as default for Chrome - https://clients2.google.com/service/update2/crx
C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda =  : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx
C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia =  : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx
C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\System Profile\extensions\aapocclcgogkmnckokdopfmhonfmgoek =  : Google & co - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\System Profile\extensions\aohghmighlieiainnegkcijnfilokake =  : Google & co - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\System Profile\extensions\apdfllckaahabafndbhieahigkjlhalf =  : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx
C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\System Profile\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo =  : Google & co - http://www.youtube.com - http://www.youtube.com/?feature=ytca - Google & co - http://clients2.google.com/service/update2/crx
C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\System Profile\extensions\coobgpohoikkiipiblmjeljniedjpjpf =  : Google & co - http://www.google.com/webhp?source=search_app - Google & co - [*://www.google.com/search*://www.google.com/webhp*://www.google.com/imgres] - http://clients2.google.com/service/update2/crx
C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\System Profile\extensions\felcaaldnbdncclmgdcncolpebgiejap =  : Google & co - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\System Profile\extensions\gmlllbghnfkpflemihljekbapjopfjik =  :     Bookmark Manager -     Bookmark Manager - 610799782257-avhfi6rijk0n02t94linmllq54ool5kf.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx
C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\System Profile\extensions\nmmhkkegccagdldgiimedpiccmgmieda =  : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx
C:\Users\Bleepingcomputer\AppData\Local\Google\Chrome\User Data\System Profile\extensions\pjkljhegncpnkpknbcohdijeoejaedia =  : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx
C:\Users\tyl604\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek =  : Google & co - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\tyl604\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake =  : Google & co - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\tyl604\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf =  : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx
C:\Users\tyl604\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo =  : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx
C:\Users\tyl604\AppData\Local\Google\Chrome\User Data\Default\extensions\coobgpohoikkiipiblmjeljniedjpjpf =  : Google & co - http://www.google.com/webhp?source=search_app - Google & co - [*://www.google.com/search*://www.google.com/webhp*://www.google.com/imgres] - http://clients2.google.com/service/update2/crx
C:\Users\tyl604\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap =  : Google & co - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\tyl604\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi =  :     __MSG_extDesc__ -     __MSG_extName__ - https://clients2.google.com/service/update2/crx
C:\Users\tyl604\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda =  : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx
C:\Users\tyl604\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia =  : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx
 
---------- | Chromium
 
Deleted successfully : HKLM\SOFTWARE\Policies\Chromium
 
 
---------- | Comodo Dragon
 
 
 
---------- | Firefox
 
 
 
---------- | SeaMonkey
 
 
 
---------- | Pale moon
 
 
 
---------- | Opera
 
 
 
---------- | Spark
 
 
 
---------- | StartMenuInternet
 
Repaired : [HKLM\SOFTWARE\Clients\StartMenuInternet\IExplore.exe\shell\open\command]~[] : C:\Program Files\Internet Explorer\iexplore.exe -> "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
 
---------- | Javascript
 
 
---------- | Firewall
 
 
---------- | ADS
 
 
Other(s) report(s)
 
 
Analyzed : 538796 | Modified : 17 | Deleted : 128
 
---------- |EOF| ---------- | 02:53:40 | [42 Ko]
 
 
 
__________________________________________________
 
 
RstHosts:
 
-|x| RstHosts v2.0 - Rapport créé le 24/07/2016 à 09:51:07
-|x| Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
-|x| Nom d'utilisateur : Bleepingcomputer - TYL604-PC (Administrateur)
 
-|x|- Informations -|x|-
 
Emplacement : C:\Windows\System32\drivers\etc\hosts
Attribut(s) : RASH
Propriétaire : Administrators - BUILTIN
Taille : 89 bytes
Date de création : 13/07/2009 - 22:34:48
Date de modification : 24/07/2016 - 09:50:50
Date de dernier accès : 24/07/2016 - 09:50:50
 
-|x|- Contenu du fichier -|x|-
 
# Fichier Hosts créé par RstHosts
 
127.0.0.1       localhost
::1             localhost
 
-|x|- E.O.F - C:\RstHosts.txt - 636 bytes -|x|-
__________________________________________
 
Pre Scan:  apparently it gave me no log
 
_____________________________________
 
9Lab:
 
9-lab Removal Tool 1.0.0.39 BETA
9-lab.com
 
Database version: 0.0
 
Windows 7 Service Pack 1 (Version 6.1, Build 7601, 64-bit Edition)
Internet Explorer 9.11.9600.16428
Bleepingcomputer :: TYL604-PC
 
7/25/2016 9:15:50 PM
9lab-log-2016-07-25 (21-15-50).txt
 
Scan type: Full
Objects scanned: 15
Time Elapsed: 3 s
_______________________
 
 
Thanks for the help.  It just creeps.


#4 tyl604

tyl604
  • Topic Starter

  • Members
  • 373 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Atlanta, GA
  • Local time:11:51 AM

Posted 29 July 2016 - 12:43 PM

Inadequate - I just ran speedtest.net and the upload speed is about 11mbps and download is about 12mbps. 

 

This compares to 11 and 44 on my Gateway laptop.  So it is just creeping.  Ping is 12 compared to 16.



#5 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:11:51 AM

Posted 02 August 2016 - 04:28 PM

Hello tyl604,
 
Not sure if InadequateInfirmity will continue with this topic so I'll post a suggestion in here if that's okay? :)

There are quite a few things that have been removed from this machine, but one thing is quite worrying to me:

 

CoreTemp : 80 C

This temperature is way too high for a processor. Have you any experience opening the laptop up to remove any dust and/or debris from inside? For some people, this can be a very daunting task because there are quite a few small screws to remove spread around the underside of the laptop.

 

Additionally just FYI, download and upload speeds are affected largely by your internet provider, the cables connected, and/or ethernet card or aircard that's installed on the laptop. Slow download speeds aren't likely to be caused by malware.

 

Have you ever removed the covers of a laptop before?

 

bloopie



#6 tyl604

tyl604
  • Topic Starter

  • Members
  • 373 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Atlanta, GA
  • Local time:11:51 AM

Posted 02 August 2016 - 05:34 PM

Bloop - thanks for taking a look.  I am mechanically inclined so I am open to pulling apart this laptop.  Just do not know how to do it..  The two laptop speeds are based upon wireless connections to Comcast; both to the same Comcast network.  I was just assuming that 12 is not as good as 24 and it backs up my gut feeling that this laptop is running slow.  When I look at Task Manager, the ram which I assume is CPU usage looks OK; however, it is the processor that is always running at 100%.  I have not really looked at it before but I assume this cannot be the way it was spec'd to perform - not at 100% all the time - the only time that goes down is when I get out of the internet.

 

Any idea how I take this silly emachines laptop apart just enough to blow it out?  Assume I can use my hair dryer for that.

 

Thanks for the help.  What the heck is making the processor run at 100% all the time?   I wonder.  I would like to walk all the traps - beginning with Do I Have A Virus - and then maybe the forum about hardware and so on - until we find out what is making it run so slowly.  Can you help me through the maze?


Edited by tyl604, 02 August 2016 - 08:34 PM.


#7 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:11:51 AM

Posted 02 August 2016 - 09:03 PM

Hello again,

 

The help is my pleasure, and we can most certainly help (the hardware section as well!! :wink: )!

 

==========

 

CPU is central processing unit, RAM is random access memory, they are two different entities. Your logs don't show your CPU is running at 100% all the time.

CPU #1 value:27 %
Total Overall CPU Usage value:27 %

...and:

CPU #1 value:0 %
Total Overall CPU Usage value:0 %

 

The RAM is also known as "physical memory". Your system has 4GB, or 4000 MB, and the specs in the logs for your RAM show this:

Percentage of memory in use: 50%
Total physical RAM: 3836.05 MB
Available physical RAM: 1892.25 MB

...and:

RAM memory = Total (MB) : 3928 | Free (MB) : 1952

 

==========

 

As far as the logs go, your CPU and RAM (at the time the logs are taken anyway) are not being overworked. But your CPU (or processor) looks like it's overheating. It might be a good idea to clean out that laptop to prevent any permanent damage, but most certainly DO NOT use a hair dryer for this purpose!! You can purchase a simple aerosol can filled with compressed air for cleaning out computer equipment (there are many other choices and they're usually overpriced, but not too terribly...plus or minus $5/can USD).

 

A quick search on youtube yields a couple of results on taking apart that type of laptop (one such video here (you may also need a small screwdriver))...but you might not need to do the entire disassembly, just get the back cover off and see if you could clean it out from there. The most crucial areas are the cooling fans, and the CPU's heatsink (be sure not to let the fans rotate by the air movement from the can...hold the fan blades in place while blowing out the fans!).

 

If you don't feel comfortable doing this yourself, then I wouldn't suggest doing it...there are MANY small screws and a few are usually hidden underneath the battery pack. If you're not very precise with what you're taking apart, then you may forget to reassemble the keyboard cable, or similar. Take extreme caution if you've never done this before and be VERY precise!

 

==========

 

If you'd like more guidance with that process, then I'd suggest you create a new topic in the Internal Hardware section (provide a link back to this topic when posting your new topic). The Mods and Advisors can also help you check more precisely, the CPU's performance and possible overheating (some antimalware logs can be misleading).

 

Once you've made sure the laptop is not overheating, then we can continue here and fully clean out any remnants of malware on the machine. Sound good? :)

 

bloopie


Edited by bloopie, 02 August 2016 - 09:05 PM.
added first line


#8 tyl604

tyl604
  • Topic Starter

  • Members
  • 373 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Atlanta, GA
  • Local time:11:51 AM

Posted 02 August 2016 - 09:30 PM

Excellent.  This is very odd.  For months (I think) I have been looking at the Task Manager icon at the right of the tray which has green bars escalating up to 100%.  I am pretty sure that it has almost always been 100% as long as I am on the internet.  When I look at processes I see SvcHost taking up like 90%+ or sometimes Chrome open several times with usage that together takes it up to 100%; sometimes Dumprep takes a lot.  However not until a couple of weeks ago did I bother to see exactly what was at 100%.  When I looked I saw that RAM usage (pages) did not seem to be the problem; it was CPU that was running at 100%.

 

However as I type now with the icon showing, it does not demonstrate this high usage.  Do you think the tests/logs that inadequateinfirmity had me run could possibly have ferreted out and resolved the usage problem?

 

I am not worried about taking it apart.  Will do that as soon as I have a chance.  Will study the video that you recommended; thanks for that.

 

I love this forum.

 

PS - I can tell that this laptop is running much faster now.  Before when I pulled up this thread it would take maybe 2-3 minutes dragging the arrow on the right side to the bottom past all my logs.  Now it just drags right down.  Something good has happened.

 

Also I just looked at the very complicated disassembly and it is somewhat scary.  Any reason I could not just remove the cd/dvd table and blow in there with my can of compressed air???   The only problem I can think of is that I cannot hold the fan blades to prevent them from turning too fast.  What do you think?


Edited by tyl604, 02 August 2016 - 09:51 PM.


#9 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:11:51 AM

Posted 03 August 2016 - 05:35 PM

Hello again,
 

Now it just drags right down. Something good has happened.

Indeed, as I mentioned earlier, many things have been removed that were harmful so it's not a surprise that you've seen increase in system performance. That is exactly what we expect, and exactly what we want to see so that's good to hear! :)

 

==========

 

Also I just looked at the very complicated disassembly and it is somewhat scary.  Any reason I could not just remove the cd/dvd table and blow in there with my can of compressed air???   The only problem I can think of is that I cannot hold the fan blades to prevent them from turning too fast.  What do you think?

That's why I mentioned you may want some guidance with that...you could certainly try to simply blow it out with only removing the CD/DVD tray, I just don't know how effective it will be.

 

Holding the fan blades while blowing out, can usually be done with a (small size) paperclip, bent straight out. :wink:

 

==========

 

I would be sure to use extreme caution when (and if) you disconnect the keyboard cable...they can be tricky to get back in sometimes, and if you damage it...well, you know what that means...(a trip out to get another keyboard) :lol: !

 

If you'd like more guidance with the hardware end of things, it's best you create a new topic in that section (we don't want to flood this topic with hardware related maintenance...here is mainly for malware related advice).

 

The rest of your logs are looking pretty good, so as long as things are running much better, then you're free to finish up in the hardware section. If you're still not happy with things after cleaning the dust out, then come back and we'll take a closer look. :thumbup2:

 

bloopie



#10 tyl604

tyl604
  • Topic Starter

  • Members
  • 373 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Atlanta, GA
  • Local time:11:51 AM

Posted 03 August 2016 - 05:52 PM

Bloopie - going to stick in a paper clip and blow away.  Not comfortable doing more.  What can I run again to check the temp?  Was it Sophos or something else above?  Or is there a simple checkthetemp.com program???

 

 

Thanks.



#11 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:11:51 AM

Posted 04 August 2016 - 05:30 PM

Hello again,

 

There are quite a few to choose from. As mentioned, the mods and advisors in the hardware section of this site may have the best suggestions. My expertise is with malware removal. :wink:

 

But you could use any of the below:

Speccy

Speedfan

CoreTemp <---Lightweight application

 

And you may want to fully confirm the core temps with one of the programs above before tearing the laptop apart (unless you already have). It's certainly good maintenance to clean out the laptop once in a while anyway though. :thumbup2:

 

Hope that helps! :)

 

bloopie


Edited by bloopie, 04 August 2016 - 05:35 PM.
typo


#12 tyl604

tyl604
  • Topic Starter

  • Members
  • 373 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Atlanta, GA
  • Local time:11:51 AM

Posted 04 August 2016 - 05:42 PM

Bloop - thanks; I ran Speccy.  It is running at 55C now.  How does that look?  I have not blown it out yet.



#13 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:11:51 AM

Posted 05 August 2016 - 06:23 PM

Hello again,

 

That looks better. :) Keep an eye on it from time to time!

 

How is the system running now?

 

bloopie



#14 tyl604

tyl604
  • Topic Starter

  • Members
  • 373 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Atlanta, GA
  • Local time:11:51 AM

Posted 05 August 2016 - 06:26 PM

Just running great.  Thanks a lot.  Still not sure why Fast.com shows it running at 11mbps when my Gateway runs at 44 - both on the same Comcast feed - but the eMachines laptop is running so much better than before.  I can tell that it is some slower than the Gateway but that's OK.



#15 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:11:51 AM

Posted 08 August 2016 - 05:46 PM

Hello again, and sorry for the delay!
 
Okay glad to hear that!

Let's cleanup some of our tools then! :) :

Step :step1:

Uninstall adwCleaner:
  • Double click on adwcleaner.exe to run the tool.
  • Click on Uninstall.
  • Confirm with yes.
==========

Step :step2:

Download and Run Delfix:

bwebb7v.jpgDownload Delfix from here and save it to your desktop.
  • As seen in the image below, ensure Remove disinfection tools is checked.
delfix.jpg
  • Also place a checkmark next to:
    • Create registry backup
    • Purge system restore
  • Click the Run button.
  • When the tool is finished, a log will open in notepad. Please copy and paste the log in your next reply.
bloopie

Edited by bloopie, 08 August 2016 - 05:47 PM.
typo





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users