Catherine
-
Content Count
11 -
Joined
-
Last visited
Content Type
Profiles
Forums
Calendar
Posts posted by Catherine
-
-
All processes killed========== OTL ==========HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}\ deleted successfully.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC}\ not found.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ deleted successfully.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ not found.HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!HKEY_USERS\S-1-5-21-313159577-1753058699-2702243966-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!Registry key HKEY_USERS\S-1-5-21-313159577-1753058699-2702243966-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.Registry key HKEY_USERS\S-1-5-21-313159577-1753058699-2702243966-1001\Software\Microsoft\Internet Explorer\SearchScopes\{5239903F-EA48-456A-A1F8-0E737E1E7093}\ deleted successfully.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5239903F-EA48-456A-A1F8-0E737E1E7093}\ not found.Registry key HKEY_USERS\S-1-5-21-313159577-1753058699-2702243966-1001\Software\Microsoft\Internet Explorer\SearchScopes\{searchTerms}\ not found.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{searchTerms}\ not found.Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.C:\Users\Catherine\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} folder moved successfully.C:\Users\Catherine\AppData\Roaming\Mozilla\Extensions folder moved successfully.C:\Users\Catherine\AppData\Roaming\Mozilla\Firefox\Profiles\3dkt76nv.default\extensions folder moved successfully.C:\PROGRAM FILES (X86)\MSN TOOLBAR\PLATFORM\6.0.2282.0\FIREFOX\components folder moved successfully.C:\PROGRAM FILES (X86)\MSN TOOLBAR\PLATFORM\6.0.2282.0\FIREFOX\Chrome folder moved successfully.C:\PROGRAM FILES (X86)\MSN TOOLBAR\PLATFORM\6.0.2282.0\FIREFOX folder moved successfully.Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{25510184-5A38-4A99-B273-DCA8EEF6CD08}\ deleted successfully.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25510184-5A38-4A99-B273-DCA8EEF6CD08}\ not found.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{25510184-5A38-4A99-B273-DCA8EEF6CD08}\ not found.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25510184-5A38-4A99-B273-DCA8EEF6CD08}\ not found.Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.C:\Windows\Tasks\SparkTrust PC Cleaner Plus Startup.job moved successfully.C:\Windows\Tasks\SparkTrust Update Version3 Startup Task.job moved successfully.ADS C:\ProgramData\Temp:4EE95FE7 deleted successfully.ADS C:\ProgramData\Temp:30C74695 deleted successfully.ADS C:\ProgramData\Temp:A2A602F0 deleted successfully.ADS C:\ProgramData\Temp:94BD36A2 deleted successfully.ADS C:\ProgramData\Temp:D346F792 deleted successfully.ADS C:\ProgramData\Temp:9F38BF31 deleted successfully.ADS C:\ProgramData\Temp:E8B61305 deleted successfully.ADS C:\ProgramData\Temp:C72A744C deleted successfully.ADS C:\ProgramData\Temp:C7A094AF deleted successfully.ADS C:\ProgramData\Temp:63ABD638 deleted successfully.ADS C:\ProgramData\Temp:25FF8A61 deleted successfully.ADS C:\ProgramData\Temp:D4E0D1F1 deleted successfully.ADS C:\ProgramData\Temp:EFBD4447 deleted successfully.ADS C:\ProgramData\Temp:DA84DA4A deleted successfully.ADS C:\ProgramData\Temp:943FEF5D deleted successfully.ADS C:\ProgramData\Temp:EC2C753C deleted successfully.ADS C:\ProgramData\Temp:62D72D41 deleted successfully.ADS C:\ProgramData\Temp:E4E83517 deleted successfully.ADS C:\ProgramData\Temp:373E1720 deleted successfully.ADS C:\ProgramData\Temp:A7DA2BCD deleted successfully.========== COMMANDS ==========[EMPTYJAVA]User: All UsersUser: Catherine->Java cache emptied: 51034 bytesUser: DefaultUser: Default UserUser: GuestUser: PublicUser: Tom->Java cache emptied: 0 bytesTotal Java Files Cleaned = 0.00 mb[EMPTYFLASH]User: All UsersUser: Catherine->Flash cache emptied: 3611 bytesUser: DefaultUser: Default UserUser: Guest->Flash cache emptied: 798 bytesUser: PublicUser: Tom->Flash cache emptied: 891 bytesTotal Flash Files Cleaned = 0.00 mb[EMPTYTEMP]User: All UsersUser: Catherine->Temp folder emptied: 183433656 bytes->Temporary Internet Files folder emptied: 93147528 bytes->Java cache emptied: 0 bytes->FireFox cache emptied: 270685980 bytes->Google Chrome cache emptied: 372175295 bytes->Flash cache emptied: 0 bytesUser: Default->Temp folder emptied: 0 bytes->Temporary Internet Files folder emptied: 67 bytesUser: Default User->Temp folder emptied: 0 bytes->Temporary Internet Files folder emptied: 0 bytesUser: Guest->Temp folder emptied: 0 bytes->Temporary Internet Files folder emptied: 25812201 bytes->Flash cache emptied: 0 bytesUser: Public->Temp folder emptied: 0 bytesUser: Tom->Temp folder emptied: 0 bytes->Temporary Internet Files folder emptied: 67 bytes->Java cache emptied: 0 bytes->FireFox cache emptied: 6115831 bytes->Flash cache emptied: 0 bytes%systemdrive% .tmp files removed: 0 bytes%systemroot% .tmp files removed: 0 bytes%systemroot%\System32 .tmp files removed: 0 bytes%systemroot%\System32 (64bit) .tmp files removed: 0 bytes%systemroot%\System32\drivers .tmp files removed: 0 bytesWindows Temp folder emptied: 22353787 bytes%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 79232847 bytes%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 749 bytesRecycleBin emptied: 666871829 bytesTotal Files Cleaned = 1,640.00 mbC:\Windows\System32\drivers\etc\Hosts moved successfully.HOSTS file reset successfullyRestore point Set: OTL Restore PointOTL by OldTimer - Version 3.2.69.0 log created on 04282015_110547Files\Folders moved on Reboot...C:\Users\Catherine\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.File move failed. C:\Users\Catherine\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.PendingFileRenameOperations files...Registry entries deleted on Reboot...
-
Results of screen317's Security Check version 1.00Windows 7 Service Pack 1 x64 (UAC is enabled)Internet Explorer 11``````````````Antivirus/Firewall Check:``````````````Windows Firewall Enabled!Computer SecurityAntivirus up to date!`````````Anti-malware/Other Utilities Check:`````````Adobe Flash Player 17.0.0.169Google Chrome 36.0.1985.125 Google Chrome out of date!````````Process Check: objlist.exe by Laurent````````Malwarebytes Anti-Malware mbamservice.exeMalwarebytes Anti-Malware mbam.exeCharter Security Suite apps ComputerSecurity Anti-Virus\FSGK32.EXECharter Security Suite apps ComputerSecurity Anti-Virus\fssm32.exeMalwarebytes Anti-Malware mbamscheduler.exe`````````````````System Health check`````````````````Total Fragmentation on Drive C: 2%````````````````````End of Log``````````````````````
-
OTL Extras logfile created on: 4/27/2015 9:20:49 PM - Run 1OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Catherine\Downloads64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstationInternet Explorer (Version = 9.11.9600.17728)Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy3.75 Gb Total Physical Memory | 2.09 Gb Available Physical Memory | 55.80% Memory free7.49 Gb Paging File | 5.06 Gb Available in Paging File | 67.59% Paging File freePaging file location(s): ?:\pagefile.sys [binary data]%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)Drive C: | 282.82 Gb Total Space | 206.71 Gb Free Space | 73.09% Space Free | Partition Type: NTFSDrive D: | 14.98 Gb Total Space | 1.87 Gb Free Space | 12.51% Space Free | Partition Type: NTFSDrive E: | 3.19 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDFComputer Name: CATHERINE-HP | User Name: Catherine | Logged in as Administrator.Boot Mode: Normal | Scan Mode: All usersCompany Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days========== Extra Registry (SafeList) ==================== File Associations ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>].cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation).html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)[HKEY_USERS\S-1-5-21-313159577-1753058699-2702243966-1001\SOFTWARE\Classes\<extension>].html [@ = ChromeHTML] -- Reg Error: Key error. File not found========== Shell Spawning ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]batfile [open] -- "%1" %*cmdfile [open] -- "%1" %*comfile [open] -- "%1" %*cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)exefile [open] -- "%1" %*helpfile [open] -- Reg Error: Key error.htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)piffile [open] -- "%1" %*regfile [merge] -- Reg Error: Key error.scrfile [config] -- "%1"scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %lscrfile [open] -- "%1" /Stxtfile [edit] -- Reg Error: Key error.Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Folder [explore] -- Reg Error: Value error.Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.========== Security Center Settings ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]========== System Restore Settings ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]"DisableSR" = 0========== Firewall Settings ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall][HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile][HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]"DisableNotifications" = 0"EnableFirewall" = 1[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]"DisableNotifications" = 0"EnableFirewall" = 1[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]"DisableNotifications" = 0"EnableFirewall" = 1========== Authorized Applications List ==========[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]========== Vista Active Open Ports Exception List ==========[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]"{212F01E6-CD8D-497C-B3A0-CB5B9DABC2F9}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |"{26227169-1D10-4AE2-9F7C-451BDFF48511}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |"{373A58E8-C1BB-47D7-8986-91CF37972AD8}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |"{3BF99E4F-015B-4EE2-8146-92B3730F28BF}" = rport=445 | protocol=6 | dir=out | app=system |"{4495A9D7-E86C-4723-9CBE-7F294450CCA3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |"{5709672E-1CC6-4FAD-9768-51D4B8EEF4F2}" = rport=138 | protocol=17 | dir=out | app=system |"{5D0F8DE0-5465-4E98-9E24-C6D50D992A2B}" = lport=138 | protocol=17 | dir=in | app=system |"{5FE85E43-A246-482E-846C-A9B67A6BCDE7}" = lport=139 | protocol=6 | dir=in | app=system |"{6D9EBBDB-CCD1-4F55-976F-A98A7E231428}" = lport=445 | protocol=6 | dir=in | app=system |"{761F8376-220A-42F6-B8FD-3CF0D5F444EB}" = rport=139 | protocol=6 | dir=out | app=system |"{8B863AA4-1253-4BDA-8042-EDAAF4ED9EA6}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |"{8D068EBF-2C5F-49BD-A53E-EFA6800A9CC1}" = lport=137 | protocol=17 | dir=in | app=system |"{ACFF1D29-6DF8-465B-8112-6AB2786C761B}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |"{B1129A83-15F0-43CF-8877-A02D26B432C0}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |"{CE52B5B1-276D-4A90-A54E-228A789E0E9D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |"{D17FCD55-D283-493A-B664-E5C74197E343}" = rport=137 | protocol=17 | dir=out | app=system |========== Vista Active Application Exception List ==========[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]"{0023F4AC-9C35-44E3-8A60-4C3EFE56E6E7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |"{0B097130-8F73-48BC-A08F-4CCE3280C6E2}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp clouddrive\zumodrive.exe |"{0BBFE853-993F-4DC0-B0DB-0D70ED32D6BE}" = protocol=58 | dir=out | [email protected],-28546 |"{1C08DEF9-9602-4609-8984-602EA93BEA40}" = protocol=6 | dir=in | app=c:\program files (x86)\pogo games\pogodgc.exe |"{1DD0D249-EFDF-47B2-AE22-8A0B9E307A38}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |"{2ADD8651-C2AC-4541-9AC0-2236417C04C9}" = dir=out | app=c:\program files (x86)\hewlett-packard\hp clouddrive\zumodrive.exe |"{36A89647-696F-4B72-8F38-BB690BA04CB4}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |"{3729B70A-544C-47B9-9076-28BE8FDB045D}" = protocol=58 | dir=in | [email protected],-28545 |"{44AE4932-A859-4F9F-9742-345C8DD2767E}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |"{53CA439B-33E0-474B-8D29-031E9039FFA4}" = protocol=6 | dir=in | app=c:\program files (x86)\pogo games\webupdater.exe |"{7A281551-6A8D-499E-8E56-6A65B9B7CA89}" = dir=in | app=c:\program files\hp\hp photosmart 5510 series\bin\devicesetup.exe |"{7C60CEBE-44AE-442A-B883-EE68F6EFED10}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |"{87148635-2069-4492-8C92-8FE862FE1D31}" = protocol=17 | dir=in | app=c:\program files (x86)\pogo games\pogodgc.exe |"{929D2BB5-9BDD-4560-A6DF-8D5DA298E00C}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |"{A432C1F1-CA65-409E-8007-A090F53C8F06}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |"{ABA3E82F-1B24-4B86-B03F-BEA5311F8EB9}" = dir=in | app=c:\program files\hp\hp photosmart 5510 series\bin\hpnetworkcommunicator.exe |"{D0F9D0B6-50A4-4B9C-BD68-DD57205A6D76}" = protocol=17 | dir=in | app=c:\program files (x86)\roxio\roxionow player\rnowshell.exe |"{D3E0E7C4-49D4-4C0B-9DA9-F17BD5E8BB8C}" = protocol=6 | dir=in | app=c:\program files (x86)\roxio\roxionow player\rnowshell.exe |"{E40D21BF-A931-45B6-B48E-131F5A396E29}" = protocol=17 | dir=in | app=c:\program files (x86)\pogo games\webupdater.exe |"{E606A195-08AB-458C-9496-1A554FA277D0}" = protocol=1 | dir=in | [email protected],-28543 |"{F49CE8AC-82C8-42E8-AD45-F4F7ED211C1D}" = protocol=1 | dir=out | [email protected],-28544 |"TCP Query User{3D9742ED-FA38-44C5-A4AB-3A3A7F6B89F3}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |"UDP Query User{27B362CA-AB8B-4796-AE5B-ADBA9D05DF39}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |========== HKEY_LOCAL_MACHINE Uninstall List ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"{00000000-2778-5BED-8199-52EB14D8D22F}" = F-Secure CCF Reputation"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App"{53BA6504-F1CE-4604-970A-082021D39784}" = F-Secure CCF Scanning 1.51.112.309 (release)"{658FDBCA-B7A1-43E4-A849-9F0812473331}" = Computer Security 14.121.102.0 (release)"{6C7CA47E-11FC-4309-B602-12571A9BDD5B}" = Charter Security Suite"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010"{912D30CF-F39E-4B31-AD9A-123C6B794EE2}" = HP Update"{95140000-00AF-0409-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper"{B50345AE-60D0-48D7-AFD2-F0B1A07F2294}" = F-Secure SafeSearch 1.03.159.0 (release)"{D6D865A5-2703-4B26-A0AA-30B29C0696BC}" = Online Safety 2.115.2786.1676"{EFE33E35-9B0B-4CF9-AF8C-CBE93BB8E6FF}" = F-Secure Network CCF 1.03.102"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219"Adobe Flash Player ActiveX" = Adobe Flash Player 17 ActiveX"Adobe Flash Player NPAPI" = Adobe Flash Player 17 NPAPI"F-Secure ServiceEnabler 42626" = Charter Security Suite"Google Chrome" = Google Chrome"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.1.6.1022"Office14.Click2Run" = Microsoft Office Click-to-Run 2010========== HKEY_USERS Uninstall List ==========[HKEY_USERS\S-1-5-21-313159577-1753058699-2702243966-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]========== Last 20 Event Log Errors ==========[ Application Events ]Error - 4/27/2015 9:08:59 PM | Computer Name = Catherine-HP | Source = FSecure-FSecure-F-Secure DeepGuard | ID = 103Description = 21 2015-04-27 19:08:58-06:00 CATHERINE-HP SYSTEM F-Secure DeepGuardApplication was blocked. This was determined to be a high-risk application by systemcontrol heuristics. Application path: \\?\c:\program files\reimage\reimage protector\reiguard.exeFile hash: d58870535ebc629fcbd1122d929d851cf1804e7fError - 4/27/2015 9:29:31 PM | Computer Name = Catherine-HP | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103Description = 1 2015-04-27 19:29:31-06:00 CATHERINE-HP Catherine-HP\CatherineF-Secure Anti-Virus Crash detected. \Device\HarddiskVolume2\Windows\Tasks\GoogleUpdateTaskMachineCore.jobError - 4/27/2015 9:56:59 PM | Computer Name = Catherine-HP | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103Description = 1 2015-04-27 19:56:59-06:00 CATHERINE-HP Catherine-HP\CatherineF-Secure Anti-Virus Spyware detected: Type: riskware Family: Name: Gen:Variant.Application.BundlerObject: C:\Users\Catherine\Downloads\Java(2).exeError - 4/27/2015 9:57:19 PM | Computer Name = Catherine-HP | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103Description = 2 2015-04-27 19:57:19-06:00 CATHERINE-HP Catherine-HP\CatherineF-Secure Anti-Virus Spyware detected: Type: riskware Family: Name: Gen:Variant.Application.BundlerObject: C:\Users\Catherine\Downloads\Flash_Setup.exeError - 4/27/2015 9:57:43 PM | Computer Name = Catherine-HP | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103Description = 3 2015-04-27 19:57:43-06:00 CATHERINE-HP Catherine-HP\CatherineF-Secure Anti-Virus Malicious code found in file C:\Users\Catherine\AppData\Local\Installer\Install_26263\ytdi_bf4fca0ff8_setup.exe.Infection: Trojan.GenericKD.2079214 Action: The file was quarantined.Error - 4/27/2015 9:57:44 PM | Computer Name = Catherine-HP | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103Description = 4 2015-04-27 19:57:44-06:00 CATHERINE-HP Catherine-HP\CatherineF-Secure Anti-Virus Malicious code found in file C:\Users\Catherine\AppData\Local\Installer\Install_26312\ytdi_bf4fca0ff8_setup.exe.Infection: Trojan.GenericKD.2079214 Action: The file was quarantined.Error - 4/27/2015 9:57:44 PM | Computer Name = Catherine-HP | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103Description = 5 2015-04-27 19:57:44-06:00 CATHERINE-HP Catherine-HP\CatherineF-Secure Anti-Virus Malicious code found in file C:\Users\Catherine\AppData\Local\Installer\Install_26364\ytdi_bf4fca0ff8_setup.exe.Infection: Trojan.GenericKD.2079214 Action: The file was quarantined.Error - 4/27/2015 9:57:45 PM | Computer Name = Catherine-HP | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103Description = 6 2015-04-27 19:57:45-06:00 CATHERINE-HP Catherine-HP\CatherineF-Secure Anti-Virus Malicious code found in file C:\Users\Catherine\AppData\Local\Installer\Install_26413\ytdi_bf4fca0ff8_setup.exe.Infection: Trojan.GenericKD.2079214 Action: The file was quarantined.Error - 4/27/2015 10:24:52 PM | Computer Name = Catherine-HP | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103Description = 7 2015-04-27 20:24:52-06:00 CATHERINE-HP Catherine-HP\CatherineF-Secure Anti-Virus Spyware detected: Type: riskware Family: Name: Gen:Variant.Application.BundlerObject: C:\Users\Catherine\Downloads\Flash_Setup.exeError - 4/27/2015 10:25:16 PM | Computer Name = Catherine-HP | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103Description = 8 2015-04-27 20:25:16-06:00 CATHERINE-HP Catherine-HP\CatherineF-Secure Anti-Virus Spyware detected: Type: riskware Family: Name: Gen:Variant.Application.BundlerObject: C:\Users\Catherine\Downloads\Flash_Setup.exe[ Hewlett-Packard Events ]Error - 1/21/2012 7:01:01 PM | Computer Name = Catherine-HP | Source = Hewlett-Packard | ID = 0Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\011221040051.xmlFile not created by asset agentError - 4/27/2012 5:44:19 PM | Computer Name = Catherine-HP | Source = Hewlett-Packard | ID = 0Description =Error - 7/20/2012 4:44:08 PM | Computer Name = Catherine-HP | Source = Hewlett-Packard | ID = 0Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\071220024400.xmlFile not created by asset agentError - 9/15/2012 9:24:19 AM | Computer Name = Catherine-HP | Source = Hewlett-Packard | ID = 0Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\091215072411.xmlFile not created by asset agentError - 3/29/2013 12:07:01 PM | Computer Name = Catherine-HP | Source = Hewlett-Packard | ID = 0Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\031329100653.xmlFile not created by asset agentError - 4/26/2013 8:23:56 PM | Computer Name = Catherine-HP | Source = HPSF.exe | ID = 2000Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()Message:Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()Source:HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\ProgramFiles (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 3834RamUtilization: 50 TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()[ HP Software Framework Events ]Error - 11/14/2013 6:26:33 PM | Computer Name = Catherine-HP | Source = hpqWmiEx | ID = 5Description = 2013/11/14 15:26:33.801|000015E0|Error |ChpqWmiExModule::Start|Thehpqwmiex service failed to start (1063). A system restart may correct this problem.[ HP Wireless Assistant Events ]Error - 8/7/2013 12:33:46 PM | Computer Name = Catherine-HP | Source = HP WA Service | ID = 0Description = System.Runtime.InteropServices.COMException at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32errorCode, IntPtr errorInfo) at System.Management.ManagementObject.Initialize(BooleangetObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(StringpropertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()Error - 5/24/2014 6:41:33 AM | Computer Name = Catherine-HP | Source = HP WA Service | ID = 0Description = System.Runtime.InteropServices.COMException Call was canceled by themessage filter. (Exception from HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) atSystem.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode,IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Objecto) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObjectSearcher.Initialize()at System.Management.ManagementObjectSearcher.Get() at HPPA_Service.CurrentConfiguration.FindDevice(StringhostPath, String portName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__9(RadioHardwareradio) at System.Linq.Enumerable.WhereSelectListIterator`2.MoveNext() at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()at HPPA_Service.CurrentConfiguration.ReloadRadioList()Error - 7/9/2014 7:12:54 PM | Computer Name = Catherine-HP | Source = HP WA Service | ID = 0Description = System.Runtime.InteropServices.COMException Call was canceled by themessage filter. (Exception from HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) atSystem.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode,IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Objecto) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObjectSearcher.Initialize()at System.Management.ManagementObjectSearcher.Get() at HPPA_Service.CurrentConfiguration.FindDevice(StringhostPath, String portName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__9(RadioHardwareradio) at System.Linq.Enumerable.WhereSelectListIterator`2.MoveNext() at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()at HPPA_Service.CurrentConfiguration.ReloadRadioList()Error - 7/19/2014 5:53:43 PM | Computer Name = Catherine-HP | Source = HP WA Service | ID = 0Description = System.Runtime.InteropServices.COMException Call was canceled by themessage filter. (Exception from HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) atSystem.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode,IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Objecto) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(BooleangetObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(StringpropertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()Error - 8/23/2014 5:15:19 PM | Computer Name = Catherine-HP | Source = HP WA Service | ID = 0Description = System.Runtime.InteropServices.COMException Call was canceled by themessage filter. (Exception from HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) atSystem.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode,IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Objecto) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(BooleangetObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(StringpropertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()Error - 9/6/2014 5:15:35 PM | Computer Name = Catherine-HP | Source = HP WA Service | ID = 0Description = System.Runtime.InteropServices.COMException Call was canceled by themessage filter. (Exception from HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) atSystem.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode,IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Objecto) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(BooleangetObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(StringpropertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()Error - 9/17/2014 6:08:46 PM | Computer Name = Catherine-HP | Source = HP WA Service | ID = 0Description = System.Runtime.InteropServices.COMException at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32errorCode, IntPtr errorInfo) at System.Management.ManagementObject.Initialize(BooleangetObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(StringpropertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()Error - 2/12/2015 5:57:25 PM | Computer Name = Catherine-HP | Source = HP WA Application | ID = 0Description = HardwareAccess.UnableToConnectException Application.ApplicationStartup;failed to create hardware layer Error in the application. at HardwareAccess.Hardware..ctor(Dispatcherdispatcher, ServicePort port, Int32 timeout) at HardwareAccess.Hardware.Create(Dispatcherdispatcher, ServicePort port, Int32 timeout) at HPWA_Main.App.ApplicationStartup(Objectsender, StartupEventArgs args)Error - 2/12/2015 5:57:28 PM | Computer Name = Catherine-HP | Source = HP WA Application | ID = 0Description = MainWindow.ShowImpl; not initialized, closing application...Error - 4/7/2015 11:03:31 AM | Computer Name = Catherine-HP | Source = HP WA Application | ID = 0Description = System.Exception HardwareAccess hasn't been instantiated properly.at PAProgramAccess.Impl.UpdatePowerSchemeInformation(PowerScheme powerScheme)[ System Events ]Error - 4/27/2015 9:29:32 PM | Computer Name = Catherine-HP | Source = Service Control Manager | ID = 7031Description = The F-Secure Dll Hoster service terminated unexpectedly. It has donethis 2 time(s). The following corrective action will be taken in 10000 milliseconds:Restart the service.Error - 4/27/2015 9:29:33 PM | Computer Name = Catherine-HP | Source = Service Control Manager | ID = 7034Description = The HP Wireless Assistant Service service terminated unexpectedly.It has done this 1 time(s).Error - 4/27/2015 9:29:34 PM | Computer Name = Catherine-HP | Source = Service Control Manager | ID = 7034Description = The Application Virtualization Client service terminated unexpectedly.It has done this 1 time(s).Error - 4/27/2015 9:29:57 PM | Computer Name = Catherine-HP | Source = Service Control Manager | ID = 7031Description = The Windows Media Player Network Sharing Service service terminatedunexpectedly. It has done this 1 time(s). The following corrective action willbe taken in 30000 milliseconds: Restart the service.Error - 4/27/2015 9:29:58 PM | Computer Name = Catherine-HP | Source = Service Control Manager | ID = 7034Description = The HP Software Framework Service service terminated unexpectedly.It has done this 1 time(s).Error - 4/27/2015 9:29:59 PM | Computer Name = Catherine-HP | Source = Service Control Manager | ID = 7031Description = The Windows Presentation Foundation Font Cache 3.0.0.0 service terminatedunexpectedly. It has done this 1 time(s). The following corrective action willbe taken in 0 milliseconds: Restart the service.Error - 4/27/2015 9:30:27 PM | Computer Name = Catherine-HP | Source = Service Control Manager | ID = 7032Description = The Service Control Manager tried to take a corrective action (Restartthe service) after the unexpected termination of the Windows Media Player NetworkSharing Service service, but this action failed with the following error: %%1056Error - 4/27/2015 9:36:35 PM | Computer Name = Catherine-HP | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10003Description = WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\system32\athihvs.dllError - 4/27/2015 9:36:38 PM | Computer Name = Catherine-HP | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10003Description = WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\system32\athihvs.dllError - 4/27/2015 9:36:38 PM | Computer Name = Catherine-HP | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10003Description = WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\system32\athihvs.dll< End of report >
-
OTL logfile created on: 4/27/2015 9:20:49 PM - Run 1OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Catherine\Downloads64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstationInternet Explorer (Version = 9.11.9600.17728)Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy3.75 Gb Total Physical Memory | 2.09 Gb Available Physical Memory | 55.80% Memory free7.49 Gb Paging File | 5.06 Gb Available in Paging File | 67.59% Paging File freePaging file location(s): ?:\pagefile.sys [binary data]%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)Drive C: | 282.82 Gb Total Space | 206.71 Gb Free Space | 73.09% Space Free | Partition Type: NTFSDrive D: | 14.98 Gb Total Space | 1.87 Gb Free Space | 12.51% Space Free | Partition Type: NTFSDrive E: | 3.19 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDFComputer Name: CATHERINE-HP | User Name: Catherine | Logged in as Administrator.Boot Mode: Normal | Scan Mode: All usersCompany Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days========== Processes (SafeList) ==========PRC - [2015/04/27 21:17:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Catherine\Downloads\OTL.scrPRC - [2015/04/14 09:36:30 | 001,080,120 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exePRC - [2015/04/14 09:36:28 | 001,871,160 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exePRC - [2015/04/14 09:36:20 | 006,212,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exePRC - [2015/04/14 08:36:32 | 001,263,144 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\fssm32.exePRC - [2015/04/14 08:36:29 | 000,690,216 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\fsgk32.exePRC - [2015/03/09 08:31:56 | 000,060,456 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Charter Security Suite\apps\CCF_Reputation\fsorsp.exePRC - [2014/10/06 16:07:08 | 000,187,432 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Charter Security Suite\fshoster32.exePRC - [2014/09/18 04:29:04 | 000,310,312 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSM32.EXEPRC - [2014/09/18 04:29:04 | 000,216,104 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSMA32.EXEPRC - [2014/07/15 03:24:50 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exePRC - [2013/12/21 00:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exePRC - [2013/06/26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exePRC - [2013/06/26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exePRC - [2012/03/22 15:18:30 | 000,219,056 | ---- | M] () -- C:\Program Files (x86)\AT&T\AT&T Communication Manager\attcm_AppStart.exePRC - [2011/12/12 16:53:22 | 000,052,952 | ---- | M] () -- C:\Program Files\Smart PDF Creator Pro\SmartSoft PDF Printer Agent.exePRC - [2010/12/11 01:02:24 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe========== Modules (No Company Name) ==========MOD - [2015/02/04 11:12:58 | 000,592,936 | ---- | M] () -- C:\Windows\winsxs\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.482.79_none_b59ec33311fcd586\QtMultimediaKit1.dllMOD - [2014/09/18 04:28:54 | 000,056,360 | ---- | M] () -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\FSGUI\fsavures.engMOD - [2014/07/15 03:24:48 | 000,353,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppgooglenaclpluginchrome.dllMOD - [2014/07/15 03:24:46 | 014,664,008 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dllMOD - [2014/07/15 03:24:44 | 008,537,928 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dllMOD - [2014/07/15 03:24:38 | 000,718,664 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dllMOD - [2014/07/15 03:24:36 | 000,126,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dllMOD - [2014/07/15 03:24:35 | 001,732,936 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dllMOD - [2012/03/22 15:18:36 | 001,049,320 | ---- | M] () -- C:\Program Files (x86)\AT&T\AT&T Communication Manager\wxmsw28u_core_vc_custom.dllMOD - [2012/03/22 15:18:36 | 000,727,784 | ---- | M] () -- C:\Program Files (x86)\AT&T\AT&T Communication Manager\wxbase28u_vc_custom.dllMOD - [2012/03/22 15:18:36 | 000,034,304 | ---- | M] () -- C:\Program Files (x86)\AT&T\AT&T Communication Manager\resources\plugins\DiscoveryGeneric.pluginMOD - [2012/03/22 15:18:36 | 000,030,720 | ---- | M] () -- C:\Program Files (x86)\AT&T\AT&T Communication Manager\resources\plugins\DiscoveryVPorts.pluginMOD - [2012/03/22 15:18:36 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\AT&T\AT&T Communication Manager\resources\plugins\DiscoveryMobileBroadband.pluginMOD - [2012/03/22 15:18:36 | 000,019,968 | ---- | M] () -- C:\Program Files (x86)\AT&T\AT&T Communication Manager\resources\plugins\DiscoveryNdis.pluginMOD - [2012/03/22 15:18:36 | 000,017,920 | ---- | M] () -- C:\Program Files (x86)\AT&T\AT&T Communication Manager\resources\plugins\ContextSwitcher.pluginMOD - [2012/03/22 15:18:34 | 000,892,136 | ---- | M] () -- C:\Program Files (x86)\AT&T\AT&T Communication Manager\UIToolkit.dllMOD - [2012/03/22 15:18:34 | 000,629,480 | ---- | M] () -- C:\Program Files (x86)\AT&T\AT&T Communication Manager\Toolkit.dllMOD - [2012/03/22 15:18:34 | 000,399,080 | ---- | M] () -- C:\Program Files (x86)\AT&T\AT&T Communication Manager\WebClient.dllMOD - [2012/03/22 15:18:34 | 000,123,112 | ---- | M] () -- C:\Program Files (x86)\AT&T\AT&T Communication Manager\System.dllMOD - [2012/03/22 15:18:32 | 000,148,712 | ---- | M] () -- C:\Program Files (x86)\AT&T\AT&T Communication Manager\pcre3.dllMOD - [2012/03/22 15:18:32 | 000,061,160 | ---- | M] () -- C:\Program Files (x86)\AT&T\AT&T Communication Manager\DriveDetector.dllMOD - [2012/03/22 15:18:32 | 000,051,432 | ---- | M] () -- C:\Program Files (x86)\AT&T\AT&T Communication Manager\Preferences.dllMOD - [2012/03/22 15:18:30 | 000,376,040 | ---- | M] () -- C:\Program Files (x86)\AT&T\AT&T Communication Manager\Device.dllMOD - [2012/03/22 15:18:30 | 000,249,064 | ---- | M] () -- C:\Program Files (x86)\AT&T\AT&T Communication Manager\DB.dllMOD - [2012/03/22 15:18:30 | 000,219,056 | ---- | M] () -- C:\Program Files (x86)\AT&T\AT&T Communication Manager\attcm_AppStart.exeMOD - [2012/03/22 15:18:30 | 000,132,840 | ---- | M] () -- C:\Program Files (x86)\AT&T\AT&T Communication Manager\Discovery.dllMOD - [2012/03/22 15:18:30 | 000,099,560 | ---- | M] () -- C:\Program Files (x86)\AT&T\AT&T Communication Manager\ComCore.dllMOD - [2011/12/12 16:53:22 | 000,052,952 | ---- | M] () -- C:\Program Files\Smart PDF Creator Pro\SmartSoft PDF Printer Agent.exeMOD - [2010/11/22 16:00:58 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dllMOD - [2010/11/22 16:00:58 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dllMOD - [2010/11/22 16:00:58 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll========== Services (SafeList) ==========SRV - [2015/04/21 11:01:24 | 000,268,464 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)SRV - [2015/04/14 09:36:30 | 001,080,120 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)SRV - [2015/04/14 09:36:28 | 001,871,160 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)SRV - [2015/04/08 15:24:27 | 000,265,808 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)SRV - [2015/03/09 08:31:56 | 000,060,456 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\Charter Security Suite\apps\CCF_Reputation\fsorsp.exe -- (FSORSPClient)SRV - [2014/10/06 16:07:08 | 000,187,432 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\Charter Security Suite\fshoster32.exe -- (fshoster)SRV - [2014/09/18 04:29:04 | 000,216,104 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSMA32.EXE -- (FSMA)SRV - [2014/03/20 16:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)SRV - [2013/12/21 00:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)SRV - [2013/06/26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)SRV - [2013/06/26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)SRV - [2013/03/25 09:20:50 | 000,520,360 | ---- | M] (iWin Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Pogo Games\PGMTrusted.exe -- (PGMTrusted)SRV - [2013/03/06 02:21:52 | 000,039,056 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)SRV - [2012/03/22 15:18:30 | 000,055,728 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\AT&T\AT&T Communication Manager\AdminHelper.exe -- (AdminHelper.exe)SRV - [2011/06/24 11:44:16 | 000,317,296 | ---- | M] (Sierra Wireless, Inc.) [Auto | Running] -- C:\Program Files (x86)\Sierra Wireless Inc\Common\SwiCardDetect64.exe -- (SwiCardDetectSvc)SRV - [2010/09/11 03:02:22 | 000,399,344 | ---- | M] (Roxio) [On_Demand | Stopped] -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe -- (RoxioNow Service)========== Driver Services (SafeList) ==========DRV - [2015/04/16 09:21:25 | 000,090,152 | ---- | M] (F-Secure Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Charter Security Suite\apps\CCF_Scanning\bin\fsni64.sys -- (fsni)DRV - [2015/04/14 08:36:32 | 000,071,080 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\HIPS\drivers\fshs.sys -- (F-Secure HIPS)DRV - [2015/02/24 15:42:35 | 000,208,424 | ---- | M] (F-Secure Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)DRV - [2014/09/18 04:29:02 | 000,013,352 | ---- | M] () [Kernel | System | Running] -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys -- (fsvista)DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)========== Standard Registry (SafeList) ==================== Internet Explorer ==========IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.comIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.comIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.comIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSEIE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRCIE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBoxIE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}IE - HKU\S-1-5-21-313159577-1753058699-2702243966-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=U150&ocid=U150DHPIE - HKU\S-1-5-21-313159577-1753058699-2702243966-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-USIE - HKU\S-1-5-21-313159577-1753058699-2702243966-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 51 01 37 90 CE 66 CE 01 [binary data]IE - HKU\S-1-5-21-313159577-1753058699-2702243966-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.comIE - HKU\S-1-5-21-313159577-1753058699-2702243966-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}IE - HKU\S-1-5-21-313159577-1753058699-2702243966-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRCIE - HKU\S-1-5-21-313159577-1753058699-2702243966-1001\..\SearchScopes\{5239903F-EA48-456A-A1F8-0E737E1E7093}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=UTF-8&fr=w3i&type=W3i_DS,136,0_0,Search,20131148,20028,0,71,0IE - HKU\S-1-5-21-313159577-1753058699-2702243966-1001\..\SearchScopes\Yahoo: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=iwinIE - HKU\S-1-5-21-313159577-1753058699-2702243966-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0========== FireFox ==========FF - prefs.js..CT3239904.browser.search.defaultthis.engineName: trueFF - prefs.js..CT3286042.browser.search.defaultthis.engineName: "true"FF - prefs.js..CT3289663.browser.search.defaultthis.engineName: "true"FF - prefs.js..CT3289847.browser.search.defaultthis.engineName: "true"FF - prefs.js..CT3298570.browser.search.defaultthis.engineName: "true"FF - prefs.js..browser.search.defaultenginename: "Bing"FF - prefs.js..browser.search.order.1: "Ask Search"FF - prefs.js..browser.search.selectedEngine: "Bing"FF - prefs.js..browser.search.useDBForOrder: trueFF - prefs.js..extensions.enabledAddons: pluswinks%40PlusWinks:3.0.0.0FF - prefs.js..extensions.enabledAddons: msntoolbar%40msn.com:6.0FF - prefs.js..extensions.enabledAddons: 0c822a17-a68f-4066-9257-d229458d21ca%409c178d17-dc61-4aaf-b2da-1425ac7300ac.com:0.95.145FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:33.0FF - prefs.js..extensions.netassistant.keyword.url: "http://click.w3i.com/?Programid=132&Elementname=Keyword&Applicationid={3740200A-D7A6-4D90-A4DF-EBE0BB8308AF}&Version=3.6.5&Vintage=20120416&Defaultbrowserid=28&Productid=157&Vendorid=4880&Offerid=6894&searchterm="FF - user.js - File not foundFF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll ()FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not foundFF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll (Oberon-Media )FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.1.18: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.1.18: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\7\NP_wtapp.dll ()FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox [2011/03/05 09:02:23 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011/03/05 09:02:32 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011/01/26 15:27:28 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DAC3F861-B30D-40dd-9166-F4E75327FAC7}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/03/31 09:27:21 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/03/31 09:27:21 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{66f888e9-4011-4d6d-8e71-876089e7c956}: C:\Program Files (x86)\Charter Security Suite\apps\CCF_Scanning\bin\browser\deploy\fs_firefox_https [2015/02/04 11:21:46 | 000,000,000 | ---D | M][2013/06/04 16:18:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Catherine\AppData\Roaming\Mozilla\Extensions[2015/04/27 19:17:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Catherine\AppData\Roaming\Mozilla\Firefox\Profiles\3dkt76nv.default\extensions[2013/06/03 07:25:35 | 000,001,793 | ---- | M] () -- C:\Users\Catherine\AppData\Roaming\Mozilla\Firefox\Profiles\3dkt76nv.default\searchplugins\Bing.xml[2011/03/05 09:02:23 | 000,000,000 | ---D | M] (Bing Bar) -- C:\PROGRAM FILES (X86)\MSN TOOLBAR\PLATFORM\6.0.2282.0\FIREFOXFile not found (No name found) -- C:\USERS\CATHERINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3DKT76NV.DEFAULT\EXTENSIONS\0C822A17-A68F-4066-9257-D229458D21CA@9C178D17-DC61-4AAF-B2DA-1425AC7300AC.COMFile not found (No name found) -- C:\USERS\CATHERINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3DKT76NV.DEFAULT\EXTENSIONS\[email protected][2013/03/31 09:26:40 | 000,124,504 | ---- | M] (RealPlayer) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll========== Chrome ==========CHR - plugin: Error reading preferences fileCHR - Extension: Google Docs = C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\CHR - Extension: Google Drive = C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\CHR - Extension: YouTube = C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\CHR - Extension: Google Search = C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\CHR - Extension: RealDownloader = C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.1_0\CHR - Extension: Google Wallet = C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\CHR - Extension: Gmail = C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\O1 HOSTS File: ([2014/07/26 09:26:00 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hostsO1 - Hosts: 127.0.0.1 localhostO2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)O2 - BHO: (Browsing Protection) - {45BBE08D-81C5-4A67-AF20-B2A077C67747} - C:\Program Files (x86)\Charter Security Suite\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https.dll (F-Secure Corporation)O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)O4 - HKLM..\Run: [] File not foundO4 - HKLM..\Run: [attcm_AppStart.exe] C:\Program Files (x86)\AT&T\AT&T Communication Manager\attcm_AppStart.exe ()O4 - HKLM..\Run: [F-Secure Hoster (42626)] C:\Program Files (x86)\Charter Security Suite\fshoster32.exe (F-Secure Corporation)O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSM32.EXE (F-Secure Corporation)O4 - HKU\S-1-5-21-313159577-1753058699-2702243966-1001..\Run: [HP Photosmart 5510 series (NET)] C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-21-313159577-1753058699-2702243966-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-21-313159577-1753058699-2702243966-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKU\S-1-5-21-313159577-1753058699-2702243966-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)O9 - Extra 'Tools' menuitem : SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe File not foundO9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe File not foundO13 - gopher Prefix: missingO15 - HKU\S-1-5-21-313159577-1753058699-2702243966-1001\..Trusted Domains: ecollege.com ([]* in Trusted sites)O15 - HKU\S-1-5-21-313159577-1753058699-2702243966-1001\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)O15 - HKU\S-1-5-21-313159577-1753058699-2702243966-1001\..Trusted Domains: kaplan.edu ([]* in Trusted sites)O15 - HKU\S-1-5-21-313159577-1753058699-2702243966-1001\..Trusted Domains: kucourses.com ([]* in Trusted sites)O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab (Microsoft Office Template and Media Control)O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab (PCPitstop Utility)O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7C413551-5001-4EBE-9365-9DFA8947F2D4}: DhcpNameServer = 192.168.1.1O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ED4A0A7E-FDE4-40D9-8D6E-CC71C8D5EC16}: DhcpNameServer = 69.144.127.53 71.10.216.1 71.10.216.2O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.O32 - HKLM CDRom: AutoRun - 1O34 - HKLM BootExecute: (autocheck autochk *)O35 - HKLM\..comfile [open] -- "%1" %*O35 - HKLM\..exefile [open] -- "%1" %*O37 - HKLM\...com [@ = ComFile] -- "%1" %*O37 - HKLM\...exe [@ = exefile] -- "%1" %*O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)========== Files/Folders - Created Within 30 Days ==========[2015/04/27 19:41:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware[2015/04/27 19:41:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware[2015/04/27 19:28:00 | 000,000,000 | ---D | C] -- C:\RegBackup[2015/04/16 13:46:30 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll[2015/04/16 13:46:30 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll[2015/04/16 13:46:30 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe[2015/04/16 13:46:30 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll[2015/04/16 13:46:29 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll[2015/04/16 13:46:15 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll[2015/04/16 13:45:50 | 003,920,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe[2015/04/16 13:45:49 | 003,976,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe[2015/04/16 13:45:47 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe[2015/04/16 13:45:47 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe[2015/04/16 13:45:46 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll[2015/04/16 13:45:46 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll[2015/04/16 13:45:46 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll[2015/04/16 13:45:45 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll[2015/04/16 13:45:45 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll[2015/04/16 13:45:45 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll[2015/04/16 13:45:45 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll[2015/04/16 13:45:45 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll[2015/04/16 13:45:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll[2015/04/16 13:45:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll[2015/04/16 13:45:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll[2015/04/16 13:45:44 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll[2015/04/16 13:45:44 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll[2015/04/16 13:45:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll[2015/04/16 13:45:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll[2015/04/16 13:45:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll[2015/04/16 13:45:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll[2015/04/16 13:45:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll[2015/04/16 13:45:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll[2015/04/16 13:45:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll[2015/04/16 13:45:43 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll[2015/04/16 13:45:43 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll[2015/04/16 13:45:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll[2015/04/16 13:45:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll[2015/04/16 13:45:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll[2015/04/16 13:45:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll[2015/04/16 13:45:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll[2015/04/16 13:45:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll[2015/04/16 13:45:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll[2015/04/16 13:45:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll[2015/04/16 13:45:42 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll[2015/04/16 13:45:42 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe[2015/04/16 13:45:42 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll[2015/04/16 13:45:42 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe[2015/04/16 13:45:40 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll[2015/04/16 13:45:39 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll[2015/04/16 13:45:06 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll[2015/04/16 13:45:06 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll[2015/04/16 13:45:06 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll[2015/04/16 13:45:05 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll[2015/04/16 13:45:03 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll[2015/04/16 13:44:59 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll[2015/04/16 13:44:59 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll[2015/04/16 13:44:58 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl[2015/04/16 13:44:57 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll[2015/04/16 13:44:56 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll[2015/04/16 13:44:56 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe[2015/04/16 13:44:52 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll[2015/04/16 13:44:51 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec[2015/04/16 13:44:51 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll[2015/04/16 13:44:21 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\clfsw32.dll[2015/04/05 19:26:31 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\GWX========== Files - Modified Within 30 Days ==========[2015/04/27 21:01:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job[2015/04/27 21:01:00 | 000,000,264 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Messager.job[2015/04/27 20:59:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job[2015/04/27 20:50:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat[2015/04/27 20:27:24 | 000,000,606 | ---- | M] () -- C:\Windows\tasks\SparkTrust PC Cleaner Plus Startup.job[2015/04/27 20:27:24 | 000,000,482 | ---- | M] () -- C:\Windows\tasks\SparkTrust Update Version3 Startup Task.job[2015/04/27 20:27:20 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job[2015/04/27 20:26:36 | 3015,888,896 | -HS- | M] () -- C:\hiberfil.sys[2015/04/27 19:41:40 | 000,001,062 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk[2015/04/27 19:28:07 | 000,000,207 | ---- | M] () -- C:\Windows\tweaking.com-regbackup-CATHERINE-HP-Windows-7-Home-Premium-(64-bit).dat[2015/04/27 19:19:25 | 000,000,653 | ---- | M] () -- C:\Windows\tasks\SparkTrust PC Cleaner Plus_sch_409E1657-ED37-11E4-B47E-64315086D795.job[2015/04/27 14:06:12 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForCATHERINE-HP$.job[2015/04/22 11:01:03 | 000,033,799 | ---- | M] () -- C:\Users\Catherine\Desktop\John Conquer Root.rtf[2015/04/22 09:32:35 | 000,001,191 | ---- | M] () -- C:\Users\Catherine\Desktop\DOB15B81 Handouts - Shortcut.lnk[2015/04/22 09:32:04 | 000,001,273 | ---- | M] () -- C:\Users\Catherine\Desktop\Commonly Abused Drugs - Shortcut.lnk[2015/04/22 09:31:51 | 000,001,354 | ---- | M] () -- C:\Users\Catherine\Desktop\Drugs in the Detention Setting - Shortcut.lnk[2015/04/22 09:31:15 | 000,001,192 | ---- | M] () -- C:\Users\Catherine\Desktop\Instructions - Shortcut.lnk[2015/04/22 09:31:09 | 000,001,228 | ---- | M] () -- C:\Users\Catherine\Desktop\Instructions (3) - Shortcut.lnk[2015/04/22 09:31:03 | 000,001,228 | ---- | M] () -- C:\Users\Catherine\Desktop\Instructions (2) - Shortcut.lnk[2015/04/22 09:30:56 | 000,001,228 | ---- | M] () -- C:\Users\Catherine\Desktop\Instructions (1) - Shortcut.lnk[2015/04/22 09:29:21 | 000,001,489 | ---- | M] () -- C:\Users\Catherine\Desktop\Occupational Exposure to Bloodborne Pathogens - Shortcut.lnk[2015/04/22 09:29:13 | 000,001,255 | ---- | M] () -- C:\Users\Catherine\Desktop\LEApplicationPacket - Shortcut.lnk[2015/04/22 09:29:01 | 000,001,399 | ---- | M] () -- C:\Users\Catherine\Desktop\PHYSICAL TRAINING VERIFICATION FORM - Shortcut.lnk[2015/04/22 09:28:53 | 000,001,273 | ---- | M] () -- C:\Users\Catherine\Desktop\PRACTICAL ORIENTATION - Shortcut.lnk[2015/04/22 09:27:33 | 000,001,291 | ---- | M] () -- C:\Users\Catherine\Desktop\Wyo Criminal Procedures - Shortcut.lnk[2015/04/22 09:27:08 | 000,001,284 | ---- | M] () -- C:\Users\Catherine\Desktop\StudentCorr - Shortcut.lnk[2015/04/22 09:26:20 | 000,001,156 | ---- | M] () -- C:\Users\Catherine\Desktop\Overview - Shortcut.lnk[2015/04/22 09:25:31 | 000,001,273 | ---- | M] () -- C:\Users\Catherine\Desktop\Report Writing IL 4-b - Shortcut.lnk[2015/04/22 09:25:17 | 000,001,228 | ---- | M] () -- C:\Users\Catherine\Desktop\PHYSICAL FITNESS - Shortcut.lnk[2015/04/22 09:18:36 | 000,060,188 | ---- | M] () -- C:\Users\Catherine\Desktop\Completion Dates for Students (P).pdf[2015/04/22 09:17:41 | 000,563,379 | ---- | M] () -- C:\Users\Catherine\Desktop\DOB Instructional Objectives (P).pdf[2015/04/22 09:17:08 | 000,282,966 | ---- | M] () -- C:\Users\Catherine\Desktop\Information Guide.pdf[2015/04/21 11:01:23 | 000,778,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe[2015/04/21 11:01:23 | 000,142,512 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl[2015/04/20 09:47:10 | 000,793,542 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI[2015/04/13 07:40:50 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForCatherine.job[2015/04/11 20:57:31 | 065,955,922 | ---- | M] () -- C:\Users\Catherine\Desktop\4-cycle-fat-loss-solution.zip========== Files Created - No Company Name ==========[2015/04/27 19:41:40 | 000,001,062 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk[2015/04/27 19:28:07 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-CATHERINE-HP-Windows-7-Home-Premium-(64-bit).dat[2015/04/27 17:43:54 | 000,000,606 | ---- | C] () -- C:\Windows\tasks\SparkTrust PC Cleaner Plus Startup.job[2015/04/27 17:43:50 | 000,000,653 | ---- | C] () -- C:\Windows\tasks\SparkTrust PC Cleaner Plus_sch_409E1657-ED37-11E4-B47E-64315086D795.job[2015/04/22 10:57:58 | 000,033,799 | ---- | C] () -- C:\Users\Catherine\Desktop\John Conquer Root.rtf[2015/04/22 09:32:35 | 000,001,191 | ---- | C] () -- C:\Users\Catherine\Desktop\DOB15B81 Handouts - Shortcut.lnk[2015/04/22 09:32:04 | 000,001,273 | ---- | C] () -- C:\Users\Catherine\Desktop\Commonly Abused Drugs - Shortcut.lnk[2015/04/22 09:31:51 | 000,001,354 | ---- | C] () -- C:\Users\Catherine\Desktop\Drugs in the Detention Setting - Shortcut.lnk[2015/04/22 09:31:15 | 000,001,192 | ---- | C] () -- C:\Users\Catherine\Desktop\Instructions - Shortcut.lnk[2015/04/22 09:31:09 | 000,001,228 | ---- | C] () -- C:\Users\Catherine\Desktop\Instructions (3) - Shortcut.lnk[2015/04/22 09:31:03 | 000,001,228 | ---- | C] () -- C:\Users\Catherine\Desktop\Instructions (2) - Shortcut.lnk[2015/04/22 09:30:56 | 000,001,228 | ---- | C] () -- C:\Users\Catherine\Desktop\Instructions (1) - Shortcut.lnk[2015/04/22 09:29:21 | 000,001,489 | ---- | C] () -- C:\Users\Catherine\Desktop\Occupational Exposure to Bloodborne Pathogens - Shortcut.lnk[2015/04/22 09:29:13 | 000,001,255 | ---- | C] () -- C:\Users\Catherine\Desktop\LEApplicationPacket - Shortcut.lnk[2015/04/22 09:29:01 | 000,001,399 | ---- | C] () -- C:\Users\Catherine\Desktop\PHYSICAL TRAINING VERIFICATION FORM - Shortcut.lnk[2015/04/22 09:28:53 | 000,001,273 | ---- | C] () -- C:\Users\Catherine\Desktop\PRACTICAL ORIENTATION - Shortcut.lnk[2015/04/22 09:27:33 | 000,001,291 | ---- | C] () -- C:\Users\Catherine\Desktop\Wyo Criminal Procedures - Shortcut.lnk[2015/04/22 09:27:08 | 000,001,284 | ---- | C] () -- C:\Users\Catherine\Desktop\StudentCorr - Shortcut.lnk[2015/04/22 09:26:20 | 000,001,156 | ---- | C] () -- C:\Users\Catherine\Desktop\Overview - Shortcut.lnk[2015/04/22 09:25:31 | 000,001,273 | ---- | C] () -- C:\Users\Catherine\Desktop\Report Writing IL 4-b - Shortcut.lnk[2015/04/22 09:25:17 | 000,001,228 | ---- | C] () -- C:\Users\Catherine\Desktop\PHYSICAL FITNESS - Shortcut.lnk[2015/04/22 09:18:36 | 000,060,188 | ---- | C] () -- C:\Users\Catherine\Desktop\Completion Dates for Students (P).pdf[2015/04/22 09:17:40 | 000,563,379 | ---- | C] () -- C:\Users\Catherine\Desktop\DOB Instructional Objectives (P).pdf[2015/04/22 09:17:08 | 000,282,966 | ---- | C] () -- C:\Users\Catherine\Desktop\Information Guide.pdf[2015/04/16 13:45:06 | 000,016,303 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf[2015/04/11 20:56:52 | 065,955,922 | ---- | C] () -- C:\Users\Catherine\Desktop\4-cycle-fat-loss-solution.zip[2015/02/15 20:29:48 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat[2015/01/07 17:30:46 | 000,020,513 | ---- | C] () -- C:\Windows\prodsett_copy.ini[2014/08/22 11:26:11 | 000,004,124 | ---- | C] () -- C:\Users\Catherine\.swfinfo[2013/06/11 10:24:05 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe[2013/06/11 10:24:05 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe[2013/06/11 10:24:05 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe[2013/06/11 10:24:05 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe[2013/06/11 10:24:05 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe[2013/05/08 19:50:17 | 000,000,258 | RHS- | C] () -- C:\Users\Catherine\ntuser.pol[2012/09/04 17:37:42 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini========== ZeroAccess Check ==========[2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32][HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32][HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64"" = C:\Windows\SysNative\shell32.dll -- [2015/02/12 23:22:33 | 014,177,280 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Apartment[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]"" = %SystemRoot%\system32\shell32.dll -- [2015/02/12 23:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Apartment[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Free[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 06:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Free[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Both[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]========== LOP Check ==========[2011/11/09 15:42:11 | 000,000,000 | ---D | M] -- C:\Users\Catherine\AppData\Roaming\Artogon[2011/09/22 23:48:56 | 000,000,000 | ---D | M] -- C:\Users\Catherine\AppData\Roaming\Big Finish[2011/06/15 11:30:09 | 000,000,000 | ---D | M] -- C:\Users\Catherine\AppData\Roaming\Blio[2011/09/19 15:47:36 | 000,000,000 | ---D | M] -- C:\Users\Catherine\AppData\Roaming\CursedOnboard[2012/03/16 20:51:37 | 000,000,000 | ---D | M] -- C:\Users\Catherine\AppData\Roaming\enchant[2014/04/21 15:13:35 | 000,000,000 | ---D | M] -- C:\Users\Catherine\AppData\Roaming\EuroTrade A.L. Ltd[2012/04/11 16:40:53 | 000,000,000 | ---D | M] -- C:\Users\Catherine\AppData\Roaming\Floodlight Games[2012/04/16 20:48:14 | 000,000,000 | ---D | M] -- C:\Users\Catherine\AppData\Roaming\GameMill Entertainment[2012/04/16 18:29:57 | 000,000,000 | ---D | M] -- C:\Users\Catherine\AppData\Roaming\HdO Adventure[2011/09/11 21:00:22 | 000,000,000 | ---D | M] -- C:\Users\Catherine\AppData\Roaming\iWing[2013/06/11 12:01:04 | 000,000,000 | ---D | M] -- C:\Users\Catherine\AppData\Roaming\Oberon Media[2014/04/21 15:23:36 | 000,000,000 | ---D | M] -- C:\Users\Catherine\AppData\Roaming\Opera Software[2011/06/09 02:39:05 | 000,000,000 | ---D | M] -- C:\Users\Catherine\AppData\Roaming\PictureMover[2013/05/13 10:09:48 | 000,000,000 | ---D | M] -- C:\Users\Catherine\AppData\Roaming\player[2011/06/09 02:39:12 | 000,000,000 | ---D | M] -- C:\Users\Catherine\AppData\Roaming\Sierra Wireless[2012/03/09 16:47:46 | 000,000,000 | ---D | M] -- C:\Users\Catherine\AppData\Roaming\Smart PDF Creator Pro[2015/02/02 13:46:34 | 000,000,000 | ---D | M] -- C:\Users\Catherine\AppData\Roaming\SmartSoftOCRHelper[2013/07/08 12:23:05 | 000,000,000 | ---D | M] -- C:\Users\Catherine\AppData\Roaming\SoftGrid Client[2012/05/26 15:48:55 | 000,000,000 | ---D | M] -- C:\Users\Catherine\AppData\Roaming\SpinTop Games[2011/06/09 02:37:59 | 000,000,000 | ---D | M] -- C:\Users\Catherine\AppData\Roaming\Synaptics[2012/04/12 20:25:16 | 000,000,000 | ---D | M] -- C:\Users\Catherine\AppData\Roaming\TitanicMystery[2012/04/17 19:47:03 | 000,000,000 | ---D | M] -- C:\Users\Catherine\AppData\Roaming\Top Evidence[2011/07/28 23:30:28 | 000,000,000 | ---D | M] -- C:\Users\Catherine\AppData\Roaming\TP[2013/06/11 12:03:03 | 000,000,000 | ---D | M] -- C:\Users\Catherine\AppData\Roaming\TweakNow RegCleaner 2012[2012/03/14 20:28:03 | 000,000,000 | ---D | M] -- C:\Users\Catherine\AppData\Roaming\VisualShape[2013/04/18 11:17:24 | 000,000,000 | ---D | M] -- C:\Users\Catherine\AppData\Roaming\WildTangent[2011/09/19 17:17:40 | 000,000,000 | ---D | M] -- C:\Users\Catherine\AppData\Roaming\WildTangentv1002[2012/03/01 20:23:33 | 000,000,000 | ---D | M] -- C:\Users\Catherine\AppData\Roaming\Windows Live Writer[2012/10/31 09:23:19 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\PictureMover[2012/10/31 09:22:17 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\Synaptics[2011/11/13 11:49:23 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\PictureMover[2011/11/13 11:48:10 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Synaptics========== Purity Check ==================== Alternate Data Streams ==========@Alternate Data Stream - 221 bytes -> C:\ProgramData\Temp:4EE95FE7@Alternate Data Stream - 156 bytes -> C:\ProgramData\Temp:30C74695@Alternate Data Stream - 152 bytes -> C:\ProgramData\Temp:A2A602F0@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:94BD36A2@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:D346F792@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:9F38BF31@Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:E8B61305@Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:C72A744C@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:C7A094AF@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:63ABD638@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:25FF8A61@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:D4E0D1F1@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:EFBD4447@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:DA84DA4A@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:943FEF5D@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:EC2C753C@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:62D72D41@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:E4E83517@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:373E1720@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:A7DA2BCD< End of report >
-
.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home PremiumBoot Device: \Device\HarddiskVolume1Install Date: 6/9/2011 2:21:45 AMSystem Uptime: 4/27/2015 8:26:22 PM (1 hours ago).Motherboard: Hewlett-Packard | | 1697Processor: AMD Athlon II P360 Dual-Core Processor | Socket S1G4 | 2300/200mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 283 GiB total, 206.706 GiB free.D: is FIXED (NTFS) - 15 GiB total, 1.873 GiB free.E: is CDROM (UDF).==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP428: 3/8/2015 2:16:31 PM - Scheduled CheckpointRP429: 3/12/2015 5:30:46 AM - Windows UpdateRP430: 4/5/2015 7:25:09 PM - Windows UpdateRP431: 4/7/2015 9:52:58 AM - F-Secure malware removalRP433: 4/20/2015 9:19:28 AM - Windows Update.==== Installed Programs ======================.Adobe Flash Player 17 ActiveXAdobe Flash Player 17 NPAPIAMD FuelATI Catalyst Install Managerccc-utility64Charter Security SuiteComputer Security 14.121.102.0 (release)F-Secure CCF ReputationF-Secure CCF Scanning 1.51.112.309 (release)F-Secure Network CCF 1.03.102F-Secure SafeSearch 1.03.159.0 (release)Google ChromeGoogle Update HelperHP AutoHP Client ServicesHP Photosmart 5510 series Basic Device SoftwareHP Photosmart 5510 series Product Improvement StudyHP UpdateHP Wireless AssistantMalwarebytes Anti-Malware version 2.1.6.1022Microsoft .NET Framework 4.5.1Microsoft Application Error ReportingMicrosoft Office Click-to-Run 2010Microsoft Office Excel MUI (English) 2010Microsoft Office Office 64-bit Components 2010Microsoft Office OneNote MUI (English) 2010Microsoft Office Outlook MUI (English) 2010Microsoft Office PowerPoint MUI (English) 2010Microsoft Office Proof (English) 2010Microsoft Office Proof (French) 2010Microsoft Office Proof (Spanish) 2010Microsoft Office Shared 64-bit MUI (English) 2010Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010Microsoft Office Shared MUI (English) 2010Microsoft Office Single Image 2010Microsoft Office Word MUI (English) 2010Microsoft PowerPoint ViewerMicrosoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft Visual Studio 2010 Tools for Office Runtime (x64)Online Safety 2.115.2786.1676Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)Security Update for Microsoft .NET Framework 4.5.1 (KB3037581)Smart PDF Creator Pro 6.3.0.467Synaptics Pointing Device DriverUpdate Installer for WildTangent Games AppWindows Live ID Sign-in AssistantWindows Live Language SelectorWindows Live MIME IFilterWindows Live Remote ClientWindows Live Remote Client ResourcesWindows Live Remote ServiceWindows Live Remote Service ResourcesWMV9/VC-1 Video Playback.==== Event Viewer Messages From Past Week ========.4/27/2015 8:26:15 AM, Error: Service Control Manager [7000] - The Update Mgr DigitalMore service failed to start due to the following error: The system cannot find the file specified.4/27/2015 7:36:38 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10003] - WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\system32\athihvs.dll4/27/2015 7:30:27 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Media Player Network Sharing Service service, but this action failed with the following error: An instance of the service is already running.4/27/2015 7:29:59 PM, Error: Service Control Manager [7031] - The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.4/27/2015 7:29:58 PM, Error: Service Control Manager [7034] - The HP Software Framework Service service terminated unexpectedly. It has done this 1 time(s).4/27/2015 7:29:57 PM, Error: Service Control Manager [7031] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.4/27/2015 7:29:34 PM, Error: Service Control Manager [7034] - The Application Virtualization Client service terminated unexpectedly. It has done this 1 time(s).4/27/2015 7:29:33 PM, Error: Service Control Manager [7034] - The HP Wireless Assistant Service service terminated unexpectedly. It has done this 1 time(s).4/27/2015 7:29:32 PM, Error: Service Control Manager [7031] - The F-Secure Dll Hoster service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.4/27/2015 7:29:30 PM, Error: Service Control Manager [7034] - The Sierra Wireless Card Detection Service service terminated unexpectedly. It has done this 1 time(s).4/27/2015 7:29:30 PM, Error: Service Control Manager [7034] - The Application Virtualization Service Agent service terminated unexpectedly. It has done this 1 time(s).4/27/2015 7:29:10 PM, Error: Service Control Manager [7034] - The LightScribeService Direct Disc Labeling Service service terminated unexpectedly. It has done this 1 time(s).4/27/2015 7:29:10 PM, Error: Service Control Manager [7031] - The F-Secure ORSP Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.4/27/2015 7:29:10 PM, Error: Service Control Manager [7031] - The F-Secure Dll Hoster service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.4/27/2015 7:29:09 PM, Error: Service Control Manager [7034] - The Audio Service service terminated unexpectedly. It has done this 1 time(s).4/27/2015 7:29:09 PM, Error: Service Control Manager [7034] - The AMD External Events Utility service terminated unexpectedly. It has done this 1 time(s).4/27/2015 7:29:09 PM, Error: Service Control Manager [7034] - The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s).4/27/2015 7:29:09 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.4/27/2015 7:17:48 PM, Error: Service Control Manager [7034] - The FSMA service terminated unexpectedly. It has done this 2 time(s).4/27/2015 7:17:48 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.4/27/2015 7:17:48 PM, Error: Service Control Manager [7031] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.4/27/2015 7:17:48 PM, Error: Service Control Manager [7031] - The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.4/27/2015 7:17:48 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.4/27/2015 7:17:48 PM, Error: Service Control Manager [7031] - The F-Secure ORSP Client service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.4/27/2015 7:17:05 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: An instance of the service is already running.4/27/2015 7:16:36 PM, Error: Service Control Manager [7034] - The Client Virtualization Handler service terminated unexpectedly. It has done this 1 time(s).4/27/2015 7:16:35 PM, Error: Service Control Manager [7034] - The FSMA service terminated unexpectedly. It has done this 1 time(s).4/27/2015 7:16:35 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.4/27/2015 7:16:34 PM, Error: Service Control Manager [7034] - The Reimage Real Time Protector service terminated unexpectedly. It has done this 1 time(s).4/27/2015 7:16:34 PM, Error: Service Control Manager [7031] - The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service..==== End Of File ===========================
-
DDS (Ver_2012-11-20.01) - NTFS_AMD64Internet Explorer: 11.0.9600.17728Run by Catherine at 21:12:22 on 2015-04-27Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3835.2160 [GMT -6:00].AV: Computer Security *Enabled/Updated* {0F70A6C4-76E4-6A3B-2695-519F428B1C20}SP: Computer Security *Enabled/Updated* {B4114720-50DE-65B5-1C25-6AED390C569D}SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\system32\atiesrxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Program Files\IDT\WDM\STacSV64.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\atieclxx.exeC:\Windows\system32\WLANExt.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files (x86)\Charter Security Suite\fshoster32.exeC:\Program Files (x86)\Charter Security Suite\apps\CCF_Reputation\fsorsp.exeC:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exeC:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\FSGK32.EXEC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeC:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files (x86)\Sierra Wireless Inc\Common\SwiCardDetect64.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXEC:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSMA32.EXEC:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\fssm32.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\taskhost.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSHDLL64.EXEC:\Windows\system32\taskeng.exeC:\Program Files (x86)\Google\Update\GoogleUpdate.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\IDT\WDM\sttray64.exeC:\Program Files\Smart PDF Creator Pro\SmartSoft PDF Printer Agent.exeC:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exeC:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exeC:\Program Files (x86)\AT&T\AT&T Communication Manager\attcm_AppStart.exeC:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exeC:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSM32.EXEC:\Program Files (x86)\Charter Security Suite\fshoster32.exeC:\Program Files\Synaptics\SynTP\SynTPHelper.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exeC:\Windows\system32\svchost.exe -k SDRSVCC:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXEC:\Windows\system32\taskhost.exeC:\Windows\system32\notepad.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dllBHO: Browsing Protection: {45BBE08D-81C5-4A67-AF20-B2A077C67747} - C:\Program Files (x86)\Charter Security Suite\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLLBHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dllTB: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dlluRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hiddenuRun: [HP Photosmart 5510 series (NET)] "C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN249395ND05V3:NW" -scfn "HP Photosmart 5510 series (NET)" -AutoStart 1mRun: [attcm_AppStart.exe] "C:\Program Files (x86)\AT&T\AT&T Communication Manager\attcm_AppStart.exe"mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exemRun: [F-Secure Manager] "C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSM32.EXE" /splashmRun: [F-Secure Hoster (42626)] "C:\Program Files (x86)\Charter Security Suite\fshoster32.exe" -app -hosterid:1StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SNAPFI~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exeuPolicies-Explorer: NoDriveTypeAutoRun = dword:145uPolicies-Explorer: NoDrives = dword:0mPolicies-Explorer: NoDrives = dword:0mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exeIE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exeIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllTrusted Zone: ecollege.comTrusted Zone: kaplan.eduTrusted Zone: kucourses.comTCP: NameServer = 192.168.1.1TCP: Interfaces\{7C413551-5001-4EBE-9365-9DFA8947F2D4} : DHCPNameServer = 192.168.1.1TCP: Interfaces\{7C413551-5001-4EBE-9365-9DFA8947F2D4}\8686F6E6F62737 : DHCPNameServer = 192.168.6.1 64.134.255.2 64.134.255.10TCP: Interfaces\{ED4A0A7E-FDE4-40D9-8D6E-CC71C8D5EC16} : DHCPNameServer = 69.144.127.53 71.10.216.1 71.10.216.2Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: Browsing Protection: {45BBE08D-81C5-4A67-AF20-B2A077C67747} - C:\Program Files (x86)\Charter Security Suite\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https64.dllx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLLx64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exex64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exex64-Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hiddenx64-Run: [smartSoft PDF Printer Agent] "C:\Program Files\Smart PDF Creator Pro\SmartSoft PDF Printer Agent.exe"x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dllx64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dllx64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLx64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-SSODL: WebCheck - <orphaned>.============= SERVICES / DRIVERS ===============.R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2010-5-14 73856]R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2010-5-14 28800]R0 fsbts;fsbts;C:\Windows\System32\drivers\fsbts.sys [2015-1-7 56016]R1 F-Secure HIPS;F-Secure HIPS Driver;C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\HIPS\drivers\fshs.sys [2015-4-14 71080]R1 fsvista;F-Secure Vista Support Driver;C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [2015-1-7 13352]R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-12-15 203776]R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2015-3-18 822496]R2 fshoster;F-Secure Dll Hoster;C:\Program Files (x86)\Charter Security Suite\fshoster32.exe [2014-10-6 187432]R2 FSORSPClient;F-Secure ORSP Client;C:\Program Files (x86)\Charter Security Suite\apps\CCF_Reputation\fsorsp.exe [2014-6-24 60456]R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-7-21 103992]R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-4-27 1871160]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-4-27 1080120]R2 SCWFPFilter;SCWFPFilter;C:\Windows\System32\drivers\WFPFilter.sys [2012-1-10 25552]R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]R2 SwiCardDetectSvc;Sierra Wireless Card Detection Service;C:\Program Files (x86)\Sierra Wireless Inc\Common\SwiCardDetect64.exe [2011-6-24 317296]R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-3-5 46136]R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-12-11 31088]R3 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [2015-1-7 208424]R3 fsni;fsni;C:\Program Files (x86)\Charter Security Suite\apps\CCF_Scanning\bin\fsni64.sys [2014-6-23 90152]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2015-4-27 25816]R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2015-4-27 136408]R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2015-4-27 63704]R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2011-3-5 333416]R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-3-5 406632]R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2011-3-5 38528]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]S3 AdminHelper.exe;AdminHelper.exe;C:\Program Files (x86)\AT&T\AT&T Communication Manager\AdminHelper.exe [2012-3-22 55728]S3 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2010-12-15 354304]S3 AMD Reservation Manager;AMD Reservation Manager;C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-6-17 194496]S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 265808]S3 gfiark;gfiark;C:\Windows\System32\drivers\gfiark.sys [2014-7-7 41032]S3 hitmanpro37;HitmanPro 3.7 Support Driver;C:\Windows\System32\drivers\hitmanpro37.sys [2014-7-25 32512]S3 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-5 291896]S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-4-16 114688]S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]S3 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-3-6 39056]S3 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-9-11 399344]S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]S3 swiwdmbus;Sierra Wireless USB Composite Bus;C:\Windows\System32\drivers\swiwdmbusx64.sys [2011-6-9 102656]S3 SWNC8UA3;Sierra Wireless MUX NDIS Driver (UMTSA3);C:\Windows\System32\drivers\swnc8ua3.sys [2011-6-9 240640]S3 SWUMXA3;Sierra Wireless USB MUX Driver (UMTSA3);C:\Windows\System32\drivers\swumxa3.sys [2011-6-9 210944]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-19 59392]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-6-10 1255736]S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]S4 PGMTrusted;PGMTrusted;C:\Program Files (x86)\Pogo Games\PGMTrusted.exe [2013-3-25 520360]S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184].=============== Created Last 30 ================.2015-04-28 01:42:17 136408 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys2015-04-28 01:41:30 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys2015-04-28 01:41:30 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys2015-04-28 01:41:30 107736 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys2015-04-28 01:41:30 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware2015-04-28 01:28:00 -------- d-----w- C:\RegBackup2015-04-16 19:45:54 5557696 ----a-w- C:\Windows\System32\ntoskrnl.exe2015-04-06 01:26:31 -------- d-s---w- C:\Windows\SysWow64\GWX2015-04-06 01:26:30 -------- d-s---w- C:\Windows\System32\GWX.==================== Find3M ====================.2015-04-21 17:01:23 778416 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2015-04-21 17:01:23 142512 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2015-03-25 03:24:41 98304 ----a-w- C:\Windows\System32\wudriver.dll2015-03-25 03:24:41 3298816 ----a-w- C:\Windows\System32\wucltux.dll2015-03-25 03:24:41 191488 ----a-w- C:\Windows\System32\wuwebv.dll2015-03-25 03:24:08 60416 ----a-w- C:\Windows\System32\WinSetupUI.dll2015-03-25 03:23:58 12288 ----a-w- C:\Windows\System32\wu.upgrade.ps.dll2015-03-25 03:23:55 36864 ----a-w- C:\Windows\System32\wuapp.exe2015-03-25 03:00:57 92672 ----a-w- C:\Windows\SysWow64\wudriver.dll2015-03-25 03:00:57 173056 ----a-w- C:\Windows\SysWow64\wuwebv.dll2015-03-25 03:00:15 33792 ----a-w- C:\Windows\SysWow64\wuapp.exe2015-03-23 03:25:15 726528 ----a-w- C:\Windows\System32\generaltel.dll2015-03-23 03:25:01 769536 ----a-w- C:\Windows\System32\invagent.dll2015-03-23 03:24:56 419840 ----a-w- C:\Windows\System32\devinv.dll2015-03-23 03:24:54 957952 ----a-w- C:\Windows\System32\appraiser.dll2015-03-23 03:24:53 30720 ----a-w- C:\Windows\System32\acmigration.dll2015-03-23 03:24:53 227328 ----a-w- C:\Windows\System32\aepdu.dll2015-03-23 03:24:53 192000 ----a-w- C:\Windows\System32\aepic.dll2015-03-23 03:17:39 1111552 ----a-w- C:\Windows\System32\aeinv.dll2015-03-17 05:22:35 95672 ----a-w- C:\Windows\System32\drivers\ksecdd.sys2015-03-17 05:22:35 155576 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys2015-03-17 05:19:37 1727904 ----a-w- C:\Windows\System32\ntdll.dll2015-03-17 05:17:00 362496 ----a-w- C:\Windows\System32\wow64win.dll2015-03-17 05:17:00 243712 ----a-w- C:\Windows\System32\wow64.dll2015-03-17 05:17:00 13312 ----a-w- C:\Windows\System32\wow64cpu.dll2015-03-17 05:15:55 31232 ----a-w- C:\Windows\System32\lsass.exe2015-03-17 05:15:44 338432 ----a-w- C:\Windows\System32\conhost.exe2015-03-17 05:15:40 64000 ----a-w- C:\Windows\System32\auditpol.exe2015-03-17 05:13:29 60416 ----a-w- C:\Windows\System32\msobjs.dll2015-03-17 05:13:17 146432 ----a-w- C:\Windows\System32\msaudite.dll2015-03-17 05:01:09 3976632 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe2015-03-17 05:01:09 3920824 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe2015-03-17 04:59:26 1309696 ----a-w- C:\Windows\SysWow64\ntdll.dll2015-03-17 04:57:25 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll2015-03-17 04:57:21 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll2015-03-17 04:57:20 43008 ----a-w- C:\Windows\SysWow64\srclient.dll2015-03-17 04:57:17 248832 ----a-w- C:\Windows\SysWow64\schannel.dll2015-03-17 04:57:17 22016 ----a-w- C:\Windows\SysWow64\secur32.dll2015-03-17 04:57:13 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll2015-03-17 04:57:12 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll2015-03-17 04:57:11 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll2015-03-17 04:57:07 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll2015-03-17 04:56:59 17408 ----a-w- C:\Windows\SysWow64\credssp.dll2015-03-17 04:56:56 44032 ----a-w- C:\Windows\apppatch\acwow64.dll2015-03-17 04:56:41 25600 ----a-w- C:\Windows\SysWow64\setup16.exe2015-03-17 04:56:15 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe2015-03-17 04:56:01 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll2015-03-17 04:56:01 5120 ----a-w- C:\Windows\SysWow64\wow32.dll2015-03-17 04:56:00 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll2015-03-17 04:53:35 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll2015-03-17 04:53:13 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll2015-03-17 03:45:24 7680 ----a-w- C:\Windows\SysWow64\instnm.exe2015-03-17 03:45:23 2048 ----a-w- C:\Windows\SysWow64\user.exe2015-03-17 03:43:04 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll2015-03-17 03:43:04 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll2015-03-17 03:43:04 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll2015-03-17 03:43:03 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll2015-03-13 04:25:14 2724864 ----a-w- C:\Windows\System32\mshtml.tlb2015-03-13 04:25:01 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll2015-03-13 04:09:12 66560 ----a-w- C:\Windows\System32\iesetup.dll2015-03-13 04:08:33 584192 ----a-w- C:\Windows\System32\vbscript.dll2015-03-13 04:08:27 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll2015-03-13 04:08:17 417280 ----a-w- C:\Windows\System32\html.iec2015-03-13 04:06:54 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll2015-03-13 03:54:11 144384 ----a-w- C:\Windows\System32\ieUnatt.exe2015-03-13 03:54:00 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe2015-03-13 03:53:22 814080 ----a-w- C:\Windows\System32\jscript9diag.dll2015-03-13 03:50:45 6025216 ----a-w- C:\Windows\System32\jscript9.dll2015-03-13 03:44:48 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe2015-03-13 03:42:18 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb2015-03-13 03:32:48 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll2015-03-13 03:28:48 503296 ----a-w- C:\Windows\SysWow64\vbscript.dll2015-03-13 03:28:37 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll2015-03-13 03:27:51 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll2015-03-13 03:27:35 340992 ----a-w- C:\Windows\SysWow64\html.iec2015-03-13 03:26:19 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll2015-03-13 03:16:26 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe2015-03-13 03:15:40 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll2015-03-13 03:05:50 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll2015-03-13 03:05:24 2125824 ----a-w- C:\Windows\System32\inetcpl.cpl2015-03-13 03:01:16 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll2015-03-13 02:49:21 4305408 ----a-w- C:\Windows\SysWow64\jscript9.dll2015-03-13 02:45:57 2358784 ----a-w- C:\Windows\System32\wininet.dll2015-03-13 02:43:41 2052608 ----a-w- C:\Windows\SysWow64\inetcpl.cpl2015-03-13 02:42:47 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll2015-03-13 02:20:28 1888256 ----a-w- C:\Windows\SysWow64\wininet.dll2015-03-10 03:25:10 1882624 ----a-w- C:\Windows\System32\msxml3.dll2015-03-10 03:21:42 2048 ----a-w- C:\Windows\System32\msxml3r.dll2015-03-10 03:08:26 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll2015-03-10 03:05:39 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll2015-03-05 05:12:33 404480 ----a-w- C:\Windows\System32\gdi32.dll2015-03-05 04:05:06 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll2015-03-04 04:55:13 367552 ----a-w- C:\Windows\System32\clfs.sys2015-03-04 04:41:27 79360 ----a-w- C:\Windows\System32\clfsw32.dll2015-03-04 04:10:54 58880 ----a-w- C:\Windows\SysWow64\clfsw32.dll2015-02-26 03:25:44 3204096 ----a-w- C:\Windows\System32\win32k.sys2015-02-25 03:18:01 754688 ----a-w- C:\Windows\System32\drivers\http.sys2015-02-20 04:41:01 41984 ----a-w- C:\Windows\System32\lpk.dll2015-02-20 04:40:59 100864 ----a-w- C:\Windows\System32\fontsub.dll2015-02-20 04:40:56 14336 ----a-w- C:\Windows\System32\dciman32.dll.============= FINISH: 21:13:40.76 ===============
-
Malwarebytes Anti-Malwarewww.malwarebytes.orgScan Date: 4/27/2015Scan Time: 7:42:56 PMLogfile:Administrator: YesVersion: 2.01.6.1022Malware Database: v2015.04.27.05Rootkit Database: v2015.04.21.01License: TrialMalware Protection: EnabledMalicious Website Protection: EnabledSelf-protection: DisabledOS: Windows 7 Service Pack 1CPU: x64File System: NTFSUser: CatherineScan Type: Threat ScanResult: CompletedObjects Scanned: 446009Time Elapsed: 40 min, 7 secMemory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: DisabledHeuristics: EnabledPUP: EnabledPUM: EnabledProcesses: 0(No malicious items detected)Modules: 0(No malicious items detected)Registry Keys: 25PUP.Optional.WeCare.A, HKU\S-1-5-21-313159577-1753058699-2702243966-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}, Quarantined, [6d24b2bfc6c4a1952111c4bb8f747987],PUP.Optional.WeCare.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\GamesAppIntegrationService, Quarantined, [6d24b2bfc6c4a1952111c4bb8f747987],PUP.Optional.WeCare.A, HKU\S-1-5-21-313159577-1753058699-2702243966-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}, Quarantined, [6d24b2bfc6c4a1952111c4bb8f747987],PUP.Optional.WeCare.A, HKU\S-1-5-21-313159577-1753058699-2702243966-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}, Quarantined, [6d24b2bfc6c4a1952111c4bb8f747987],PUP.Optional.WeCare.A, HKU\S-1-5-21-313159577-1753058699-2702243966-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}, Quarantined, [6d24b2bfc6c4a1952111c4bb8f747987],Adware.GamePlayLab, HKU\S-1-5-21-313159577-1753058699-2702243966-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{11111111-1111-1111-1111-110011221158}, Quarantined, [1b762b46fb8f41f58ceaea71cd36f50b],Adware.GamePlayLab, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\GamesAppIntegrationService, Quarantined, [1b762b46fb8f41f58ceaea71cd36f50b],Adware.GamePlayLab, HKU\S-1-5-21-313159577-1753058699-2702243966-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{11111111-1111-1111-1111-110011221158}, Quarantined, [1b762b46fb8f41f58ceaea71cd36f50b],PUP.Optional.Gamesbar.A, HKU\S-1-5-21-313159577-1753058699-2702243966-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{CB0D163C-E9F4-4236-9496-0597E24B23A5}, Quarantined, [fc950c6517730036706655ec788b03fd],PUP.Optional.Gamesbar.A, HKU\S-1-5-21-313159577-1753058699-2702243966-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{CB0D163C-E9F4-4236-9496-0597E24B23A5}, Quarantined, [fc950c6517730036706655ec788b03fd],PUP.Optional.Gamesbar.A, HKU\S-1-5-21-313159577-1753058699-2702243966-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{CB0D163C-E9F4-4236-9496-0597E24B23A5}, Quarantined, [fc950c6517730036706655ec788b03fd],PUP.Optional.CouponBar.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\cnpkmcjgpcihgfnkcjapiaabbbplkcmf, Quarantined, [7c156e0352381422da8d21b77c8738c8],PUP.Optional.MyCoups.A, HKLM\SOFTWARE\WOW6432NODE\MYCOUPS, Quarantined, [81105c15f09a6cca743f9bb5689dd12f],PUP.Optional.Enformation.A, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\enformation, Quarantined, [0b8678f95d2d9e987327ec09679c768a],PUP.Optional.GenericAddon.A, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\GenericAddon, Quarantined, [840d9cd55634cc6a69240fd9db288c74],PUP.Optional.MediaPlayerEnhance.A, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\MediaPlayerEnhance, Quarantined, [3c55e28fd3b761d5afa7a76937cdfa06],PUP.Optional.PlusHD.A, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-8.9, Quarantined, [7021ec85c1c92d0987894fbade2650b0],PUP.Optional.GenericAddon.A, HKU\S-1-5-21-313159577-1753058699-2702243966-1001\SOFTWARE\APPDATALOW\SOFTWARE\GenericAddon, Quarantined, [95fcdd94e5a570c6345932b67093e020],PUP.Optional.MyCoups.A, HKU\S-1-5-21-313159577-1753058699-2702243966-1001\SOFTWARE\MYCOUPS, Quarantined, [eea3cca58109a393e0d43e1227de1ee2],PUP.Optional.CrossRider.A, HKU\S-1-5-21-313159577-1753058699-2702243966-1002\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, Quarantined, [deb3b0c1a7e3b383db1edf5f38cd04fc],PUP.Optional.MultiIE.A, HKU\S-1-5-21-313159577-1753058699-2702243966-1002\SOFTWARE\APPDATALOW\SOFTWARE\DynConIE, Quarantined, [eba62f4284061125943db79062a330d0],PUP.Optional.IWantThis.A, HKU\S-1-5-21-313159577-1753058699-2702243966-1002\SOFTWARE\APPDATALOW\SOFTWARE\I Want This, Quarantined, [078a81f091f9d264e4d557ae45bf6f91],PUP.Optional.Mindspark.A, HKU\S-1-5-21-313159577-1753058699-2702243966-1002\SOFTWARE\APPDATALOW\SOFTWARE\TotalRecipeSearch_14, Quarantined, [830e61100882053145982cd03dc6db25],PUP.Optional.MultiIE.A, HKU\S-1-5-21-313159577-1753058699-2702243966-501\SOFTWARE\APPDATALOW\SOFTWARE\DynConIE, Quarantined, [4849bdb4f39746f059782027bd486a96],PUP.Optional.IWantThis.A, HKU\S-1-5-21-313159577-1753058699-2702243966-501\SOFTWARE\APPDATALOW\SOFTWARE\I Want This, Quarantined, [850c521fddad1c1a8a2f8e77788c60a0],Registry Values: 5PUP.Optional.MyCoups.A, HKLM\SOFTWARE\WOW6432NODE\MYCOUPS|age, 1370232000, Quarantined, [81105c15f09a6cca743f9bb5689dd12f]PUP.Optional.MyCoups.A, HKU\S-1-5-21-313159577-1753058699-2702243966-1001\SOFTWARE\MYCOUPS|age, 1370232000, Quarantined, [eea3cca58109a393e0d43e1227de1ee2]PUP.Optional.CrossRider.A, HKU\S-1-5-21-313159577-1753058699-2702243966-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\NEW WINDOWS\ALLOW|*.crossrider.com, CrossriderApp0002258, Quarantined, [97faa3cee9a159ddfdffe466b451d030]PUP.Optional.UnFriendApp.A, HKU\S-1-5-21-313159577-1753058699-2702243966-1002\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|[email protected], C:\Program Files (x86)\UnfriendApp\Firefox\, Quarantined, [1b765a17b0da31052dad1de22fd4cf31]PUP.Optional.UnFriendApp.A, HKU\S-1-5-21-313159577-1753058699-2702243966-501\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|[email protected], C:\Program Files (x86)\UnfriendApp\Firefox\, Quarantined, [8e03f27f46447abc31a9dd22cf3418e8]Registry Data: 0(No malicious items detected)Folders: 93PUP.Optional.CrossRider.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_lekgiimbfodefdaoofhlckefjbgpeilo_0, Quarantined, [a1f083eef29891a52c554e4c5aa909f7],PUP.Optional.CrossRider.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lekgiimbfodefdaoofhlckefjbgpeilo, Quarantined, [d8b9710091f9b086335a9bffdc278f71],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Roaming\Mozilla\Firefox\Profiles\3dkt76nv.default\HeadlineAlley_29, Quarantined, [e1b098d9b8d2ec4a9dd7811b54af5ea2],PUP.Optional.RRSavings.A, C:\Program Files\rrsavings, Quarantined, [9ef33c3566247bbbf1f0d0cde51efa06],PUP.Optional.FreeSoftToday.A, C:\Users\Catherine\AppData\Local\fst_us_42, Quarantined, [f1a00869206a5ed87833a701cf34d32d],PUP.Optional.FreeSoftToday.A, C:\Program Files (x86)\fst_us_42, Quarantined, [96fba3ce28626bcb139906a26e957789],PUP.Optional.Goobzo, C:\Program Files\Common Files\Goobzo, Quarantined, [c2cff47de9a143f3a48999157e85d729],PUP.Optional.DigitalMore.A, C:\ProgramData\8708eaaa-1c2b-4faa-8923-a6c9f88eeb0e, Quarantined, [e1b0a2cffd8dfa3c53c0a2223ec5e719],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\adapter, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\abstractbutton, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\abstractbutton\background, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\alert, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\alert\background, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\embedhtml, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\embedhtml\background, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\embedhtml\html, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\embedhtml\js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\embedscript, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\embedscript\background, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\embedscript\html, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\embedscript\js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\flare, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\flare\background, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\flare\icons, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\generic, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\generic\background, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\link, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\link\background, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\menu, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\menu\background, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\menu\css, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\menu\html, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\menu\images, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\menu\js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\rss, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\rss\background, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\thirdparty, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\thirdparty\background, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\uninstall, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\uninstall\background, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\weather, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\weather\background, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\common, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\radio, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\radio\css, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\radio\js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\rss, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\rss\js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\test, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\topapps, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\topapps\css, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\topapps\js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\weather, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\weather\css, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\weather\js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\api, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\api\background, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\api\window, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\defaultSearch, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\defaultSearch\background, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\defaultSearch\foreground, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\moviereviews, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\moviereviews\background, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\moviereviews\css, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\moviereviews\html, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\moviereviews\js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\radio, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\radio\background, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\radio\css, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\radio\foreground, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\radio\radioWrapper, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\search, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\search\background, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\search\html, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\supertab, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\supertab\css, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\supertab\html, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\supertab\js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\icons, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\images, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\native, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\native\libs, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\shared, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\_metadata, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],Files: 244PUP.Optional.WeCare.A, C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe, Quarantined, [6d24b2bfc6c4a1952111c4bb8f747987],Adware.GamePlayLab, C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe, Quarantined, [1b762b46fb8f41f58ceaea71cd36f50b],PUP.Optional.Goobzo, C:\Program Files\Common Files\System\SysMenu64.dll, Quarantined, [dbb6d899276361d523b0c283bb4b60a0],PUP.Optional.SupraSavings.A, C:\temp\t.msi, Quarantined, [335e2e434b3f62d409badfe89372f60a],PUP.Optional.PreBackup.A, C:\Users\Catherine\AppData\Local\Temp\CloudBackup9025.exe, Quarantined, [167bb0c19af0092d201398dccd337a86],PUP.Optional.Goobzo, C:\Users\Catherine\AppData\Local\Temp\dufgmr4c.exe, Quarantined, [58394b26e9a1f93db8ed02c890717090],PUP.Optional.InstallIQ, C:\Users\Catherine\Downloads\mediaclassic.exe, Quarantined, [5b368ee3f892d561d3c1a39ae61b30d0],PUP.Optional.Bundle, C:\Users\Catherine\Downloads\adobe_flash_setup (1).exe, Quarantined, [0d84521f3a504bebb0d693b227dfe818],PUP.Optional.Bundle, C:\Users\Catherine\Downloads\adobe_flash_setup (2).exe, Quarantined, [4f4211600a808aac444264e1e81e8779],PUP.Optional.Bundle, C:\Users\Catherine\Downloads\adobe_flash_setup.exe, Quarantined, [a1f0036efc8eef4712741e278383da26],PUP.Optional.BundleInstaller.A, C:\Users\Catherine\Downloads\Unconfirmed 274501.crdownload, Quarantined, [8f0275fc0981d264d7539bb4e9196997],PUP.Optional.AirInstaller, C:\Users\Catherine\Downloads\Flash_Setup.exe, Quarantined, [9ef36011a5e5cf67e21ff742a35eb64a],PUP.Optional.Somoto, C:\Users\Catherine\Downloads\FLVPlayerSetup-Nb7SelJcY.exe, Quarantined, [a7ea4e2318725adcbb66ecfc7392916f],PUP.Optional.Goobzo, c:\users\catherine\appdata\local\installer\install_26263\ytdi_bf4fca0ff8_setup.exe, Quarantined, [0091ef824a407eb8795a073e0bfb29d7],PUP.Optional.Goobzo, c:\users\catherine\appdata\local\installer\install_26312\ytdi_bf4fca0ff8_setup.exe, Quarantined, [0b86224f0882b97d9142c0858680ef11],PUP.Optional.Goobzo, c:\users\catherine\appdata\local\installer\install_26364\ytdi_bf4fca0ff8_setup.exe, Quarantined, [ccc53d34a1e9ce68dbf8430248bec937],PUP.Optional.Goobzo, c:\users\catherine\appdata\local\installer\install_26413\ytdi_bf4fca0ff8_setup.exe, Quarantined, [058c1a57187265d107cc0d38ad593ec2],PUP.Optional.SnapDo.A, C:\Windows\Installer\f93ef39.msi, Quarantined, [e4ada8c999f1ce68d8e81e96847dac54],PUP.Optional.SelectNGo.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.select-n-go00.select-n-go.com_0.localstorage, Quarantined, [434e6110eb9f191dc6d655a7ab587a86],PUP.Optional.SelectNGo.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.select-n-go00.select-n-go.com_0.localstorage-journal, Quarantined, [f1a039389ded94a2fd9f26d60cf7e41c],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pcpehlgijbdajfafffojllcaecaecngb_0.localstorage, Delete-on-Reboot, [226f670a95f56bcbb6d9c144cc3841bf],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pcpehlgijbdajfafffojllcaecaecngb_0.localstorage-journal, Delete-on-Reboot, [bfd2353cdcaea5915d32927354b060a0],PUP.Optional.FreeSoftToday.A, C:\Users\Catherine\AppData\Local\fst_us_42\upfst_us_42.cyp, Quarantined, [f1a00869206a5ed87833a701cf34d32d],PUP.Optional.FreeSoftToday.A, C:\Users\Catherine\AppData\Local\fst_us_42\user_profil.cyp, Quarantined, [f1a00869206a5ed87833a701cf34d32d],PUP.Optional.FreeSoftToday.A, C:\Program Files (x86)\fst_us_42\unins000.dat, Quarantined, [96fba3ce28626bcb139906a26e957789],PUP.Optional.FreeSoftToday.A, C:\Program Files (x86)\fst_us_42\unins000.msg, Quarantined, [96fba3ce28626bcb139906a26e957789],PUP.Optional.DigitalMore.A, C:\ProgramData\8708eaaa-1c2b-4faa-8923-a6c9f88eeb0e\temp, Quarantined, [e1b0a2cffd8dfa3c53c0a2223ec5e719],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\manifest.json, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\bg.html, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\buildVars, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\buildVars.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\companionSW.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\config.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\contentScript.css, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\contentScript.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\debug.html, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\debug.jade, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\extension_toolbar_api.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\initWidgetWindow.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\newTabContentScript.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\options.html, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\spent.css, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\spent.html, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\spent.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\spent2.css, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\spent2.html, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\spentJ.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\spentK.html, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\spentK.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\startup.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\stub.html, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\stubby.html, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\superFrame.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\toolbar.html, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\toolbar.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\toolbarUI.css, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\toolbarUI.html, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\toolbarUI.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\url.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\adapter\adapterUtil.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\adapter\widget-adapter.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\abstractbutton\background\abstractButton.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\alert\background\alertButton.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\embedhtml\background\embedHtmlWidget.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\embedhtml\html\embedHtmlTemplate.html, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\embedhtml\html\innerEmbedHtmlTemplate.html, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\embedhtml\js\embedHtmlUI.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\embedscript\background\embedScriptWidget.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\embedscript\html\embedScriptTemplate.html, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\embedscript\html\innerEmbedScriptTemplate.html, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\embedscript\js\embedScriptUI.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\flare\background\FlareWidget.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\flare\icons\Icon_Flare_blue.png, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\flare\icons\Icon_Flare_pink.png, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\flare\icons\Thumbs.db, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\generic\background\GenericWidget.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\link\background\linkButton.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\menu\README.txt, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\menu\background\menuButton.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\menu\css\menuframe.css, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\menu\html\menuframe.html, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\menu\images\right_arrow.png, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\menu\images\right_arrow_white.png, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\menu\js\jquery-1.7.1.min.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\menu\js\menuframe.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\menu\js\query-string.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\menu\js\underscore-1.3.1.min.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\rss\background\RssWidget.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\thirdparty\background\thirdPartyWidget.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\uninstall\background\uninstallButton.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\components\weather\background\weatherButton.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\js\bs.30.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\js\common.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\js\dynamic.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\js\enableDetect.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\js\eventListening.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\js\global.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\js\jquery-1.7.1.min.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\js\list-interaction.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\js\messageEventListener.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\js\navRedirector.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\js\paramReplacer.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\js\PartnerId.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\js\set.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\js\underscore-1.3.1.min.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\js\underscore-1.5.2.min.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\js\unifiedLogging.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widget-context-1.0.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\common\common.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\common\eventListening.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\common\jquery-1.7.1.min.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\common\list-interaction.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\common\set.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\common\underscore-1.3.1.min.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\radio\radio-widget.html, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\radio\css\radio-widget.css, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\radio\js\radio-custom.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\radio\js\radio-parser.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\radio\js\radio-widget-ui.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\radio\js\radio-widget.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\rss\rssWidget.html, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\rss\js\rss-widget-custom.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\rss\js\rss-widget-parse.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\rss\js\rss-widget.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\test\invalid.json, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\test\jquery.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\test\qunit.css, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\test\qunit.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\test\resource.json, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\test\resource.xml, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\test\testWidget.html, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\test\testWidget.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\topapps\widget.html, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\topapps\css\widget.css, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\topapps\js\nanigans-topapps-feed.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\topapps\js\topapps-config.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\topapps\js\widget.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\weather\weatherButton.html, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\weather\css\weatherButton.css, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\common\widget-api\widgets\weather\js\weather.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\api\background\ApiBasedWidget.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\api\background\widget-api-impl.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\api\window\hiddenWidgetWindow.html, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\api\window\hiddenWidgetWindow.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\api\window\hiddenWidgetWindowInit.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\api\window\widgetWindow.html, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\api\window\widgetWindow.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\defaultSearch\background\updateSearch.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\defaultSearch\background\updateSearchPromptBg.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\defaultSearch\foreground\07_buttons2.png, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\defaultSearch\foreground\08_buttons2.png, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\defaultSearch\foreground\defaultSearchModal.html, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\defaultSearch\foreground\defaultSearchModalInjector.css, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\defaultSearch\foreground\defaultSearchModalInjector.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\defaultSearch\foreground\tvf_btn_ok.png, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\defaultSearch\foreground\tvf_btn_ok2.png, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\defaultSearch\foreground\tvf_restart_alert_icon.png, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\defaultSearch\foreground\tvf_restart_icon.png, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\defaultSearch\foreground\updateSearchPromptFg.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\moviereviews\background\MovieReviewsWidget.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\moviereviews\css\movieReviews.css, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\moviereviews\html\movieReviews.html, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\moviereviews\js\movieReviews.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\radio\background\RadioWidget.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\radio\css\toolbar-item.css, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\radio\foreground\button.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\radio\radioWrapper\radioWrapper.html, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\radio\radioWrapper\radioWrapper.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\search\background\searchBox.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\search\html\searchSuggestions.css, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\search\html\searchSuggestions.html, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\search\html\searchSuggestions.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\search\html\searchSuggestionsInit.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\supertab\css\supertab.css, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\supertab\html\supertab.html, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\supertab\js\newtabfork.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\supertab\js\reporting.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\supertab\js\srchsugg.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\supertab\js\supertab.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\supertab\js\unifiedLogging.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\components\supertab\js\__utm.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\icons\arrowSprite.png, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\icons\icon128.png, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\icons\icon16.png, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\icons\icon19disabled.png, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\icons\icon19on.png, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\icons\icon48.png, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\icons\tb_icon_search_disappearing_ask.png, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\images\222116621.png, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\images\222116625.png, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\images\222116640.png, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\images\222116644.png, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\images\222116653.png, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\images\222116675.png, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\images\down_arrow.png, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\images\IDR_PRODUCT_LOGO_16.png, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\images\IDR_WEBSTORE_ICON.png, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\images\magnifying_glass.png, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\images\RadioPlayerSprite.png, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\images\search_button.png, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\images\tvf_icon_guide.png, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\images\tvf_logo.png, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\images\wrench.png, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\js\chromeUtils.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\js\exeManager.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\js\exeManagerNMD.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\js\exePackageManager.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\js\focusManager.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\js\globalBlacklistManager.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\js\messaging.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\js\mutation_summary-min.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\js\mutation_summary.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\js\nativeMessagingDispatcher.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\js\newTabInfo.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\js\newTabInitialize.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\js\options.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\js\readLocalStorage.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\js\reservespacefortoolbar.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\js\reservespaceifenabled.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\js\scriptInjector.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\js\searchContext.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\js\settingsOverrides.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\js\toolbarCookieParser.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\js\toolbarPreinit.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\js\underscore-1.3.1.min.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\js\URILoaderContentScript.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\js\Widget.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\js\widgetContentScriptInjectee.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\js\widgetFactory.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\js\widgetWindowManager.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\native\cache.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\native\ce.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\native\debug.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\native\ss.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\native\libs\jquery-1.7.1.min.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\native\libs\jquery-1.9.1.min.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\native\libs\underscore-1.5.2.min.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\shared\HttpURL.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\shared\rsvp-latest.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\shared\unifiedLogging.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\shared\universalConsole.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\shared\utils.js, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.Mindspark.A, C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb\12.9.6.8621_0\_metadata\verified_contents.json, Quarantined, [1b76c6ab0d7d2016695162e40600d52b],PUP.Optional.KeyFind.A, C:\Users\Catherine\AppData\Roaming\Mozilla\Firefox\Profiles\3dkt76nv.default\search.json, Good: (), Bad: (key-find), Replaced,[61306e030b7f6bcb69be52f5aa5c7a86]Physical Sectors: 0(No malicious items detected)(end)
-
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 6.6.5 (04.27.2015:1)OS: Windows 7 Home Premium x64Ran by Catherine on Mon 04/27/2015 at 19:27:56.19~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Services~~~ TasksSuccessfully deleted: [Task] C:\Windows\system32\tasks\PC Optimizer Pro64 startups~~~ Registry ValuesSuccessfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{8660E5B3-6C41-44DE-8503-98D99BBECD41}~~~ Registry Keys~~~ FilesSuccessfully deleted: [File] C:\Users\Catherine\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage-journalSuccessfully deleted: [File] C:\Users\Catherine\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage~~~ FoldersSuccessfully deleted: [Empty Folder] C:\Users\Catherine\appdata\local\{366D4FC7-0F57-4DCC-A74A-65953B792687}Successfully deleted: [Empty Folder] C:\Users\Catherine\appdata\local\{60501BEB-D388-4A5F-95B0-68AFD524F7C5}Successfully deleted: [Empty Folder] C:\Users\Catherine\appdata\local\{60DF7411-2008-45FA-A5DA-74AA6DF227A8}Successfully deleted: [Empty Folder] C:\Users\Catherine\appdata\local\{B699C5BD-0C19-41AA-816B-FC8B6324D2B8}Successfully deleted: [Empty Folder] C:\Users\Catherine\appdata\local\{C405513C-7AC6-4570-9402-1C55BBA8CF8A}Successfully deleted: [Empty Folder] C:\Users\Catherine\appdata\local\{E11A79C8-934A-44BC-913B-FB62F8D679E5}Successfully deleted: [Empty Folder] C:\Users\Catherine\appdata\local\{F5414D90-EBE7-498E-8B84-F7ACDF4A1E01}Successfully deleted: [Empty Folder] C:\Users\Catherine\appdata\local\{FB9F177F-5448-40BE-A77D-2B699344714A}Successfully deleted: [Folder] C:\ai_recyclebinSuccessfully deleted: [Folder] C:\ProgramData\surffkoeeEPPit~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Mon 04/27/2015 at 19:35:27.76End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
# AdwCleaner v4.202 - Logfile created 27/04/2015 at 19:16:41# Updated 23/04/2015 by Xplode# Database : 2015-04-27.1 [server]# Operating system : Windows 7 Home Premium Service Pack 1 (x64)# Username : Catherine - CATHERINE-HP# Running from : C:\Users\Catherine\Downloads\adwcleaner_4.202.exe# Option : Cleaning***** [ Services ] *****[#] Service Deleted : ReimageRealTimeProtectorService Deleted : sbmntr[#] Service Deleted : Update Mgr DigitalMore***** [ Files / Folders ] *****Folder Deleted : C:\ProgramData\IePluginServicesFolder Deleted : C:\ProgramData\SearchModuleFolder Deleted : C:\ProgramData\ZombieAlertFolder Deleted : C:\ProgramData\Reimage ProtectorFolder Deleted : C:\ProgramData\WinfernoFolder Deleted : C:\ProgramData\SparkTrustFolder Deleted : C:\ProgramData\SaliesCheeckerrFolder Deleted : C:\Program Files (x86)\globalUpdateFolder Deleted : C:\Program Files (x86)\iWebar[x] Not Deleted : C:\Program Files (x86)\MediaPlayerEnhanceFolder Deleted : C:\Program Files (x86)\predmFolder Deleted : C:\Program Files (x86)\YTDownloaderFolder Deleted : C:\Program Files (x86)\Privacy DRFolder Deleted : C:\Program Files (x86)\SparkTrustFolder Deleted : C:\Program Files (x86)\SaliesCheeckerrFolder Deleted : C:\Program Files (x86)\MediaPlayerEnhanceFolder Deleted : C:\Program Files (x86)\Common Files\SparkTrustFolder Deleted : C:\Windows\SysWOW64\SearchProtect[x] Not Deleted : C:\Program Files\002[x] Not Deleted : C:\Program Files\003[x] Not Deleted : C:\Program Files\Reimage[x] Not Deleted : C:\Program Files\RrSavingsFolder Deleted : C:\Users\Catherine\AppData\Local\FreesofttodayFolder Deleted : C:\Users\Catherine\AppData\Local\GameoFolder Deleted : C:\Users\Catherine\AppData\Local\globalUpdateFolder Deleted : C:\Users\Catherine\AppData\Local\LPTFolder Deleted : C:\Users\Catherine\AppData\Local\SwvUpdaterFolder Deleted : C:\Users\Catherine\AppData\Local\Tuguu_SLFolder Deleted : C:\Users\Catherine\AppData\Local\WeatherAlertsFolder Deleted : C:\Users\Catherine\AppData\Local\ZombieAlertFolder Deleted : C:\Users\Catherine\AppData\Roaming\SpeedAnalysis2Folder Deleted : C:\Users\Catherine\AppData\Roaming\v9Folder Deleted : C:\Users\Catherine\AppData\Roaming\SparkTrustFolder Deleted : C:\Users\Catherine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SparkTrustFolder Deleted : C:\Users\Catherine\AppData\Roaming\Mozilla\Firefox\Profiles\3dkt76nv.default\Extensions\0c822a17-a68f-4066-9257-d229458d21ca@9c178d17-dc61-4aaf-b2da-1425ac7300ac.comFolder Deleted : C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanfFolder Deleted : C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeiloFolder Deleted : C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gafhhbahpojnjfhpepjjfjojbphnogmn[/!\] Not Deleted ( Junction ) : C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeiloFolder Deleted : C:\Users\Catherine\AppData\Roaming\Opera Software\Opera Stable\Extensions\dfohdbmjdkfijghgklbickfnaepghgbaFolder Deleted : C:\Users\Catherine\AppData\Roaming\Opera Software\Opera Stable\Extensions\lekgiimbfodefdaoofhlckefjbgpeiloFile Deleted : C:\Users\Catherine\AppData\Roaming\Mozilla\Firefox\Profiles\3dkt76nv.default\Extensions\[email protected]File Deleted : C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorageFile Deleted : C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lekgiimbfodefdaoofhlckefjbgpeilo_0.localstorageFile Deleted : C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lekgiimbfodefdaoofhlckefjbgpeilo_0.localstorage-journalFile Deleted : C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_lekgiimbfodefdaoofhlckefjbgpeilo_0File Deleted : C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lekgiimbfodefdaoofhlckefjbgpeiloFile Deleted : C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gafhhbahpojnjfhpepjjfjojbphnogmn_0.localstorageFile Deleted : C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gafhhbahpojnjfhpepjjfjojbphnogmn_0.localstorage-journalFile Deleted : C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_lekgiimbfodefdaoofhlckefjbgpeilo_0File Deleted : C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lekgiimbfodefdaoofhlckefjbgpeiloFile Deleted : C:\Windows\Reimage.iniFile Deleted : C:\Windows\SysWOW64\SecureAssist.dllFile Deleted : C:\Windows\System32\roboot64.exeFile Deleted : C:\Windows\System32\SecureAssist64.dllFile Deleted : C:\Users\Catherine\daemonprocess.txtFile Deleted : C:\Users\Catherine\AppData\Roaming\speedanalysis.icoFile Deleted : C:\Users\Catherine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\SparkTrust PC Cleaner Plus.lnkFile Deleted : C:\Users\Catherine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.urlFile Deleted : C:\Users\Catherine\Desktop\SparkTrust PC Cleaner Plus.lnkFile Deleted : C:\Users\Catherine\AppData\Roaming\Mozilla\Firefox\Profiles\3dkt76nv.default\searchplugins\bingp.xmlFile Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\key-find.xmlFile Deleted : C:\Users\Catherine\AppData\Roaming\Mozilla\Firefox\Profiles\3dkt76nv.default\searchplugins\trovi-search.xmlFile Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\v9.xmlFile Deleted : C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorageFile Deleted : C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journalFile Deleted : C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.selectgo00.selectgo.net_0.localstorageFile Deleted : C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.selectgo00.selectgo.net_0.localstorage-journalFile Deleted : C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_eliteunzip.dl.tb.ask.com_0.localstorageFile Deleted : C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_eliteunzip.dl.tb.ask.com_0.localstorage-journalFile Deleted : C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_mapsgalaxy.dl.tb.ask.com_0.localstorageFile Deleted : C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_mapsgalaxy.dl.tb.ask.com_0.localstorage-journalFile Deleted : C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_plarium.com_0.localstorageFile Deleted : C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_plarium.com_0.localstorage-journalFile Deleted : C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.tb.ask.com_0.localstorageFile Deleted : C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.tb.ask.com_0.localstorage-journal***** [ Scheduled tasks ] *****Task Deleted : gameo_updateTask Deleted : LaunchAppTask Deleted : PC Optimizer Pro UpdatesTask Deleted : Reimage ReminderTask Deleted : ReimageUpdaterTask Deleted : RunAsStdUser TaskTask Deleted : SMupdate1Task Deleted : YTDownloaderTask Deleted : YTDownloaderUpdTask Deleted : SparkTrust Update Version3Task Deleted : SparkTrust Update Version3_triggeronceTask Deleted : SparkTrust Registration3Task Deleted : MediaPlayerEnhance-updater***** [ Shortcuts ] ********** [ Registry ] *****Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}]Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bfcpnihmbfoaeoakalclfalkdepgiajeKey Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanfKey Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\klibnahbojhkanfgaglnlalfkgpcppfiKey Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mocblcnaofikinigmceddfghppkkjbogKey Deleted : HKLM\SOFTWARE\MozillaPlugins\@ei.TotalRecipeSearch_14.com/PluginKey Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServicesKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\YTDownloader.exeKey Deleted : HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\SysMenuExtKey Deleted : HKLM\SOFTWARE\Classes\AppID\SysMenu.DLLKey Deleted : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLLKey Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngineKey Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D813D5BB-EBC7-45F9-B8A4-36A305168069}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C0B1016F-B7E5-46F0-B415-6BF9E55AB00D}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3B181CF2-878B-4758-8FBD-59D8AC5AB12D}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{490A5A0F-1471-47FF-8BB5-719F1F5238AD}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8E5B29C2-BC6E-40BE-B881-AEE35B1F4035}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9863E762-BACC-46E4-8CAA-2A6ADA06B65B}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C0B1016F-B7E5-46F0-B415-6BF9E55AB00D}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C0B1016F-B7E5-46F0-B415-6BF9E55AB00D}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C0B1016F-B7E5-46F0-B415-6BF9E55AB00D}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{878B8524-AED5-4870-9A96-A515440DAC75}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{878B8524-AED5-4870-9A96-A515440DAC75}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{d925bc12-7440-413e-a040-cef15508f0c5}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FD79F359-E577-46DB-AA74-D6E6B8B45BA8}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{878B8524-AED5-4870-9A96-A515440DAC75}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{93DBF2BB-A2B3-4683-A92E-57E60751F346}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{d925bc12-7440-413e-a040-cef15508f0c5}]Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486}Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3B181CF2-878B-4758-8FBD-59D8AC5AB12D}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{490A5A0F-1471-47FF-8BB5-719F1F5238AD}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458E-AE16-1C1D8255C28A}Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458E-AE16-1C1D8255C28A}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EC29EDF6-AD3C-4E1C-A087-D6CB81400C43}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{93DBF2BB-A2B3-4683-A92E-57E60751F346}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d925bc12-7440-413e-a040-cef15508f0c5}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\17BDFF48CB2043A3A7504DED58A442C5Key Deleted : HKCU\Software\GlobalUpdateKey Deleted : HKCU\Software\TutoTagKey Deleted : HKCU\Software\ReimageKey Deleted : HKCU\Software\YTDownloaderKey Deleted : HKCU\Software\gameoKey Deleted : HKCU\Software\reimagerepairKey Deleted : HKCU\Software\Local AppWizard-Generated ApplicationsKey Deleted : HKCU\Software\AppDataLow\Software\MediaPlayerEnhanceKey Deleted : HKCU\Software\AppDataLow\Software\Rr SavingsKey Deleted : HKCU\Software\AppDataLow\Software\RrSavingsKey Deleted : HKCU\Software\AppDataLow\Software\Supra SavingsKey Deleted : HKLM\SOFTWARE\MediaPlayerEnhanceKey Deleted : HKLM\SOFTWARE\PIPKey Deleted : HKLM\SOFTWARE\SupDpKey Deleted : HKLM\SOFTWARE\suprasavingsKey Deleted : HKLM\SOFTWARE\TutorialsKey Deleted : HKLM\SOFTWARE\YTDownloaderKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{35827710-D042-428B-A1E5-E20E12D2FEB9}Key Deleted : [x64] HKLM\SOFTWARE\LevelQualityWatcherKey Deleted : [x64] HKLM\SOFTWARE\RrSavingsKey Deleted : [x64] HKLM\SOFTWARE\suprasavingsKey Deleted : [x64] HKLM\SOFTWARE\Updater By SweetpacksKey Deleted : [x64] HKLM\SOFTWARE\ReimageKey Deleted : [x64] HKLM\SOFTWARE\YTDownloaderKey Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Reimage ProtectorKey Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1CKey Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CDKey Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7***** [ Web browsers ] *****-\\ Internet Explorer v11.0.9600.17728Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page]-\\ Mozilla Firefox v[3dkt76nv.default\prefs.js] - Line Deleted : user_pref("CT3239904.1000234.weatherData", "{\"icon\":\"32.png\",\"temperature\":\"83°F\",\"temperatureClear\":\"83°F\",\"highTemperature\":\"93°F\",\"lowTemperature\":\"59°F\",\"feelsLike\":\"80°F\",[...][3dkt76nv.default\prefs.js] - Line Deleted : user_pref("CT3239904.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");[3dkt76nv.default\prefs.js] - Line Deleted : user_pref("CT3239904.embeddedsData", "[{\"appId\":\"129878973612432233\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...][3dkt76nv.default\prefs.js] - Line Deleted : user_pref("CT3239904.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fsearch.conduit.com%2F%3Fctid%3DCT3298570%26octid%3DCT3298570%26SearchSource%3D61%26CUI%3DUN7[...][3dkt76nv.default\prefs.js] - Line Deleted : user_pref("CT3286042.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");[3dkt76nv.default\prefs.js] - Line Deleted : user_pref("CT3289663.1000234.weatherData", "{\"icon\":\"29.png\",\"temperature\":\"62°F\",\"temperatureClear\":\"62°F\",\"highTemperature\":\"62°F\",\"lowTemperature\":\"43°F\",\"feelsLike\":\"62°F\",[...][3dkt76nv.default\prefs.js] - Line Deleted : user_pref("CT3289663.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");[3dkt76nv.default\prefs.js] - Line Deleted : user_pref("CT3298570.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");[3dkt76nv.default\prefs.js] - Line Deleted : user_pref("CT3298570.embeddedsData", "[{\"appId\":\"130110228341463105\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...][3dkt76nv.default\prefs.js] - Line Deleted : user_pref("CT3298570.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fsearch.conduit.com%2F%3Fctid%3DCT3298570%26octid%3DCT3298570%26SearchSource%3D61%26CUI%3DUN7[...][3dkt76nv.default\prefs.js] - Line Deleted : user_pref("extensions.VYbDR.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\"sumorobo.n[...][3dkt76nv.default\prefs.js] - Line Deleted : user_pref("extensions.WZ3n.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\"sumorobo.ne[...][3dkt76nv.default\prefs.js] - Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...][3dkt76nv.default\prefs.js] - Line Deleted : user_pref("extensions.dynconff.cache.search.conduit.com.content", "<package expire=\"3600\" es=\"914\" pcdids=\"v51_1169_1348_1420\"><content id=\"IntextAds\">\r\n<newjs>\r\n<![CDATA[\r\n\r\ntry {\r\n[...][3dkt76nv.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.DockingPositionDown", false);[3dkt76nv.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.Visibility", false);[3dkt76nv.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.countryiso", "us");[3dkt76nv.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.downloadprovider", "quickobrw");[3dkt76nv.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.installationid", "64cfa884-eb4e-4fc7-a8f1-7a7ed71afee5");[3dkt76nv.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.installdate", "11/06/2013");[3dkt76nv.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.publisher", "quickobrw");[3dkt76nv.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.enable_search1", false);[3dkt76nv.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);[3dkt76nv.default\prefs.js] - Line Deleted : user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21087\",\"supported_sites\":{\"google\":{\"patterns\":[\"^hxxp\\\\:\\/\\/www\\\\.google\\\\..{2,3}(\\\\\\/ig\\\\\\/firefox)\",\"[...][3dkt76nv.default\prefs.js] - Line Deleted : user_pref("extensions.wajam.trace_log", "1370821463940 - onFlagInfoReceived - Same server mapping version, don't update\n1370821463940 - onFlagInfoReceived - Saving server mapping version\n13708214639[...][niay4rle.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");[niay4rle.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "Ask.com");[niay4rle.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "Ask.com");[niay4rle.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "Ask.com");[niay4rle.default\prefs.js] - Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "");[niay4rle.default\prefs.js] - Line Deleted : user_pref("extensions.crossrider.bic", "13ab8e032c6e6bfba17aeee9bb15f202");-\\ Google Chrome v36.0.1985.125[C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Preferences] - Deleted [Extension] : dgjkhjdcljddbedokogakmmdjgnbeanf[C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Preferences] - Deleted [Extension] : lekgiimbfodefdaoofhlckefjbgpeilo[C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Preferences] - Deleted [Extension] : gafhhbahpojnjfhpepjjfjojbphnogmn[C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Preferences] - Deleted [Extension] : lekgiimbfodefdaoofhlckefjbgpeilo-\\ Opera v0.0.0.0*************************AdwCleaner[R0].txt - [134887 bytes] - [25/07/2014 15:35:26]AdwCleaner[R1].txt - [134887 bytes] - [25/07/2014 16:10:11]AdwCleaner[R2].txt - [131174 bytes] - [25/07/2014 17:04:10]AdwCleaner[R3].txt - [37748 bytes] - [27/04/2015 19:03:34]AdwCleaner[s0].txt - [36289 bytes] - [27/04/2015 19:16:41]########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [36349 bytes] ##########
-
My computer has tons of pop up all over the page that I am on
Need help with too many pop ups
in Malware Removal
Posted
No the 2 things were not on the uninstall/install list. Computer is running great!! No pop ups or anything!