Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected machine Log Files.


  • This topic is locked This topic is locked
3 replies to this topic

#1 ZombiesAteMyCats

ZombiesAteMyCats

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:20 PM

Posted 28 October 2016 - 03:59 PM

I think I was supposed to post these logs here?  Here is the original post,

 

Here is Security Check Up log.

 

 Results of screen317's Security Check version 1.014 --- 12/23/15  
   x86 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Kaspersky Total Security   
Windows Defender           
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
 Mozilla Firefox (49.0.2)
 Google Chrome (53.0.2785.143)
 Google Chrome (54.0.2840.71)
 Google Chrome (SetupMetrics...)
````````Process Check: objlist.exe by Laurent````````  
 Kaspersky Lab Kaspersky Total Security 17.0.0 avp.exe  
 Kaspersky Lab Kaspersky Total Security 17.0.0 avpui.exe  
 Kaspersky Lab Kaspersky Secure Connection 1.0 ksde.exe  
 Kaspersky Lab Kaspersky Secure Connection 1.0 ksdeui.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
 

 

Here is Farbar Service Scanner Log.

 

Farbar Service Scanner Version: 27-01-2016
Ran by Guest1 (administrator) on 28-10-2016 at 00:53:16
Running from "C:\Users\Guest1\Desktop"
Microsoft Windows 10 Enterprise  (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


Security Center:
============


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is set to Demand. The default start type is Auto.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => File is digitally signed
C:\Windows\system32\Drivers\nsiproxy.sys => File is digitally signed
C:\Windows\system32\Drivers\afd.sys => File is digitally signed
C:\Windows\system32\Drivers\tdx.sys => File is digitally signed
C:\Windows\system32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\system32\dnsrslvr.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\mpssvc.dll => File is digitally signed
C:\Windows\system32\bfe.dll => File is digitally signed
C:\Windows\system32\Drivers\mpsdrv.sys => File is digitally signed
C:\Windows\system32\wscsvc.dll => File is digitally signed
C:\Windows\system32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\system32\wuaueng.dll => File is digitally signed
C:\Windows\system32\qmgr.dll => File is digitally signed
C:\Windows\system32\es.dll => File is digitally signed
C:\Windows\system32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\system32\ipnathlp.dll => File is digitally signed
C:\Windows\system32\iphlpsvc.dll => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed


**** End of log ****

-------------------------------------------------------------------------------------------------------------------------------------------------------------------------

 

 

Here is MiniToolBox Log.

 

MiniToolBox by Farbar  Version: 17-06-2016
Ran by Guest1 (administrator) on 27-10-2016 at 22:58:23
Running from "C:\Users\Guest1\Desktop"
Microsoft Windows 10 Enterprise  (X86)
Model: Inspiron 1545 Manufacturer: Dell Inc.
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================
========================= IP Configuration: ================================

Dell Wireless 1397 WLAN Mini-Card = Wi-Fi (Connected)
Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller = Ethernet (Media disconnected)
Kaspersky Security Data Escort Adapter = Ethernet 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : DESKTOP-4688MC6
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hsd1.mi.comcast.net.

Wireless LAN adapter Local Area Connection* 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 02-22-5F-55-2E-FF
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Ethernet:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
   Physical Address. . . . . . . . . : 00-23-AE-05-12-7D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Ethernet 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Kaspersky Security Data Escort Adapter
   Physical Address. . . . . . . . . : 00-FF-A7-2A-97-F5
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

   Connection-specific DNS Suffix  . : hsd1.mi.comcast.net.
   Description . . . . . . . . . . . : Dell Wireless 1397 WLAN Mini-Card
   Physical Address. . . . . . . . . : 00-22-5F-55-2E-FF
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2601:40b:c201:e90:1458:959e:65b6:1493(Preferred)
   Temporary IPv6 Address. . . . . . : 2601:40b:c201:e90:a065:8919:3f3a:c68b(Preferred)
   Link-local IPv6 Address . . . . . : fe80::1458:959e:65b6:1493%3(Preferred)
   IPv4 Address. . . . . . . . . . . : 10.0.0.26(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, October 27, 2016 2:35:57 PM
   Lease Expires . . . . . . . . . . : Thursday, November 3, 2016 2:35:57 PM
   Default Gateway . . . . . . . . . : fe80::200:caff:fe11:2233%3
                                       10.0.0.1
   DHCP Server . . . . . . . . . . . : 10.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 50340447
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1F-7F-37-0A-00-23-AE-05-12-7D
   DNS Servers . . . . . . . . . . . : 2001:558:feed::1
                                       2001:558:feed::2
                                       75.75.76.76
                                       75.75.75.75
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.hsd1.mi.comcast.net.:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : hsd1.mi.comcast.net.
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:90d7:40f:3485:bbd6:af73(Preferred)
   Link-local IPv6 Address . . . . . : fe80::40f:3485:bbd6:af73%8(Preferred)
   Default Gateway . . . . . . . . . :
   DHCPv6 IAID . . . . . . . . . . . : 100663296
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1F-7F-37-0A-00-23-AE-05-12-7D
   NetBIOS over Tcpip. . . . . . . . : Disabled
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  2001:558:feed::1

Name:    google.com
Addresses:  2607:f8b0:4009:811::200e
      172.217.6.14


Pinging google.com [2607:f8b0:4009:811::200e] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 2607:f8b0:4009:811::200e:
    Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),
Server:  cdns01.comcast.net
Address:  2001:558:feed::1

Name:    yahoo.com
Addresses:  2001:4998:58:c02::a9
      2001:4998:44:204::a7
      2001:4998:c:a06::2:4008
      98.138.253.109
      206.190.36.45
      98.139.183.24


Pinging yahoo.com [2001:4998:c:a06::2:4008] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 2001:4998:c:a06::2:4008:
    Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  2...02 22 5f 55 2e ff ......Microsoft Wi-Fi Direct Virtual Adapter
  4...00 23 ae 05 12 7d ......Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
  7...00 ff a7 2a 97 f5 ......Kaspersky Security Data Escort Adapter
  3...00 22 5f 55 2e ff ......Dell Wireless 1397 WLAN Mini-Card
  1...........................Software Loopback Interface 1
  6...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
  8...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.0.0.1        10.0.0.26     25
         10.0.0.0    255.255.255.0         On-link         10.0.0.26    281
        10.0.0.26  255.255.255.255         On-link         10.0.0.26    281
       10.0.0.255  255.255.255.255         On-link         10.0.0.26    281
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         10.0.0.26    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link         10.0.0.26    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  3    281 ::/0                     fe80::200:caff:fe11:2233
  1    306 ::1/128                  On-link
  8    306 2001::/32                On-link
  8    306 2001:0:9d38:90d7:40f:3485:bbd6:af73/128
                                    On-link
  3    281 2601:40b:c201:e90::/64   On-link
  3    281 2601:40b:c201:e90:1458:959e:65b6:1493/128
                                    On-link
  3    281 2601:40b:c201:e90:a065:8919:3f3a:c68b/128
                                    On-link
  3    281 fe80::/64                On-link
  8    306 fe80::/64                On-link
  8    306 fe80::40f:3485:bbd6:af73/128
                                    On-link
  3    281 fe80::1458:959e:65b6:1493/128
                                    On-link
  1    306 ff00::/8                 On-link
  3    281 ff00::/8                 On-link
  8    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\napinsp.dll [54784] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\NLAapi.dll [64000] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\winrnr.dll [23552] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\mswsock.dll [315232] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [315232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [315232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [315232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [315232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [315232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [315232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [315232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [315232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [315232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [315232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [315232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/27/2016 11:00:10 PM) (Source: ESENT) (User: )
Description: svchost (1640) SRUJet: An attempt to open the file "C:\Windows\system32\SRU\SRUDB.dat" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).

Error: (10/27/2016 11:00:00 PM) (Source: ESENT) (User: )
Description: svchost (1640) SRUJet: An attempt to open the file "C:\Windows\system32\SRU\SRUDB.dat" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).

Error: (10/27/2016 10:59:50 PM) (Source: ESENT) (User: )
Description: svchost (1640) SRUJet: An attempt to open the file "C:\Windows\system32\SRU\SRUDB.dat" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).

Error: (10/27/2016 10:59:40 PM) (Source: ESENT) (User: )
Description: svchost (1640) SRUJet: An attempt to open the file "C:\Windows\system32\SRU\SRUDB.dat" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).

Error: (10/27/2016 10:59:30 PM) (Source: ESENT) (User: )
Description: svchost (1640) SRUJet: An attempt to open the file "C:\Windows\system32\SRU\SRUDB.dat" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).

Error: (10/27/2016 10:59:20 PM) (Source: ESENT) (User: )
Description: svchost (1640) SRUJet: An attempt to open the file "C:\Windows\system32\SRU\SRUDB.dat" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).

Error: (10/27/2016 10:59:10 PM) (Source: ESENT) (User: )
Description: svchost (1640) SRUJet: An attempt to open the file "C:\Windows\system32\SRU\SRUDB.dat" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).

Error: (10/27/2016 10:59:00 PM) (Source: ESENT) (User: )
Description: svchost (1640) SRUJet: An attempt to open the file "C:\Windows\system32\SRU\SRUDB.dat" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).

Error: (10/27/2016 10:58:50 PM) (Source: ESENT) (User: )
Description: svchost (1640) SRUJet: An attempt to open the file "C:\Windows\system32\SRU\SRUDB.dat" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).

Error: (10/27/2016 10:58:40 PM) (Source: ESENT) (User: )
Description: svchost (1640) SRUJet: An attempt to open the file "C:\Windows\system32\SRU\SRUDB.dat" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).


System errors:
=============
Error: (10/27/2016 02:34:15 PM) (Source: DCOM) (User: DESKTOP-4688MC6)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}

Error: (10/27/2016 02:34:10 PM) (Source: DCOM) (User: DESKTOP-4688MC6)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca

Error: (10/27/2016 02:34:09 PM) (Source: Service Control Manager) (User: )
Description: The Sync Host_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (10/27/2016 12:10:53 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Sync Host_Session2 service to connect.

Error: (10/27/2016 12:10:45 PM) (Source: DCOM) (User: DESKTOP-4688MC6)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca

Error: (10/27/2016 12:10:42 PM) (Source: Service Control Manager) (User: )
Description: The Sync Host_Session2 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (10/27/2016 06:11:04 AM) (Source: Microsoft-Windows-Kernel-Power) (User: )
Description: 4

Error: (10/27/2016 06:02:50 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (10/26/2016 11:49:31 PM) (Source: Service Control Manager) (User: )
Description: The Sync Host_Session3 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (10/26/2016 11:12:07 PM) (Source: Service Control Manager) (User: )
Description: The Interactive Services Detection service terminated with the following error:
%%1 = Incorrect function.



Microsoft Office Sessions:
=========================
Error: (10/27/2016 11:00:10 PM) (Source: ESENT)(User: )
Description: svchost1640SRUJet: C:\Windows\system32\SRU\SRUDB.dat-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.

Error: (10/27/2016 11:00:00 PM) (Source: ESENT)(User: )
Description: svchost1640SRUJet: C:\Windows\system32\SRU\SRUDB.dat-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.

Error: (10/27/2016 10:59:50 PM) (Source: ESENT)(User: )
Description: svchost1640SRUJet: C:\Windows\system32\SRU\SRUDB.dat-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.

Error: (10/27/2016 10:59:40 PM) (Source: ESENT)(User: )
Description: svchost1640SRUJet: C:\Windows\system32\SRU\SRUDB.dat-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.

Error: (10/27/2016 10:59:30 PM) (Source: ESENT)(User: )
Description: svchost1640SRUJet: C:\Windows\system32\SRU\SRUDB.dat-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.

Error: (10/27/2016 10:59:20 PM) (Source: ESENT)(User: )
Description: svchost1640SRUJet: C:\Windows\system32\SRU\SRUDB.dat-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.

Error: (10/27/2016 10:59:10 PM) (Source: ESENT)(User: )
Description: svchost1640SRUJet: C:\Windows\system32\SRU\SRUDB.dat-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.

Error: (10/27/2016 10:59:00 PM) (Source: ESENT)(User: )
Description: svchost1640SRUJet: C:\Windows\system32\SRU\SRUDB.dat-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.

Error: (10/27/2016 10:58:50 PM) (Source: ESENT)(User: )
Description: svchost1640SRUJet: C:\Windows\system32\SRU\SRUDB.dat-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.

Error: (10/27/2016 10:58:40 PM) (Source: ESENT)(User: )
Description: svchost1640SRUJet: C:\Windows\system32\SRU\SRUDB.dat-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.


CodeIntegrity Errors:
===================================
  Date: 2016-10-24 19:08:24.985
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-17 15:19:52.475
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-08 14:40:40.126
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


=========================== Installed Programs ============================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.9.42606 - BitTorrent Inc.)
7-Zip 16.04 (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Bethesda.net Launcher (HKLM\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.0 - Bethesda Softworks)
Google Chrome (HKLM\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.31.5 - Google Inc.) Hidden
H1Z1: Just Survive (HKLM\...\Steam App 295110) (Version:  - Daybreak Game Company)
Itibiti RTC (HKLM\...\{730E03E4-350E-48E5-9D3E-4329903D454D}) (Version: 0.0.1 - Itibiti Inc) Hidden
Kaspersky Secure Connection (HKLM\...\{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Total Security (HKLM\...\{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Total Security (HKLM\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Mozilla Firefox 49.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 49.0.2 (x86 en-US)) (Version: 49.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 49.0.2 - Mozilla)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Revo Uninstaller 2.0.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.1 - VS Revo Group, Ltd.)
ROBLOX Player (HKLM\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
ROBLOX Player for Guest1 (HKCU\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Culling (HKLM\...\Steam App 437220) (Version:  - Xaviant)
WinRAR 5.40 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 40%
Total physical RAM: 3546.36 MB
Available physical RAM: 2126.54 MB
Total Virtual: 4826.36 MB
Available Virtual: 3341.37 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:297.6 GB) (Free:256.14 GB) NTFS

========================= Users: ========================================

User accounts for \\DESKTOP-4688MC6

Administrator            DefaultAccount           Guest                    
Guest1                   

========================= Restore Points ==================================

07-10-2016 17:32:22 PROPLUSR
15-10-2016 06:34:51 Scheduled Checkpoint
25-10-2016 11:03:55 Scheduled Checkpoint
27-10-2016 18:28:54 Revo Uninstaller's restore point - Chromium

**** End of log ****

-----------------------------------------------------------------------------------------------------------------------------------------------------------------------

 

 

Here is the 1st MalwareBytes scan log I ran another time as well, because the updater failed, so I manually updated it the rescanned.  I'll post that log as well.

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 10/27/2016
Scan Time: 11:13 PM
Logfile: scanlogMWBTs.txt
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.02.16.06
Rootkit Database: v2016.02.08.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 10
CPU: x86
File System: NTFS
User: Guest1

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 303141
Time Elapsed: 17 min, 9 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 8
PUP.Optional.ConsumerInput, HKU\S-1-5-21-839608152-3005494825-4226417111-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}, Quarantined, [acba0b5639606bcb6548bddd32d0827e],
PUP.Optional.ConsumerInput, HKU\S-1-5-21-839608152-3005494825-4226417111-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}, Quarantined, [acba0b5639606bcb6548bddd32d0827e],
PUP.Optional.ConsumerInput, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7D87094D-49E1-4C72-8C9E-3D937A119BE5}, Quarantined, [7aec2f327f1a55e107aaefb34db5aa56],
PUP.Optional.ConsumerInput, HKLM\SOFTWARE\CompeteInc, Quarantined, [3432c998b3e60f27ffba6d5d1fe43ec2],
PUP.Optional.WebDiscoverBrowser, HKLM\SOFTWARE\WebDiscoverBrowser, Quarantined, [7ee8dd84b1e8ef47acb1df6f1ce86d93],
PUP.Optional.WebDiscoverBrowser, HKU\S-1-5-18\SOFTWARE\WebDiscoverBrowser, Quarantined, [88def9688b0e0333fc5ee26c778dbb45],
PUP.Optional.WebDiscoverBrowser, HKU\S-1-5-21-839608152-3005494825-4226417111-1001\SOFTWARE\WebDiscoverBrowser, Quarantined, [056189d8673243f368f279d519eba759],
PUP.Optional.ProductSetup, HKU\S-1-5-21-839608152-3005494825-4226417111-1001\SOFTWARE\PRODUCTSETUP, Quarantined, [0e58124f73262412e9aaae4d8d76758b],

Registry Values: 3
PUP.Optional.ConsumerInput, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7D87094D-49E1-4C72-8C9E-3D937A119BE5}|AppPath, C:\Program Files\Consumer Input\InternetExplorer, Quarantined, [7fe71e43cacfb18531f1bb5b63a1c63a]
PUP.Optional.PCAcceleratePro, HKU\S-1-5-21-839608152-3005494825-4226417111-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|PCAcceleratePro.exe, 8888, Quarantined, [075fdd84afea75c1f24b252e1ee6b24e]
PUP.Optional.ProductSetup, HKU\S-1-5-21-839608152-3005494825-4226417111-1001\SOFTWARE\PRODUCTSETUP|tb, 0M2O2O1R0I1R1P1P1K0Y2V1L1R1F, Quarantined, [0e58124f73262412e9aaae4d8d76758b]

Registry Data: 0
(No malicious items detected)

Folders: 86
PUP.Optional.InstantSupport, C:\Users\Guest1\AppData\Roaming\InstantSupport, Quarantined, [f373b2af1d7cfe380b0560b9b153857b],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\adapter, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\abstractbutton, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\abstractbutton\background, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\alert, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\alert\background, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\embedhtml, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\embedhtml\background, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\embedhtml\html, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\embedhtml\js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\embedscript, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\embedscript\background, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\embedscript\html, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\embedscript\js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\flare, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\flare\background, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\flare\icons, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\generic, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\generic\background, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\link, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\link\background, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\menu, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\menu\background, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\menu\css, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\menu\html, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\menu\images, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\menu\js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\rss, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\rss\background, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\thirdparty, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\thirdparty\background, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\uninstall, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\uninstall\background, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\weather, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\weather\background, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\common, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\radio, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\radio\css, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\radio\js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\rss, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\rss\js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\test, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\topapps, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\topapps\css, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\topapps\js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\weather, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\weather\css, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\weather\js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\api, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\api\background, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\api\window, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\defaultSearch, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\defaultSearch\background, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\defaultSearch\foreground, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\moviereviews, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\moviereviews\background, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\moviereviews\css, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\moviereviews\html, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\moviereviews\js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\radio, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\radio\background, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\radio\css, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\radio\foreground, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\radio\radioWrapper, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\search, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\search\background, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\search\html, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\supertab, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\supertab\css, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\supertab\html, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\supertab\js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\_metadata, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\icons, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\images, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\native, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\native\libs, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\shared, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],

Files: 245
PUP.Optional.Compete, C:\Users\Guest1\AppData\Local\Temp\compete.exe, Quarantined, [d29465fc009939fdb5141feba95c3ac6],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_findyourmaps.dl.myway.com_0.localstorage, Quarantined, [cc9aa3be0c8d75c1bc32ca2617ecf808],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_findyourmaps.dl.myway.com_0.localstorage-journal, Quarantined, [00666cf55e3b57dfe7075b95d82ba25e],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_findyourmaps.dl.tb.ask.com_0.localstorage, Quarantined, [6cfa76eb524789ad797632be758e08f8],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_findyourmaps.dl.tb.ask.com_0.localstorage-journal, Quarantined, [3135a2bf8a0fd561e30c945c46bdf60a],
PUP.Optional.InstantSupport, C:\Users\Guest1\AppData\Roaming\InstantSupport\InstantSupport.cfg, Quarantined, [f373b2af1d7cfe380b0560b9b153857b],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\manifest.json, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\spent2.html, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\bg.html, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\buildVars, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\buildVars.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\companionSW.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\config.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\contentScript.css, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\contentScript.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\debug.html, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\debug.jade, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\spentJ.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\spentK.html, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\spentK.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\startup.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\stub.html, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\stubby.html, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\superFrame.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\toolbar.html, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\toolbar.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\toolbarUI.css, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\toolbarUI.html, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\toolbarUI.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\url.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\urlFragmentActions.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\webtooltab.cs.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\extension_toolbar_api.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\initWidgetWindow.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\newTabContentScript.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\options.html, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\spent.css, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\spent.html, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\spent.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\spent2.css, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\adapter\adapterUtil.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\adapter\widget-adapter.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\abstractbutton\background\abstractButton.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\alert\background\alertButton.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\embedhtml\background\embedHtmlWidget.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\embedhtml\html\embedHtmlTemplate.html, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\embedhtml\html\innerEmbedHtmlTemplate.html, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\embedhtml\js\embedHtmlUI.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\embedscript\background\embedScriptWidget.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\embedscript\html\embedScriptTemplate.html, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\embedscript\html\innerEmbedScriptTemplate.html, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\embedscript\js\embedScriptUI.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\flare\background\FlareWidget.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\flare\icons\Icon_Flare_blue.png, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\flare\icons\Icon_Flare_pink.png, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\flare\icons\Thumbs.db, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\generic\background\GenericWidget.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\link\background\linkButton.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\menu\README.txt, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\menu\background\menuButton.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\menu\css\menuframe.css, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\menu\html\menuframe.html, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\menu\images\right_arrow.png, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\menu\images\right_arrow_white.png, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\menu\js\jquery-1.7.1.min.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\menu\js\menuframe.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\menu\js\query-string.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\menu\js\underscore-1.3.1.min.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\rss\background\RssWidget.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\thirdparty\background\thirdPartyWidget.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\uninstall\background\uninstallButton.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\components\weather\background\weatherButton.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\js\bs.30.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\js\common.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\js\dynamic.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\js\enableDetect.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\js\eventListening.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\js\global.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\js\jquery-1.7.1.min.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\js\list-interaction.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\js\messageEventListener.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\js\navRedirector.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\js\paramReplacer.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\js\PartnerId.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\js\set.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\js\underscore-1.3.1.min.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\js\underscore-1.5.2.min.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\js\unifiedLogging.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widget-context-1.0.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\common\common.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\common\eventListening.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\common\jquery-1.7.1.min.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\common\list-interaction.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\common\set.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\common\underscore-1.3.1.min.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\radio\radio-widget.html, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\radio\css\radio-widget.css, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\radio\js\radio-custom.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\radio\js\radio-parser.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\radio\js\radio-widget-ui.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\radio\js\radio-widget.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\rss\rssWidget.html, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\rss\js\rss-widget-custom.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\rss\js\rss-widget-parse.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\rss\js\rss-widget.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\test\invalid.json, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\test\jquery.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\test\qunit.css, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\test\qunit.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\test\resource.json, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\test\resource.xml, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\test\testWidget.html, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\test\testWidget.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\topapps\widget.html, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\topapps\css\widget.css, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\topapps\js\nanigans-topapps-feed.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\topapps\js\topapps-config.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\topapps\js\widget.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\weather\weatherButton.html, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\weather\css\weatherButton.css, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\common\widget-api\widgets\weather\js\weather.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\api\background\ApiBasedWidget.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\api\background\widget-api-impl.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\api\window\hiddenWidgetWindow.html, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\api\window\hiddenWidgetWindow.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\api\window\hiddenWidgetWindowInit.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\api\window\widgetWindow.html, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\api\window\widgetWindow.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\defaultSearch\background\updateSearch.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\defaultSearch\background\updateSearchPromptBg.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\defaultSearch\foreground\07_buttons2.png, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\defaultSearch\foreground\08_buttons2.png, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\defaultSearch\foreground\defaultSearchModal.html, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\defaultSearch\foreground\defaultSearchModalInjector.css, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\defaultSearch\foreground\defaultSearchModalInjector.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\defaultSearch\foreground\tvf_btn_ok.png, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\defaultSearch\foreground\tvf_btn_ok2.png, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\defaultSearch\foreground\tvf_restart_alert_icon.png, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\defaultSearch\foreground\tvf_restart_icon.png, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\defaultSearch\foreground\updateSearchPromptFg.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\moviereviews\background\MovieReviewsWidget.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\moviereviews\css\movieReviews.css, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\moviereviews\html\movieReviews.html, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\moviereviews\js\movieReviews.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\radio\background\RadioWidget.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\radio\css\toolbar-item.css, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\radio\foreground\button.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\radio\radioWrapper\radioWrapper.html, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\radio\radioWrapper\radioWrapper.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\search\background\searchBox.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\search\html\searchSuggestions.css, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\search\html\searchSuggestions.html, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\search\html\searchSuggestions.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\search\html\searchSuggestionsInit.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\supertab\css\supertab.css, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\supertab\html\supertab.html, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\supertab\js\newtabfork.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\supertab\js\reporting.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\supertab\js\srchsugg.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\supertab\js\supertab.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\supertab\js\unifiedLogging.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\components\supertab\js\__utm.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\_metadata\computed_hashes.json, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\_metadata\verified_contents.json, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\icons\arrowSprite.png, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\icons\icon128.png, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\icons\icon16.png, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\icons\icon19disabled.png, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\icons\icon19on.png, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\icons\icon48.png, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\icons\tb_icon_search_disappearing_ask.png, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\images\233029117.png, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\images\233029131.png, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\images\233029146.png, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\images\233029150.png, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\images\233029159.png, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\images\233029165.png, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\images\233029166.png, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\images\233029167.png, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\images\233029197.png, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\images\233029214.png, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\images\down_arrow.png, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\images\IDR_PRODUCT_LOGO_16.png, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\images\IDR_WEBSTORE_ICON.png, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\images\magnifying_glass.png, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\images\RadioPlayerSprite.png, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\images\search_button.png, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\images\tvf_icon_guide.png, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\images\tvf_logo.png, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\images\wrench.png, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\js\chromeUtils.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\js\companionSWUtils.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\js\exeManager.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\js\exeManagerNMD.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\js\exePackageManager.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\js\focusManager.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\js\globalBlacklistManager.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\js\messaging.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\js\mutation_summary-min.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\js\mutation_summary.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\js\nativeMessagingDispatcher.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\js\newTabInfo.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\js\newTabInitialize.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\js\options.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\js\readLocalStorage.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\js\reservespacefortoolbar.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\js\reservespaceifenabled.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\js\scriptInjector.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\js\searchContext.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\js\settingsOverrides.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\js\toolbarCookieParser.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\js\toolbarPreinit.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\js\underscore-1.3.1.min.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\js\URILoaderContentScript.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\js\webTooltabAPI.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\js\Widget.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\js\widgetContentScriptInjectee.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\js\widgetFactory.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\js\widgetWindowManager.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\native\cache.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\native\ce.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\native\debug.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\native\ss.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\native\libs\jquery-1.7.1.min.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\native\libs\jquery-1.9.1.min.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\native\libs\underscore-1.5.2.min.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\shared\activePing.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\shared\buttonLogger.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\shared\competitorDnsList.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\shared\console.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\shared\FFPreferencesPersister.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\shared\httpTransport.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\shared\HttpURL.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\shared\internationalSearch.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\shared\LocalStoragePersister.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\shared\MindsparkGlobal.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\shared\MindsparkGlobal.unitTest.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\shared\MindsparkGlobalNotes.txt, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\shared\rsvp-latest.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\shared\searchSuggestLocale.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\shared\testHttpTransport.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\shared\unifiedLogger.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\shared\unifiedLogging.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\shared\universalConsole.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],
PUP.Optional.MindSpark, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpojjgpjdanckeifcpomniidgjdilk\12.303.10.33358_0\shared\utils.js, Quarantined, [95d13a278f0aa88e3c6250c1f70eb947],

Physical Sectors: 0
(No malicious items detected)


(end)

 

MBAM UPDATE FAIL LOG.

 

Malwarebytes Anti-Malware
www.malwarebytes.org


Update, 10/27/2016 11:09 PM, SYSTEM, DESKTOP-4688MC6, Manual, Failed, Unable to access update server,
Update, 10/27/2016 11:09 PM, SYSTEM, DESKTOP-4688MC6, Manual, Failed, Unable to access update server,
Update, 10/27/2016 11:10 PM, SYSTEM, DESKTOP-4688MC6, Manual, Failed, Unable to access update server,
Update, 10/27/2016 11:10 PM, SYSTEM, DESKTOP-4688MC6, Manual, Failed, Unable to access update server,
Update, 10/27/2016 11:12 PM, SYSTEM, DESKTOP-4688MC6, Manual, Failed, Unable to access update server,
Update, 10/27/2016 11:13 PM, SYSTEM, DESKTOP-4688MC6, Manual, Failed, Unable to access update server,
Scan, 10/27/2016 11:32 PM, SYSTEM, DESKTOP-4688MC6, Manual, Start:10/27/2016 11:13 PM, Duration:17 min 9 sec, Threat Scan, Completed, 0 Malware Detections, 342 Non-Malware Detections,
Update, 10/27/2016 11:40 PM, SYSTEM, DESKTOP-4688MC6, Manual, Failed, Unable to access update server,

(end)

-------------------------------------------------------------------------------------------------------------------------------------------------------------------------

 

 

MBAM ANTI-ROOTKIT System-Log.

 

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.3.1001

© Malwarebytes Corporation 2011-2012

OS version: 10.0.9200 Windows 10 x86

Account is Administrative

Internet Explorer version: 11.0.10240.16384

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 1.995000 GHz
Memory total: 3718627328, free: 2383589376

Downloaded database version: v2016.10.28.04
Downloaded database version: v2016.09.26.02
Downloaded database version: v2016.09.21.01
=======================================
Initializing...
Driver version: 0.3.0.4
------------ Kernel report ------------
     10/27/2016 23:47:54
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\halmacpi.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\System32\drivers\cmimcext.sys
\SystemRoot\System32\drivers\ntosext.sys
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\System32\drivers\FLTMGR.SYS
\SystemRoot\System32\drivers\ksecdd.sys
\SystemRoot\System32\drivers\clipsp.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\WindowsTrustedRT.sys
\SystemRoot\System32\drivers\WindowsTrustedRTProxy.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\drivers\akxklgqw.sys
\SystemRoot\System32\Drivers\klupd_klif_arkmon.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\DRIVERS\cm_km.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\system32\drivers\CEA.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\DRIVERS\klbackupdisk.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\storahci.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Wof.sys
\SystemRoot\System32\Drivers\NTFS.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\System32\drivers\wfplwfs.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\Drivers\klupd_klif_klbg.sys
\SystemRoot\system32\DRIVERS\kl1.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\klhk.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\system32\DRIVERS\klbackupflt.sys
\SystemRoot\system32\DRIVERS\klflt.sys
\SystemRoot\system32\drivers\filecrypt.sys
\SystemRoot\system32\drivers\tbs.sys
\SystemRoot\system32\DRIVERS\klif.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\klpd.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\klwfp.sys
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\klim6.sys
\SystemRoot\system32\DRIVERS\klwtp.sys
\SystemRoot\System32\drivers\vwififlt.sys
\SystemRoot\System32\drivers\pacer.sys
\SystemRoot\system32\drivers\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\system32\DRIVERS\kneps.sys
\SystemRoot\System32\drivers\gpuenergydrv.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\ahcache.sys
\SystemRoot\System32\drivers\kltap.sys
\SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_x86_a4832450a7024d49\CompositeBus.sys
\SystemRoot\System32\drivers\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\igdkmd32.sys
\SystemRoot\System32\drivers\usbuhci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\System32\drivers\portcls.sys
\SystemRoot\System32\drivers\drmk.sys
\SystemRoot\System32\drivers\bcmwl63l.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\System32\drivers\yk63x86.sys
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\system32\DRIVERS\klmouflt.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\system32\DRIVERS\klkbdflt.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\CmBatt.sys
\SystemRoot\System32\drivers\BATTC.SYS
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\DriverStore\FileRepository\swenum.inf_x86_b6707c73599dd1b6\swenum.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\system32\DRIVERS\HdAudio.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_storahci.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\drivers\USBSTOR.SYS
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\drivers\kbdhid.sys
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\win32kfull.sys
\SystemRoot\System32\win32kbase.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\System32\drivers\dxgmms2.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\storqosflt.sys
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\SystemRoot\System32\drivers\WpdUpFltr.sys
\SystemRoot\system32\drivers\lltdio.sys
\SystemRoot\system32\drivers\rspndr.sys
\SystemRoot\system32\drivers\mslldp.sys
\SystemRoot\system32\drivers\ndisuio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\system32\DRIVERS\kldisk.sys
\SystemRoot\system32\drivers\mmcss.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\drivers\vwifimp.sys
\SystemRoot\System32\drivers\tunnel.sys
\SystemRoot\System32\Drivers\klupd_klif_mark.sys
\??\C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys
\SystemRoot\System32\drivers\condrv.sys
\SystemRoot\System32\Drivers\klupd_klif_klark.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
----------- End -----------
Done!

Scan started
Database versions:
  main:    v2016.10.28.04
  rootkit: v2016.09.26.02

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff8bbf3030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8bbf4290, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff8bbf3030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff8b741030, DeviceName: \Device\00000028\, DriverName: \Driver\storahci\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 86B286B2

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 1024000
    Partition is bootable
    Partition file system is NTFS

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1026048  Numsec = 624113664
    Partition is not bootable
    Partition file system is NTFS

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

Disk Size: 320072933376 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 0
Drive: 1, DevicePointer: 0xffffffff87749628, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff87748020, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff87749628, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff8774ac70, DeviceName: \Device\00000036\, DriverName: \Driver\USBSTOR\
------------ End ----------
File "C:\Windows\System32\config\systemprofile\AppData\Local\DataSharing\Storage\DSTokenDB2.dat" is sparse (flags = 32768)
Scan finished
 

Rkill Log.

 

Rkill 2.8.4 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2016 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/28/2016 12:34:31 AM in x86 mode.
Windows Version: Windows 10 Enterprise

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

 * b06bdrv [Missing Service]
 * ebdrv [Missing Service]
 * iaLPSSi_GPIO [Missing Service]
 * iaLPSSi_I2C [Missing Service]
 * ibbus [Missing Service]
 * ksthunk [Missing Service]
 * mlx4_bus [Missing Service]
 * ndfltr [Missing Service]
 * PerfHost [Missing Service]
 * vpci [Missing Service]
 * WinMad [Missing Service]
 * WinVerbs [Missing Service]

 * NetTcpPortSharing => %systemroot%\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [Incorrect ImagePath]
 * swenum => \SystemRoot\System32\DriverStore\FileRepository\swenum.inf_x86_b6707c73599dd1b6\swenum.sys [Incorrect ImagePath]

 * PrintNotify => C:\Windows\system32\spool\drivers\W32X86\3\PrintConfig.dll [Incorrect ServiceDLL]

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * No issues found.

Program finished at: 10/28/2016 12:35:15 AM
Execution time: 0 hours(s), 0 minute(s), and 44 seconds(s)
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------

 

 

Report From Kaspersky.

 

28.10.2016 01.31.45    Detected object (file) deleted    C:\Users\Guest1\AppData\Local\Microsoft\Windows\INetCache\IE\67BRZU5L\optin[4].php    File: C:\Users\Guest1\AppData\Local\Microsoft\Windows\INetCache\IE\67BRZU5L\optin[4].php    Object name: not-a-virus:Monitor.Win32.RK.mr    Object type: Legitimate software that can be used by criminals to damage your computer or personal data    Time: 10/28/2016 1:31 AM
28.10.2016 01.11.44    Detected object (file) deleted    C:\Users\Guest1\AppData\Local\Temp\is-H8O4M.tmp\c11w.exe    File: C:\Users\Guest1\AppData\Local\Temp\is-H8O4M.tmp\c11w.exe    Object name: HEUR:Trojan-Downloader.Win32.Generic    Object type: Trojan program    Time: 10/28/2016 1:11 AM
28.10.2016 01.07.13    Detected object (file) deleted    C:\$Recycle.Bin\S-1-5-21-839608152-3005494825-4226417111-1001\$RTCH7KH\Sync.exe    File: C:\$Recycle.Bin\S-1-5-21-839608152-3005494825-4226417111-1001\$RTCH7KH\Sync.exe    Object name: not-a-virus:HEUR:AdWare.Win32.DealPly.gen    Object type: Adware    Time: 10/28/2016 1:07 AM
27.10.2016 17.05.11    Detected object (file) deleted    C:\Users\Guest1\AppData\Local\Temp\tmp9231747\setup.exe    File: C:\Users\Guest1\AppData\Local\Temp\tmp9231747\setup.exe    Object name: not-a-virus:HEUR:AdWare.Win32.DealPly.gen    Object type: Adware    Time: 10/27/2016 5:05 PM
27.10.2016 15.17.26    Detected object (file) deleted    C:\Users\Guest1\AppData\Local\Temp\c11w.exe    File: C:\Users\Guest1\AppData\Local\Temp\c11w.exe    Object name: HEUR:Trojan-Downloader.Win32.Generic    Object type: Trojan program    Time: 10/27/2016 3:17 PM
27.10.2016 12.29.07    Detected object (file) no longer available    C:\Users\Guest1\AppData\Roaming\50452B01-4F35-66F4-DAEA-1DC0B568C322\Filapuhehu.dat    File: C:\Users\Guest1\AppData\Roaming\50452B01-4F35-66F4-DAEA-1DC0B568C322\Filapuhehu.dat    Object name: Trojan.VBS.AutoRun.ag    Object type: Trojan program    Time: 10/27/2016 12:29 PM
26.10.2016 23.46.02    Detected object (system memory) disinfected    System Memory    System memory: System Memory    Object name: Trojan.Multi.GenAutorunReg.a    Object type: Trojan program    Time: 10/26/2016 11:46 PM

-------------------------------------------------------------------------------------------------------------------------------------------------------------------------

 

 

MBAM Log Scan2 After restart of its first scan and detection deletion.

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 10/28/2016
Scan Time: 1:01 AM
Logfile: MBAM-scanlog-after-restart.txt
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.10.27.07
Rootkit Database: v2016.09.26.02
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 10
CPU: x86
File System: NTFS
User: Guest1

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 273455
Time Elapsed: 22 min, 17 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 4
PUP.Optional.InstallCore, HKU\S-1-5-21-839608152-3005494825-4226417111-1001\SOFTWARE\csastats, Quarantined, [290a8d113e5cb2840d6122d8ad5636ca],
PUP.Optional.InstantSupport, HKU\S-1-5-21-839608152-3005494825-4226417111-1001\SOFTWARE\InSTab, Quarantined, [4ee5891509912c0a0532cc3039ca4db3],
PUP.Optional.PCAcceleratePro, HKU\S-1-5-21-839608152-3005494825-4226417111-1001\SOFTWARE\ACPTAB, Quarantined, [57dcf0ae0b8f48eeb6151ae29073d828],
PUP.Optional.SearchManager, HKU\S-1-5-21-839608152-3005494825-4226417111-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, Quarantined, [8aa92678a4f6b086bddf45867b87d32d],

Registry Values: 2
PUP.Optional.PCAcceleratePro, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|PCAcceleratePro.exe, 8888, Quarantined, [cd66d9c5c7d3ea4c7f6b08c40103dc24]
PUP.Optional.PCAcceleratePro, HKU\S-1-5-21-839608152-3005494825-4226417111-1001\SOFTWARE\ACPTAB|hb, 1, Quarantined, [57dcf0ae0b8f48eeb6151ae29073d828]

Registry Data: 0
(No malicious items detected)

Folders: 30
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\content, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\content\chrome, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\content\common, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\content\external, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\content\search, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\css, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\external, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\fonts, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\icons, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\icons\weather, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\images, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\_metadata, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\content, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\content\chrome, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\content\common, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\content\external, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\content\search, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\css, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\external, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\fonts, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\icons, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\icons\weather, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\images, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\_metadata, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],

Files: 163
PUP.Optional.ConsumerInput, C:\Users\Guest1\AppData\Local\Temp\uii.exe, Quarantined, [dd56d2ccdebc0333927ccbe7897bee12],
PUP.Optional.ExtInstaller, C:\Users\Guest1\AppData\Local\Temp\is-DGTLR.tmp\cui.exe, Quarantined, [ab888c12f3a71323e7713de2ae57b24e],
PUP.Optional.ConsumerInput, C:\Users\Guest1\AppData\Local\Temp\is-H8O4M.tmp\c11w.exe, Quarantined, [65ce643a54461c1a33e55062976d7789],
PUP.Optional.ConsumerInput, C:\Users\Guest1\AppData\Local\Temp\is-H8O4M.tmp\uii.exe, Quarantined, [d95a3b63f9a111259e70e4ce4aba758b],
PUP.Optional.BundleInstaller, C:\Users\Guest1\Downloads\scrap_mechanic.exe, Quarantined, [c66dc4da2c6e082e60d276a3db2aa35d],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bahkljhhdeciiaodlkppoonappfnheoi_0.localstorage, Quarantined, [e74c2a74287288ae0c0ac5321ce79967],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bahkljhhdeciiaodlkppoonappfnheoi_0.localstorage-journal, Quarantined, [1e159e002d6dcb6bf81e2dca9073e917],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pilplloabdedfmialnfchjomjmpjcoej_0.localstorage, Quarantined, [7bb82579039737ffcba70eecde25ce32],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\manifest.json, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\content\background.html, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\content\favicon.ico, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\content\newtab.html, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\content\chrome\common.js, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\content\chrome\lifecycle.js, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\content\chrome\settings.js, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\content\chrome\setup.js, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\content\chrome\utils.js, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\content\common\abtest.js, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\content\common\conf-sys.js, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\content\common\conf.js, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\content\common\nt_ptr.js, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\content\common\prefs-sys.js, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\content\common\prefs.js, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\content\common\settings-dev.js, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\content\common\udata.js, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\content\external\jquery-2.1.1.min.js, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\content\external\md5.min.js, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\content\external\string.min.js, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\content\external\underscore-min.js, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\content\search\AutoSuggest.js, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\content\search\contentscript.js, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\content\search\newtab-base.js, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\content\search\newtab-msg.js, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\content\search\search-engines.js, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\content\search\search-form.js, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\content\search\search-redirect.js, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\css\newtab.css, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\css\search.css, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\css\search2.css, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\css\styles.css, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\css\white_bg.css, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\external\normalize.css, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\fonts\HelveticaNeue-Thin.otf, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\fonts\neue-bold.woff, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\fonts\neue.woff, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\icons\128.png, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\icons\16.png, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\icons\48.png, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\icons\close.png, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\icons\weather\01d.svg, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\icons\weather\01n.svg, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\icons\weather\02d.svg, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\icons\weather\02n.svg, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\icons\weather\03d.svg, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\icons\weather\03n.svg, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\icons\weather\04d.svg, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\icons\weather\04n.svg, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\icons\weather\09d.svg, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\icons\weather\09n.svg, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\icons\weather\10d.svg, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\icons\weather\10n.svg, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\icons\weather\11d.svg, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\icons\weather\11n.svg, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\icons\weather\13d.svg, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\icons\weather\13n.svg, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\icons\weather\50d.svg, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\icons\weather\50n.svg, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\images\bg.jpg, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\images\bing.png, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\images\bluesky-bg.jpg, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\images\brush.png, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\images\clock.png, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\images\cloud.png, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\images\cupcake-bg.jpg, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\images\desk-bg.jpg, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\images\doodle.png, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\images\down.png, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\images\google.png, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\images\just-the-box.png, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\images\mountain-bg.jpg, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\images\pointer2.png, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\images\sea-bg.jpg, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\images\yahoo.png, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\skin\images\yahoo.svg, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\_metadata\computed_hashes.json, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager.ChrPRST, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.10.29_0\_metadata\verified_contents.json, Quarantined, [3cf75f3f54464cea82f1b710c33f1de3],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\manifest.json, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\content\background.html, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\content\favicon.ico, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\content\newtab.html, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\content\chrome\common.js, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\content\chrome\lifecycle.js, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\content\chrome\settings.js, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\content\chrome\setup.js, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\content\chrome\utils.js, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\content\common\abtest.js, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\content\common\conf-sys.js, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\content\common\conf.js, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\content\common\nt_ptr.js, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\content\common\prefs-sys.js, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\content\common\prefs.js, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\content\common\settings-dev.js, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\content\common\udata.js, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\content\external\jquery-2.1.1.min.js, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\content\external\md5.min.js, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\content\external\string.min.js, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\content\external\underscore-min.js, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\content\search\AutoSuggest.js, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\content\search\contentscript.js, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\content\search\newtab-base.js, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\content\search\newtab-msg.js, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\content\search\search-engines.js, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\content\search\search-form.js, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\content\search\search-redirect.js, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\css\newtab.css, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\css\search.css, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\css\search2.css, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\css\styles.css, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\css\white_bg.css, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\external\normalize.css, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\fonts\HelveticaNeue-Thin.otf, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\fonts\neue-bold.woff, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\fonts\neue.woff, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\icons\128.png, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\icons\16.png, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\icons\48.png, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\icons\close.png, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\icons\weather\01d.svg, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\icons\weather\01n.svg, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\icons\weather\02d.svg, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\icons\weather\02n.svg, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\icons\weather\03d.svg, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\icons\weather\03n.svg, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\icons\weather\04d.svg, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\icons\weather\04n.svg, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\icons\weather\09d.svg, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\icons\weather\09n.svg, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\icons\weather\10d.svg, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\icons\weather\10n.svg, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\icons\weather\11d.svg, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\icons\weather\11n.svg, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\icons\weather\13d.svg, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\icons\weather\13n.svg, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\icons\weather\50d.svg, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\icons\weather\50n.svg, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\images\bg.jpg, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\images\bing.png, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\images\bluesky-bg.jpg, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\images\brush.png, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\images\clock.png, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\images\cloud.png, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\images\cupcake-bg.jpg, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\images\desk-bg.jpg, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\images\doodle.png, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\images\down.png, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\images\google.png, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\images\just-the-box.png, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\images\mountain-bg.jpg, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\images\pointer2.png, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\images\sea-bg.jpg, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\images\yahoo.png, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\skin\images\yahoo.svg, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],
PUP.Optional.SearchManager, C:\Users\Guest1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.36_0\_metadata\verified_contents.json, Quarantined, [6bc8d0ce74261f170a2ed1358a7bcc34],

Physical Sectors: 0
(No malicious items detected)


(end)

------------------------------------------------------------------------------------------------------------------------------------------------------------------------

 

As of today I did another Scan with Kaspersky after doing all the previous stuff listed, and it found another Trojan.Downloader-win32.Generic Here is the log from Kaspersky.

 

28.10.2016 16.37.11    Detected object (file) deleted    C:\Users\Guest1\AppData\Local\Microsoft\Windows\INetCache\IE\Z211QR87\sci[1].exe//data0000//data0000    File: C:\Users\Guest1\AppData\Local\Microsoft\Windows\INetCache\IE\Z211QR87\sci[1].exe//data0000//data0000    Object name: HEUR:Trojan-Downloader.Win32.Generic    Object type: Trojan program    Time: 10/28/2016 4:37 PM
28.10.2016 16.37.11    Detected object (file) deleted    C:\Users\Guest1\AppData\Local\Microsoft\Windows\INetCache\IE\Z211QR87\sci[1].exe    File: C:\Users\Guest1\AppData\Local\Microsoft\Windows\INetCache\IE\Z211QR87\sci[1].exe    Object name:     Object type: Unknown object    Time: 10/28/2016 4:37 PM

 

Thanks for your time.



BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,007 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:20 AM

Posted 01 November 2016 - 07:48 PM

Greetings ZombiesAteMyCats and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far.

Please do this.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your Desktop. <<< Important
  • Double click the icon
  • Click Yes to the disclaimer
  • Make sure the Addition.txt box is checked
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST results
  • Addition log
  • System Summary Information

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,007 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:20 AM

Posted 04 November 2016 - 09:42 AM

Greetings,

===================================================

Do You Still Need Help?

It has been 3 days since my last post.
  • Do you still need help with this?
  • If you have not replied within 48 hours I will assume you have abandoned the Topic and it will be closed.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,007 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:20 AM

Posted 07 November 2016 - 10:15 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users