[FireFighter254]

Hello,

 

I need serious help to gain access back to my files and programs for work. Never a problem on this machine until I performed a restart yesterday. It seems that I have lost my Admin Rights. I verified under User Accounts that my user name is the Admin. I can not alter/delete programs, start Admin required scanners like TDSSKiller unless in Safe Mode.

 

I haven't installed any new software, etc.

 

I have a Dell Inspiron, Core i7, 8GB RAM, up to date browsers IE and Chrome and run OS Win 8 Version 6.2.9200

 

Run MBAM Pro & Norton 360 as my virus and firewall software.

 

 

 

1) I ran cmd prompt and entered "netuser administrator /active:yes" and received "Access Denied System Error 5"

 

2) I can only run my MalwareBytes Pro under Safe Mode, full scan, no results, no threats found

 

3) Ran Trend Micro full scan, no threats found

 

4) Ran Norton 360 full scan, no threats found

 

5) Ran TDSSKiller in safe mode, would not generate a log file and only found the threats shown in screen shot below

 

 

This is the error pop up window I receive when trying to perform anything as Admin:

 

 

TDSS Screenshot:

 

 

 

I am in dire need of getting this corrected as I use this machine for my business.

 

Thank you so much.

 

EDIT: Ran the SFC/Scannow in safe mode. It stated that it repaired some files and some not able to repair. I also ran the "net user administrator /active:yes" command in safe mode and it replied that it was successful. I restarted, log back in and I am still receiving the same error that I do not have admin rights.

Edited by FireFighter254, 26 April 2014 - 11:48 AM.

[Advertisements]

Hello FireFighter254, welcome to Malware Removal section of the forum.

My name around here is SleepyDude and I will be helping you with your Computer problem. I know that having a computer with problems can be very frustrating but I will do my best to help you fixing the issue.

Sometimes this can be a long process, it's very important that you stay with me and follow all my instructions to the letter until I declare your machine is clean.
I have compiled a list of guidelines you must take in consideration so that the helping process goes smooth for you and for me:

• Please perform all steps in the order they are listed in each set of instructions
• Don't install/uninstall any software or run any other cleaning tools besides the ones I ask you to use
  • Running other programs can interfere with the tools we use and have unpredicted results. Also I need to know what is going on with your machine at any time
• If possible avoid using the computer for other tasks until we finish the cleaning process
  • The reason for this is because it can make the malware infection worst and more difficult to clean. Some malware can download updates from the internet when you use the computer
• Please don't attach your logs instead Copy & Paste the information to your post unless specifically instructed to do so
• Please read every post completely before doing anything if you have some doubts or questions please ask before continuing

.
IMPORTANT: At GeeksToGo we do our best to help you solving the problem but sometimes things don't go as planned. To be safe than sorry you should Backup your important data to a safe place, anywhere except on the computer with problems.

The all fixing process need to be executed from a user account with Administrator privileges also some of the tasks need to be executed in Safe Mode, you should save or print the instructions for use when you don't have access to the forum.
 

«»«»«»

Can you execute the following steps in Safe Mode?
.
Step 1 - Farbar Recovery Scan Tool (FRST)

• Download FRST or FRST x64 and save it to the Desktop.
  (Please pick the version that matches your operating system's bit type. If you don't know which version matches your system, try FRST if it say that is not compatible with your OS you have to use FRST64
• Execute FRST/FRST64 right click on the icon and choose Run as Administrator. Make sure all other windows are closed.
  (When the Tool opens for the first time you must click Yes on the disclaimer.)
  

• Press Scan button.
• It will produce a log called (FRST.txt) in the same directory the Tool is run from.
• The first time the Tool is run, it makes also another log (Addition.txt).
• Please copy and paste the logs to your post.

 

Things I would like to see in your next reply:

• The FRST.txt log and Addition.txt

[SleepyDude]

Hello FireFighter254, welcome to Malware Removal section of the forum.

My name around here is SleepyDude and I will be helping you with your Computer problem. I know that having a computer with problems can be very frustrating but I will do my best to help you fixing the issue.

Sometimes this can be a long process, it's very important that you stay with me and follow all my instructions to the letter until I declare your machine is clean.
I have compiled a list of guidelines you must take in consideration so that the helping process goes smooth for you and for me:

• Please perform all steps in the order they are listed in each set of instructions
• Don't install/uninstall any software or run any other cleaning tools besides the ones I ask you to use
  • Running other programs can interfere with the tools we use and have unpredicted results. Also I need to know what is going on with your machine at any time
• If possible avoid using the computer for other tasks until we finish the cleaning process
  • The reason for this is because it can make the malware infection worst and more difficult to clean. Some malware can download updates from the internet when you use the computer
• Please don't attach your logs instead Copy & Paste the information to your post unless specifically instructed to do so
• Please read every post completely before doing anything if you have some doubts or questions please ask before continuing

.
IMPORTANT: At GeeksToGo we do our best to help you solving the problem but sometimes things don't go as planned. To be safe than sorry you should Backup your important data to a safe place, anywhere except on the computer with problems.

The all fixing process need to be executed from a user account with Administrator privileges also some of the tasks need to be executed in Safe Mode, you should save or print the instructions for use when you don't have access to the forum.
 

«»«»«»

Can you execute the following steps in Safe Mode?
.
Step 1 - Farbar Recovery Scan Tool (FRST)

• Download FRST or FRST x64 and save it to the Desktop.
  (Please pick the version that matches your operating system's bit type. If you don't know which version matches your system, try FRST if it say that is not compatible with your OS you have to use FRST64
• Execute FRST/FRST64 right click on the icon and choose Run as Administrator. Make sure all other windows are closed.
  (When the Tool opens for the first time you must click Yes on the disclaimer.)
  

• Press Scan button.
• It will produce a log called (FRST.txt) in the same directory the Tool is run from.
• The first time the Tool is run, it makes also another log (Addition.txt).
• Please copy and paste the logs to your post.

 

Things I would like to see in your next reply:

• The FRST.txt log and Addition.txt

[FireFighter254]

Sure, will do right now. I will perform is Safe Mode because my Admin Rights are being blocked.

 

Note: After I ran the sfc/scannow as stated in my edit of the OP, it seems to have created another user "Administrator" on my machine in addition to my only other user which I can't use. So, I logged on to the new "admin" and tried making changes to my existing user and it won't allow me. So, I am very confused.

 

Here are the logs as requested and thank you for helping me!

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-04-2014 03
Ran by sales_000 (administrator) on NGSP-T556 on 26-04-2014 15:51:20
Running from C:\Users\sales_000\Desktop
Windows 8 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Safe Mode (minimal)

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

 

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [DellWPF] => [X]
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [11577216 2012-08-27] (Motorola Solutions, Inc.)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [5762408 2013-02-01] (Dell Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6846096 2012-11-19] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1253520 2012-11-19] (Realtek Semiconductor)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642728 2012-10-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-04] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [143888 2012-06-02] (CyberLink Corp.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2362392 2013-11-21] (Sony Corporation)
HKLM-x32\...\Run: [Video Software Starter] => C:\Program Files (x86)\Arecont Vision\Video Surveillance\starter.exe [429384 2007-08-14] (Arecont Vision)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\Run: [EPSON628194 (Artisan 730)] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHQA.EXE [283232 2013-04-18] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-666710307-366404103-328530980-1001\...\Run: [EPLTarget\P0000000000000000] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIHQA.EXE [283232 2013-04-18] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-666710307-366404103-328530980-1001\...\Run: [DellSystemDetect] => C:\Users\sales_000\AppData\Local\Apps\2.0\T4E3B6V4.L31\1L0BZ3ME.1TE\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe [254976 2014-04-21] (Dell)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hp-laptop.aol.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://google.com/
SearchScopes: HKLM - DefaultScope {260915BB-5D44-4FF8-8284-26612F3E46E8} URL = http://www.bing.com/...E10TR&pc=MDDCJS
SearchScopes: HKLM - {260915BB-5D44-4FF8-8284-26612F3E46E8} URL = http://www.bing.com/...E10TR&pc=MDDCJS
SearchScopes: HKLM-x32 - {260915BB-5D44-4FF8-8284-26612F3E46E8} URL = http://www.bing.com/...E10TR&pc=MDDCJS
SearchScopes: HKCU - DefaultScope {260915BB-5D44-4FF8-8284-26612F3E46E8} URL =
SearchScopes: HKCU - {260915BB-5D44-4FF8-8284-26612F3E46E8} URL =
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {DB7ACFA2-9634-4C98-BC9D-FB9416153022} http://192.168.0.100.../nvEPLMedia.cab
DPF: HKLM-x32 {E19E79EC-F62E-40A0-952D-E49AEC7BEC2F} http://192.168.0.100...l/nvA1Media.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 216.170.153.146

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\sales_000\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2014-01-16]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK

Chrome:
=======
CHR HomePage:
CHR StartupUrls: "hxxp://hp-laptop.aol.com/", "hxxp://google.com/"
CHR Extension: (Google Wallet) - C:\Users\sales_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKCU\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - C:\Users\sales_000\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx [2013-08-22]
CHR HKCU\...\Chrome\Extension: [oajgghejjpgkmpgbchgjieahoefimdle] - C:\Users\sales_000\AppData\Local\CRE\oajgghejjpgkmpgbchgjieahoefimdle.crx [2013-04-13]
CHR HKLM-x32\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - C:\Users\sales_000\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx [2013-04-13]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\Exts\Chrome.crx [2014-03-27]
CHR HKLM-x32\...\Chrome\Extension: [oajgghejjpgkmpgbchgjieahoefimdle] - C:\Users\sales_000\AppData\Local\CRE\oajgghejjpgkmpgbchgjieahoefimdle.crx [2013-04-13]

==================== Services (Whitelisted) =================

S2 Decor8; C:\Program Files (x86)\Stardock\Decor8\Decor8Srv.exe [74864 2013-01-25] (Stardock Software, Inc)
S2 hasplms; C:\windows\system32\hasplms.exe [4609928 2013-08-09] (SafeNet Inc.)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S2 LMSrv; C:\Program Files (x86)\Arecont Vision\Video Surveillance\LMService.exe [883016 2007-08-14] (Arecont Vision)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S2 ModernMix; C:\Program Files (x86)\Stardock\ModernMix\MMixSrv.exe [74864 2013-02-28] (Stardock Software, Inc)
S2 MSSQL$COMPASS20; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.COMPASS20\MSSQL\Binn\sqlservr.exe [43028328 2011-09-22] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
S2 N360; C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\N360.exe [265040 2014-03-12] (Symantec Corporation)
S2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481304 2013-11-21] (Sony Corporation)
S2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201872 2012-11-23] (Realtek Semiconductor)
S2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1914728 2012-11-26] (SoftThinks SAS)
S4 SQLAgent$COMPASS20; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.COMPASS20\MSSQL\Binn\SQLAGENT.EXE [370024 2011-09-22] (Microsoft Corporation)
S2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [142960 2013-03-19] (Stardock Software, Inc)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)
S2 postgresql-x64-9.0; C:/Program Files/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N "postgresql-x64-9.0" -D "C:/Program Files/PostgreSQL/9.0/data" -w [X]

==================== Drivers (Whitelisted) ====================

S3 akshasp; C:\Windows\system32\DRIVERS\akshasp.sys [60488 2013-08-09] (SafeNet Inc.)
S3 akshhl; C:\Windows\system32\DRIVERS\akshhl.sys [63944 2013-08-09] (SafeNet Inc.)
S3 aksusb; C:\Windows\system32\DRIVERS\aksusb.sys [303624 2013-08-09] (SafeNet Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [35496 2012-07-09] (Advanced Micro Devices, Inc.)
S1 BHDrvx64; C:\Program Files (x86)\Norton 360 Premier Edition\NortonData\21.1.0.18\Definitions\BASHDefs\20140409.001\BHDrvx64.sys [1525976 2014-03-18] (Symantec Corporation)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [117632 2013-05-31] (Microsoft Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [121728 2012-08-27] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [857472 2012-08-29] (Motorola Solutions, Inc.)
S1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1502000.026\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
S1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2012-08-05] (OSR Open Systems Resources, Inc.)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-01-10] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-01-10] (Symantec Corporation)
S2 hardlock; C:\windows\system32\drivers\hardlock.sys [331328 2013-08-09] (SafeNet Inc.)
S1 IDSVia64; C:\Program Files (x86)\Norton 360 Premier Edition\NortonData\21.1.0.18\Definitions\IPSDefs\20140425.001\IDSvia64.sys [525016 2014-03-26] (Symantec Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 NAVENG; C:\Program Files (x86)\Norton 360 Premier Edition\NortonData\21.1.0.18\Definitions\VirusDefs\20140425.009\ENG64.SYS [126040 2014-03-02] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton 360 Premier Edition\NortonData\21.1.0.18\Definitions\VirusDefs\20140425.009\EX64.SYS [2099288 2014-03-02] (Symantec Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-08] (Intel Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-09-20] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-09-20] (Synaptics Incorporated)
S3 SRTSP; C:\Windows\System32\Drivers\N360x64\1502000.026\SRTSP64.SYS [875736 2014-02-12] (Symantec Corporation)
S1 SRTSPX; C:\Windows\system32\drivers\N360x64\1502000.026\SRTSPX64.SYS [36952 2013-09-09] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1502000.026\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1502000.026\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1502000.026\SymELAM.sys [23568 2013-09-09] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-01-11] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\N360x64\1502000.026\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation)
S1 SymNetS; C:\Windows\System32\Drivers\N360x64\1502000.026\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
S3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows ® Win 7 DDK provider)
S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [35344 2014-03-24] ()
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows ® Win 7 DDK provider)
S3 iscFlash; \??\C:\Users\SALES_~1\AppData\Local\Temp\7zS83A3.tmp\iscflashx64.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-04-26 14:15 - 2014-04-26 14:15 - 00000000 _____ () C:\windows\EEventManager.INI
2014-04-26 14:05 - 2014-04-26 14:08 - 00000000 ____D () C:\Users\Administrator
2014-04-25 21:26 - 2014-04-25 21:48 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-04-25 18:39 - 2014-04-25 18:39 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-04-25 11:05 - 2014-04-25 11:05 - 00000000 ___HD () C:\windows\system32\Settings
2014-04-18 10:49 - 2014-04-18 10:49 - 00000000 ____D () C:\Users\postgres
2014-04-18 10:46 - 2014-04-18 10:46 - 00000000 ____D () C:\Program Files\PostgreSQL
2014-04-18 10:39 - 2014-04-25 04:56 - 00000000 ____D () C:\Program Files (x86)\PokerTracker 4
2014-04-16 01:12 - 2014-04-25 10:53 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-04-16 01:12 - 2014-04-16 01:12 - 00003718 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-04-15 20:47 - 2014-04-18 13:05 - 00000000 ____D () C:\Program Files (x86)\CarbonPoker Odds Calculator
2014-04-14 17:05 - 2014-04-15 11:08 - 00000000 ____D () C:\Program Files (x86)\Yahoo!
2014-04-14 11:49 - 2014-01-26 23:42 - 02232664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-04-14 11:49 - 2014-01-26 23:39 - 01939288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-04-14 11:49 - 2014-01-26 20:52 - 17561088 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-04-14 11:49 - 2014-01-26 20:31 - 19752448 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-04-14 11:49 - 2014-01-11 02:48 - 05979648 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-04-14 11:48 - 2014-02-03 19:56 - 00332632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-04-14 11:48 - 2014-02-03 19:56 - 00278872 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-04-14 11:48 - 2014-01-30 23:55 - 00209712 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2014-04-14 11:48 - 2014-01-30 20:48 - 00564736 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-04-14 11:48 - 2014-01-30 20:48 - 00485888 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSDApi.dll
2014-04-14 11:48 - 2014-01-30 20:48 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-14 11:48 - 2014-01-30 20:48 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-14 11:48 - 2014-01-30 20:06 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-04-14 11:48 - 2014-01-30 20:06 - 00599040 _____ (Microsoft Corporation) C:\windows\system32\WSDApi.dll
2014-04-14 11:48 - 2014-01-30 20:06 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-14 11:48 - 2014-01-26 19:17 - 00386722 _____ () C:\windows\system32\ApnDatabase.xml
2014-04-14 11:48 - 2014-01-15 19:42 - 00118784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dfsc.sys
2014-04-14 11:48 - 2014-01-11 01:06 - 05092352 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-04-14 11:48 - 2014-01-02 19:35 - 00365568 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll
2014-04-14 11:48 - 2014-01-02 19:32 - 00523264 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll
2014-04-14 11:47 - 2014-03-06 20:48 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-04-14 11:47 - 2014-03-06 20:48 - 01140736 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-04-14 11:47 - 2014-03-06 20:47 - 14357504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-04-14 11:47 - 2014-03-06 20:47 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-04-14 11:47 - 2014-03-06 20:47 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-04-14 11:47 - 2014-03-06 20:47 - 02049536 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-04-14 11:47 - 2014-03-06 20:47 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-04-14 11:47 - 2014-03-06 20:47 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-04-14 11:47 - 2014-03-06 20:47 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-04-14 11:47 - 2014-03-06 20:08 - 19273216 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-04-14 11:47 - 2014-03-06 20:08 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-04-14 11:47 - 2014-03-06 20:08 - 03959808 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-04-14 11:47 - 2014-03-06 20:08 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-04-14 11:47 - 2014-03-06 20:08 - 02240000 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-04-14 11:47 - 2014-03-06 20:08 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-04-14 11:47 - 2014-03-06 20:08 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-04-14 11:47 - 2014-03-06 20:08 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-04-14 11:47 - 2014-03-06 20:08 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-04-14 11:47 - 2014-03-06 20:08 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-04-14 11:47 - 2013-05-15 18:37 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-04-14 11:47 - 2013-05-15 18:35 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-04-14 11:47 - 2013-05-14 09:14 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-04-14 11:47 - 2013-05-14 05:23 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-04-14 11:47 - 2013-02-21 06:14 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-04-14 11:47 - 2012-07-25 23:06 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-04-11 15:57 - 2014-04-11 15:57 - 00318896 _____ () C:\windows\system32\FNTCACHE.DAT
2014-04-09 11:13 - 2014-02-05 19:41 - 01257984 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-04-09 11:13 - 2014-02-05 19:41 - 00978432 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-04-09 11:13 - 2014-02-05 19:26 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-04-09 11:13 - 2014-02-05 19:19 - 00974848 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\windows\System32\Tasks\Norton 360

==================== One Month Modified Files and Folders =======

2014-04-26 15:48 - 2012-07-26 01:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-04-26 15:46 - 2013-02-07 07:34 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2014-04-26 15:44 - 2013-04-18 13:21 - 00003592 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-666710307-366404103-328530980-1001
2014-04-26 15:31 - 2013-02-07 07:03 - 01739808 _____ () C:\windows\WindowsUpdate.log
2014-04-26 14:15 - 2014-04-26 14:15 - 00000000 _____ () C:\windows\EEventManager.INI
2014-04-26 14:08 - 2014-04-26 14:05 - 00000000 ____D () C:\Users\Administrator
2014-04-26 14:08 - 2013-04-18 13:15 - 00000000 ____D () C:\windows\System32\Tasks\WPD
2014-04-26 14:08 - 2012-07-26 04:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-04-26 13:38 - 2013-02-07 06:51 - 00676388 _____ () C:\windows\PFRO.log
2014-04-26 11:33 - 2012-07-26 04:12 - 00000000 ____D () C:\windows\system32\FxsTmp
2014-04-25 21:48 - 2014-04-25 21:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-04-25 18:39 - 2014-04-25 18:39 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-04-25 16:39 - 2013-04-18 13:12 - 00000000 ____D () C:\Users\sales_000
2014-04-25 12:23 - 2012-07-26 03:28 - 00941798 _____ () C:\windows\system32\PerfStringBackup.INI
2014-04-25 11:07 - 2012-07-26 01:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-04-25 11:05 - 2014-04-25 11:05 - 00000000 ___HD () C:\windows\system32\Settings
2014-04-25 11:00 - 2012-07-26 04:12 - 00000000 ____D () C:\windows\system32\sru
2014-04-25 10:53 - 2014-04-16 01:12 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-04-25 10:52 - 2013-04-18 14:06 - 00000924 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-25 05:53 - 2014-01-03 17:07 - 00000000 ____D () C:\Program Files (x86)\CarbonPoker
2014-04-25 04:56 - 2014-04-18 10:39 - 00000000 ____D () C:\Program Files (x86)\PokerTracker 4
2014-04-23 12:48 - 2013-04-18 14:06 - 00000920 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-19 18:57 - 2013-09-10 12:01 - 00000157 _____ () C:\windows\SysWOW64\SystemPreferences.xml
2014-04-18 13:05 - 2014-04-15 20:47 - 00000000 ____D () C:\Program Files (x86)\CarbonPoker Odds Calculator
2014-04-18 10:49 - 2014-04-18 10:49 - 00000000 ____D () C:\Users\postgres
2014-04-18 10:46 - 2014-04-18 10:46 - 00000000 ____D () C:\Program Files\PostgreSQL
2014-04-16 01:12 - 2014-04-16 01:12 - 00003718 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-04-15 11:38 - 2012-07-26 04:12 - 00000000 ____D () C:\windows\rescache
2014-04-15 11:09 - 2012-07-26 03:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-04-15 11:08 - 2014-04-14 17:05 - 00000000 ____D () C:\Program Files (x86)\Yahoo!
2014-04-15 11:06 - 2012-07-26 04:12 - 00000000 ___RD () C:\windows\ToastData
2014-04-15 11:06 - 2012-07-26 04:12 - 00000000 ____D () C:\windows\WinStore
2014-04-11 15:57 - 2014-04-11 15:57 - 00318896 _____ () C:\windows\system32\FNTCACHE.DAT
2014-04-11 15:56 - 2012-07-26 04:12 - 00000000 ___HD () C:\windows\ELAMBKUP
2014-04-09 16:07 - 2013-08-19 12:41 - 00000000 ____D () C:\windows\system32\MRT
2014-04-09 16:05 - 2013-04-18 13:52 - 90655440 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-04-09 01:47 - 2013-04-18 13:47 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-04-08 16:22 - 2013-04-18 13:47 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-04-08 16:22 - 2013-04-18 13:47 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-04-08 16:21 - 2013-04-18 13:47 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-04-08 16:21 - 2013-04-18 13:47 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-04-08 11:51 - 2013-04-18 13:47 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-04-08 11:50 - 2013-02-07 06:41 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-04-08 11:50 - 2013-02-07 06:41 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-04-03 14:49 - 2014-04-03 14:49 - 00000000 ____D () C:\windows\System32\Tasks\Norton 360
2014-04-03 14:42 - 2013-04-18 16:46 - 00003238 _____ () C:\windows\System32\Tasks\Norton WSC Integration
2014-04-03 14:42 - 2013-04-18 16:45 - 00000000 ____D () C:\windows\system32\Drivers\N360x64
2014-04-03 14:41 - 2013-04-26 08:13 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-03 14:40 - 2013-04-26 08:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-04-03 14:30 - 2012-07-26 04:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-04-03 14:30 - 2012-07-26 04:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-31 17:18 - 2013-11-16 13:37 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-31 17:18 - 2013-05-18 12:28 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-03-30 17:26 - 2014-03-26 16:23 - 00007970 _____ () C:\windows\system32\lvcoinst.log
2014-03-28 12:43 - 2013-04-18 14:06 - 00003896 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-28 12:43 - 2013-04-18 14:06 - 00003660 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-04-17 14:44

==================== End Of Log ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-04-2014 03
Ran by sales_000 at 2014-04-26 15:51:55
Running from C:\Users\sales_000\Desktop
Boot Mode: Safe Mode (minimal)
==========================================================

==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton 360 Premier Edition (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 Premier Edition (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 Premier Edition (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 12.5.100.21025 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1016.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{B9C542F2-31A8-8EC1-B349-28C74D2A865C}) (Version: 8.0.891.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AV Video System (HKLM-x32\...\{B3773B5E-7911-4336-B6E6-2CF07FA01EAD}) (Version: 5.6.11.96 - Arecont Vision)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CarbonPoker (HKCU\...\CarbonPoker) (Version: 6.0 - )
CarbonPoker Odds Calculator 1.0.8 (HKLM-x32\...\CarbonPoker Odds Calculator_is1) (Version:  - http://www.carbonpoker.ag)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2012.1025.346.4844 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.1025.346.4844 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.1025.346.4844 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2012.1025.346.4844 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.1025.0345.4844 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.1025.0345.4844 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.1025.0345.4844 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.1025.0345.4844 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.1025.0345.4844 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.1025.0345.4844 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.1025.0345.4844 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.1025.0345.4844 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.1025.0345.4844 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.1025.0345.4844 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.1025.0345.4844 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.1025.0345.4844 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.1025.0345.4844 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.1025.0345.4844 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.1025.0345.4844 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.1025.0345.4844 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.1025.346.4844 - Advanced Micro Devices, Inc.) Hidden
Compass 2.0 (HKLM-x32\...\InstallShield_{CD04C0A6-433F-427A-A101-1EE3844BC6DF}) (Version: 22.2.0.2 - Honeywell)
Compass 2.0 (x32 Version: 22.2.0.2 - Honeywell) Hidden
Crystal Reports for .NET Framework 2.0 (x86) (HKLM-x32\...\{7C05EEDD-E565-4E2B-ADE4-0C784C17311C}) (Version: 10.2.0 - Business Objects)
CyberLink LabelPrint 2.5 (x32 Version: 2.5.5415a - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (x32 Version: 10.0.1.1913 - CyberLink Corp.) Hidden
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1904 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1904 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (x32 Version: 10.0.4318.52 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.0.0.5 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.0.0.5 - Dell Inc.)
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.7.0.6 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 16.2.12.17 - Synaptics Incorporated)
EPSON Artisan 730 Series Printer Uninstall (HKLM\...\EPSON Artisan 730 Series) (Version:  - SEIKO EPSON Corporation)
Epson Connect (HKLM-x32\...\{64BA551C-9AF6-495C-93F3-D1270E0045FC}) (Version:  - )
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)
Epson Download Navigator (HKLM-x32\...\{10F63395-157F-4B93-AB4D-702A2FF11942}) (Version: 1.0.1 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.05.00 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.8.208 - SurfRight B.V.)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® PRO/Wireless Driver (Version: 16.01.5000.0577 - Intel Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation)
Intel® PROSet/Wireless for Bluetooth® + High Speed (Version: 16.1.1.0084 - Intel Corporation) Hidden
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{0728A184-F899-4356-B93D-8228674F0DEB}) (Version: 2.6.1209.0268 - Motorola Solutions, Inc.)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel® WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.01.5000.0269 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 11.1.0.0 - Lightworks)
LTCM Client (HKLM-x32\...\{B38E9B55-7136-4E66-A084-320512FF3F6F}) (Version: 1.20.3792 - Leader Technologies Inc)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MergeModule_x64 (Version: 8.0.00 - Sony Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Standard 2007 (HKLM-x32\...\STANDARDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Standard 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM-x32\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 (x32 Version:  - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (x32 Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (x32 Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (x32 Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Native Client (HKLM\...\{2738C4AA-420E-4E13-ADEF-B5AB250E3EF1}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (x32 Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Setup Support Files  (HKLM-x32\...\{8F72E2D4-1E48-4534-8DB8-1E8E012899C6}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
Norton 360 (HKLM-x32\...\N360) (Version: 21.2.0.38 - Symantec Corporation)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
PFPortChecker 1.0.39 (HKLM-x32\...\PFPortChecker) (Version: 1.0.39 - Portforward.com)
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PlayMemories Home (HKLM-x32\...\{4C93E894-BE17-463B-A789-4CAB706987A0}) (Version: 8.0.21.11211 - Sony Corporation)
PokerTracker 4 (remove only) (HKLM-x32\...\PokerTracker4) (Version:  - )
PostgreSQL 9.0  (HKLM\...\PostgreSQL 9.0) (Version: 9.0 - PostgreSQL Global Development Group)
PowerXpressHybrid (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.15.017 - Dell Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6788 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Service Pack 3 for SQL Server 2008 (KB2546951) (HKLM-x32\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SKSS-2 (HKLM-x32\...\SKSS-2) (Version: 2.5.0.16 - Silent Knight by Honeywell)
SmartControlCenter (HKLM-x32\...\{63CE935C-03E3-4EB4-B194-792CB2F91C87}) (Version: 1.1.1.3 - Netgear)
SOHLib for PlayMemories Home (Version: 1.0.1.11110 - Sony Corporation) Hidden
Sql Server Customer Experience Improvement Program (x32 Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Stardock Decor8 (HKLM-x32\...\Stardock Decor8) (Version: 1.05.3 - Stardock Software, Inc.)
Stardock ModernMix (HKLM-x32\...\Stardock ModernMix) (Version: 1.00 - Stardock Software, Inc.)
Stardock Start8 (HKLM-x32\...\Stardock Start8) (Version: 1.20 - Stardock Software, Inc.)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_STANDARDR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_STANDARDR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_STANDARDR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_STANDARDR_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_STANDARDR_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878297) 32-Bit Edition (HKLM-x32\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{9B1DEEA3-B4ED-49F0-9EF7-4A820EEEA7F1}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_STANDARDR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_STANDARDR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_STANDARDR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Xvid 1.1.2 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.1 - Xvid team (Koepi))
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
YTD Video Downloader 4.7.4 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.7.4 - GreenTree Applications SRL)

==================== Restore Points  =========================

09-04-2014 19:33:39 Windows Update
14-04-2014 22:01:26 Windows Update
18-04-2014 14:44:33 Installed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

==================== Hosts content: ==========================

2012-07-26 01:26 - 2012-07-26 01:26 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0C69F85F-B5A9-44AF-8FFE-E4958AF0C568} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {32476B81-5B36-4371-BE7C-5B2C4C0C5BA1} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-01-30] (Microsoft Corporation)
Task: {39459792-6EFE-4DF9-B2D7-46F350F1DD6B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-18] (Google Inc.)
Task: {465C696D-87BC-44F2-8473-D7BB0F8E4101} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2013-11-07] (Sony Corporation)
Task: {597079F3-2E86-4105-97BF-54D461825994} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {6D196BF7-D44A-4182-8CF8-E511CE4D362D} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\WSCStub.exe [2014-03-11] (Symantec Corporation)
Task: {7E8CC9E4-9B8C-480D-AFF1-B00887AE2D87} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {889FBD4B-FAC3-48F9-A574-D2B86C04AFEB} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-09-20] (Synaptics Incorporated)
Task: {A6971538-E755-4FAA-BC93-ECF6784EBD82} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {BF00D616-46BE-4B03-A397-E0A968A86841} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CE432FEF-AED5-40F1-B935-41B04FB09101} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {D68D6FCC-2FEA-41EC-BF60-2A662F292814} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-16] (Adobe Systems Incorporated)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {FD670788-9907-4E0A-AC59-12647FDB7F4B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-18] (Google Inc.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"

==================== Disabled items from MSCONFIG ==============

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (04/26/2014 03:43:26 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <4, 0x80070005, Failed to add project: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.

Error: (04/26/2014 03:42:01 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <4, 0x80070005, Failed to add project: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.

Error: (04/26/2014 03:41:32 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <4, 0x80070005, Failed to add project: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.

Error: (04/26/2014 03:41:28 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <4, 0x80070005, Failed to add project: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.

Error: (04/26/2014 03:41:12 PM) (Source: Application Error) (User: )
Description: Faulting application name: GoogleUpdate.exe, version: 1.3.21.103, time stamp: 0x4f3c6d6c
Faulting module name: ntdll.dll, version: 6.2.9200.16578, time stamp: 0x515fac6e
Exception code: 0xc0000374
Fault offset: 0x000daa3c
Faulting process id: 0x58c
Faulting application start time: 0xGoogleUpdate.exe0
Faulting application path: GoogleUpdate.exe1
Faulting module path: GoogleUpdate.exe2
Report Id: GoogleUpdate.exe3
Faulting package full name: GoogleUpdate.exe4
Faulting package-relative application ID: GoogleUpdate.exe5

Error: (04/26/2014 03:40:24 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <4, 0x80070005, Failed to add project: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.

Error: (04/26/2014 03:40:11 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <4, 0x80070005, Failed to add project: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.

Error: (04/26/2014 03:39:51 PM) (Source: Application Error) (User: )
Description: Faulting application name: GoogleUpdate.exe, version: 1.3.21.103, time stamp: 0x4f3c6d6c
Faulting module name: ntdll.dll, version: 6.2.9200.16578, time stamp: 0x515fac6e
Exception code: 0xc0000374
Fault offset: 0x000daa3c
Faulting process id: 0x1254
Faulting application start time: 0xGoogleUpdate.exe0
Faulting application path: GoogleUpdate.exe1
Faulting module path: GoogleUpdate.exe2
Report Id: GoogleUpdate.exe3
Faulting package full name: GoogleUpdate.exe4
Faulting package-relative application ID: GoogleUpdate.exe5

Error: (04/26/2014 03:39:49 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <4, 0x80070005, Failed to add project: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.

Error: (04/26/2014 03:39:35 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <4, 0x80070005, Failed to add project: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.

System errors:
=============
Error: (04/26/2014 03:50:59 PM) (Source: DCOM) (User: NGSP-T556)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (04/26/2014 03:50:53 PM) (Source: DCOM) (User: NGSP-T556)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (04/26/2014 03:50:44 PM) (Source: DCOM) (User: NGSP-T556)
Description: 1084Bluetooth Device MonitorUnavailable{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}

Error: (04/26/2014 03:50:44 PM) (Source: DCOM) (User: NGSP-T556)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (04/26/2014 03:50:03 PM) (Source: DCOM) (User: NGSP-T556)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (04/26/2014 03:49:58 PM) (Source: DCOM) (User: NGSP-T556)
Description: 1084Bluetooth Device MonitorUnavailable{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}

Error: (04/26/2014 03:49:58 PM) (Source: DCOM) (User: NGSP-T556)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (04/26/2014 03:49:52 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: 1084Bluetooth Device MonitorUnavailable{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}

Error: (04/26/2014 03:49:52 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: 1084Bluetooth Device MonitorUnavailable{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}

Error: (04/26/2014 03:49:45 PM) (Source: DCOM) (User: NGSP-T556)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

Microsoft Office Sessions:
=========================
Error: (03/20/2014 10:27:21 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1581153 seconds with 7680 seconds of active time.  This session ended with a crash.

Error: (01/07/2014 03:00:25 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 879199 seconds with 21600 seconds of active time.  This session ended with a crash.

==================== Memory info ===========================

Percentage of memory in use: 16%
Total physical RAM: 8065.27 MB
Available physical RAM: 6762.73 MB
Total Pagefile: 8065.27 MB
Available Pagefile: 6807.96 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:921.43 GB) (Free:849.2 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: F543C303)

Partition: GPT Partition Type.

==================== End Of Log ============================

Edited by FireFighter254, 26 April 2014 - 02:03 PM.

[FireFighter254]

Note: When I started FRST, it gave me an Error: "Unable to create folder C:\FRST/HIVES"  Just FYI

Edited by FireFighter254, 26 April 2014 - 02:41 PM.

[SleepyDude]

Hi,

 

I need some time to check your log but in the meantime I have two questions for you:

 

- Can you tell me exactly what you tried to run when you got that prompt on the image?

- Does the file 12.exe exists on the folder c:\users\sales_000\downloads? In case it does can you copy the file to the Desktop and upload it to the site Virustotal and post the link you get with the scan result.

[FireFighter254]

Hi Sleepydude:

 

I will get that error message anytime I try to run anything that requires admin privileges, i.e.; Task Mgr, Virus/Malware Scanners, MBAMPro, etc, Basically, the machine shows that I am an Admin but my rights are gone and nothing works that I need to work.

 

This started yesterday after I performed a reboot. No new software installed, etc...just a simple reboot.

 

The 12.exe is Trend Micro and yes it exists in that folder, I downloaded it last night and let it scan overnight, there were (0) threats found.

 

Here is the link as requested: https://www.virustot...9U&size=2467424

 

 

AND thank YOU so much for your help, this is so important for me to get my admin user account back to normal for my work.

Edited by FireFighter254, 26 April 2014 - 02:51 PM.

[SleepyDude]

Hi,

 

Can you do the following from the new Administrator account?

 

OTL Scan

• Download OTL to your Desktop
• Execute OTL by double clicking the icon . Make sure all other windows are closed.
  (On Windows Vista or higher right click the file, select Run as Administrator and accept the Security Warning.)
  
• Do not change any other settings and tick only the following check box's:
  • Scan All Users
  • LOP Check
  • Purity Check
• on the box paste this (exclude the Quote text):
  

  netsvcs
  BASESERVICES
  %SYSTEMDRIVE%\*.exe
  /md5start
  services.*
  explorer.exe
  winlogon.exe
  Userinit.exe
  svchost.exe
  /md5stop
  dir %systemdrive%\* /S /A:L /C
  CREATERESTOREPOINT

• Click the button. Let the program run uninterrupted, the scan won't take long.
• When the scan completes, it will open notepad with OTL.Txt and another with Extras.txt. The files are saved on the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the full contents of both files and post in your topic.

Things I would like to see in your next reply:

• The OTL.txt and Extras.txt log's

[FireFighter254]

Ok, logged into the new Admin account, it gives me a pop up error immediatley "EEventManager" Access Denied...just FYI. <--- Nevermind, that's just something with my wireless printer.

 

Here are the OTL logs as requested:

OTL logfile created on: 4/26/2014 5:19:03 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Administrator\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16863)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
7.88 Gb Total Physical Memory | 5.37 Gb Available Physical Memory | 68.23% Memory free
7.88 Gb Paging File | 3.48 Gb Available in Paging File | 44.13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
 
Computer Name: NGSP-T556 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - File not found --
PRC - [2014/04/26 17:17:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe
PRC - [2014/03/12 04:09:49 | 000,265,040 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\n360.exe
PRC - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/11/21 21:10:38 | 000,481,304 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
PRC - [2013/11/07 16:55:02 | 000,495,248 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/03/25 11:28:00 | 000,524,912 | ---- | M] (Stardock Software, Inc) -- C:\Program Files (x86)\Stardock\ModernMix\MMix_32.exe
PRC - [2013/03/19 15:08:23 | 000,142,960 | ---- | M] (Stardock Software, Inc) -- C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
PRC - [2013/02/28 11:15:31 | 000,074,864 | ---- | M] (Stardock Software, Inc) -- C:\Program Files (x86)\Stardock\ModernMix\MMixSrv.exe
PRC - [2013/01/25 11:09:38 | 000,074,864 | ---- | M] (Stardock Software, Inc) -- C:\Program Files (x86)\Stardock\Decor8\Decor8Srv.exe
PRC - [2012/11/28 11:05:52 | 004,047,208 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
PRC - [2012/11/26 00:19:48 | 000,492,904 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
PRC - [2012/11/26 00:18:54 | 001,914,728 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
PRC - [2012/09/06 08:50:40 | 001,124,288 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2012/08/27 12:45:56 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2012/07/17 21:10:32 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012/07/17 21:10:30 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012/07/17 21:10:16 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/07/09 17:47:18 | 000,277,504 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2012/07/09 17:47:14 | 000,007,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012/06/07 23:34:06 | 000,111,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2010/10/12 13:56:40 | 000,979,328 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2007/08/14 08:58:54 | 000,883,016 | ---- | M] (Arecont Vision) -- C:\Program Files (x86)\Arecont Vision\Video Surveillance\LMService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/02/19 18:44:24 | 002,997,248 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\b8b2300d0bf9ba724da3be6102cad482\System.IdentityModel.ni.dll
MOD - [2014/02/19 18:44:21 | 000,029,696 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\IAStorDataMcfeeca6f#\222769ef32df93be8f4bfaa15af11f96\IAStorDataMgrSvcInterfaces.ni.dll
MOD - [2014/02/19 18:44:19 | 000,026,112 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\IAStorCommon\c128566fb08588beea419f74e8b4e1b0\IAStorCommon.ni.dll
MOD - [2014/02/19 18:43:46 | 000,371,200 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\IAStorUtil\00b4ae5413906278331c97a3e413ea48\IAStorUtil.ni.dll
MOD - [2014/02/19 18:43:43 | 000,121,856 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\4e89df05173df61ef526394eeed4428e\SMDiagnostics.ni.dll
MOD - [2014/02/19 18:43:42 | 000,805,376 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\032b537c9d4bbefec6997f44ceb08485\System.ServiceModel.Internals.ni.dll
MOD - [2014/02/19 09:17:17 | 000,399,872 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\752e9098ea35897508c969beff803f91\System.Xml.Linq.ni.dll
MOD - [2014/02/19 09:17:15 | 007,660,032 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d7aaae3b1c95a1a658446d302b9a7f88\System.Xml.ni.dll
MOD - [2014/02/19 09:17:11 | 001,900,544 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\0e9817b12da250f8d4c680e1cb26e1c0\System.Xaml.ni.dll
MOD - [2014/02/19 09:17:09 | 012,877,824 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\11b4af16e791a6b0ada4a97d3e64e27a\System.Windows.Forms.ni.dll
MOD - [2014/02/19 09:16:56 | 019,713,024 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\35742fb7e85a09be10d83cae494cd828\System.ServiceModel.ni.dll
MOD - [2014/02/19 09:16:44 | 002,822,656 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\deba9405e920eefee41a8efe93e93cc6\System.Runtime.Serialization.ni.dll
MOD - [2014/02/19 09:16:40 | 001,180,160 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\dd78e73a53e65bcad68c4e570bdacb05\System.Management.ni.dll
MOD - [2014/02/19 09:16:39 | 001,644,544 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\61be23d6a688188e3419a1eb46fc9d9d\System.Drawing.ni.dll
MOD - [2014/02/19 09:16:33 | 000,975,872 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ffb7bbc6548ff34bc125a8fec79315dc\System.Configuration.ni.dll
MOD - [2014/02/19 09:16:32 | 000,475,648 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\d3abe72a65b16c5ca129dd4509450190\PresentationFramework.Aero2.ni.dll
MOD - [2014/02/19 09:16:31 | 018,785,280 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\952cc4d9a277dc4b0abc0de4a64b11a6\PresentationFramework.ni.dll
MOD - [2014/02/19 09:16:21 | 011,021,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\d860b38580f4403397d67fa84d624447\PresentationCore.ni.dll
MOD - [2014/02/19 09:16:14 | 003,941,888 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\e2fb4aca9e25e4eaac703466d36b17ed\WindowsBase.ni.dll
MOD - [2014/02/19 09:16:09 | 007,041,536 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\bca236f576ea12db3a9191f4586a445a\System.Core.ni.dll
MOD - [2014/02/19 09:16:05 | 010,051,072 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System\f0602360211041a6be208f0b4138dddd\System.ni.dll
MOD - [2014/02/19 09:15:58 | 016,953,856 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\391541c89ed7585fc7e8936c43cee387\mscorlib.ni.dll
MOD - [2012/06/08 15:34:06 | 000,016,400 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2012/06/07 23:34:06 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2013/10/25 03:34:55 | 000,016,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/08/28 17:24:04 | 003,378,416 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2013/08/28 17:23:48 | 000,273,136 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2013/08/28 17:23:40 | 000,626,416 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2013/08/28 17:23:20 | 000,149,744 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2013/08/16 01:39:26 | 002,371,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013/08/09 09:52:12 | 004,609,928 | ---- | M] (SafeNet Inc.) [Auto | Running] -- C:\windows\SysNative\hasplms.exe -- (hasplms)
SRV:64bit: - [2013/06/24 18:54:45 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013/06/01 05:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/05/21 09:14:18 | 000,772,064 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2013/05/04 02:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/05/04 02:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/04/09 00:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/03/01 22:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/03/01 22:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/02/07 06:42:01 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013/01/09 19:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/01/09 19:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012/11/23 04:19:18 | 000,201,872 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService)
SRV:64bit: - [2012/09/21 04:01:39 | 000,111,104 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program Files\PostgreSQL\9.0\bin\pg_ctl.exe -- (postgresql-x64-9.0)
SRV:64bit: - [2012/09/20 02:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012/09/12 19:07:06 | 000,135,984 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2012/09/10 12:50:46 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/07/25 23:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012/07/25 23:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012/07/25 23:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012/07/25 23:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012/07/25 23:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012/07/25 23:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/07/25 23:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012/07/25 23:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012/07/25 23:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012/07/25 23:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012/07/25 20:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012/07/25 20:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012/07/25 20:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012/07/25 20:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012/07/25 20:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012/07/25 20:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2012/04/20 18:16:12 | 000,635,104 | ---- | M] (Intel® Corporation) [Auto | Running] -- c:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2011/12/01 11:04:56 | 000,289,952 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV:64bit: - [2011/06/09 13:01:00 | 000,555,392 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe -- (EpsonCustomerParticipation)
SRV:64bit: - [2009/11/17 08:44:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV - [2014/04/16 01:12:39 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/03/12 04:09:49 | 000,265,040 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\N360.exe -- (N360)
SRV - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/11/21 21:10:38 | 000,481,304 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2013/11/07 16:55:02 | 000,495,248 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2013/09/12 10:16:04 | 000,079,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/03/19 15:08:23 | 000,142,960 | ---- | M] (Stardock Software, Inc) [Auto | Running] -- C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe -- (Start8)
SRV - [2013/02/28 11:15:31 | 000,074,864 | ---- | M] (Stardock Software, Inc) [Auto | Running] -- C:\Program Files (x86)\Stardock\ModernMix\MMixSrv.exe -- (ModernMix)
SRV - [2013/02/07 06:42:01 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/01/25 11:09:38 | 000,074,864 | ---- | M] (Stardock Software, Inc) [Auto | Running] -- C:\Program Files (x86)\Stardock\Decor8\Decor8Srv.exe -- (Decor8)
SRV - [2012/11/26 00:18:54 | 001,914,728 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe -- (SftService)
SRV - [2012/10/16 06:39:32 | 000,277,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/09/06 08:50:40 | 001,124,288 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2012/08/27 12:45:56 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2012/07/25 23:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012/07/17 21:10:32 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/17 21:10:30 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/17 21:10:16 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/07/09 17:47:14 | 000,007,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/08/14 08:58:54 | 000,883,016 | ---- | M] (Arecont Vision) [Auto | Running] -- C:\Program Files (x86)\Arecont Vision\Video Surveillance\LMService.exe -- (LMSrv)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/03/24 16:36:15 | 000,035,344 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\WPRO_41_2001.sys -- (WPRO_41_2001)
DRV:64bit: - [2014/03/04 00:18:12 | 001,148,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\windows\SysNative\Drivers\N360x64\1502000.026\symefa64.sys -- (SymEFA)
DRV:64bit: - [2014/02/17 21:32:41 | 000,593,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\windows\SysNative\Drivers\N360x64\1502000.026\symnets.sys -- (SymNetS)
DRV:64bit: - [2014/02/12 21:59:49 | 000,875,736 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\windows\SysNative\Drivers\N360x64\1502000.026\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2014/01/11 15:02:55 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2013/10/25 03:34:52 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/10/24 18:34:32 | 000,248,240 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/10/10 07:53:35 | 000,096,600 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013/10/08 23:12:46 | 003,345,376 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\windows\SysNative\Drivers\NETwew00.sys -- (NETwNe64)
DRV:64bit: - [2013/10/05 02:10:20 | 000,285,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/10/01 22:50:07 | 000,447,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/09/26 22:45:56 | 000,264,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\windows\SysNative\Drivers\N360x64\1502000.026\ironx64.sys -- (SymIRON)
DRV:64bit: - [2013/09/25 22:50:25 | 000,162,392 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\windows\SysNative\Drivers\N360x64\1502000.026\ccsetx64.sys -- (ccSet_N360)
DRV:64bit: - [2013/09/09 22:47:38 | 000,023,568 | R--- | M] (Symantec Corporation) [Kernel | Boot | Stopped] -- C:\windows\SysNative\Drivers\N360x64\1502000.026\symelam.sys -- (SymELAM)
DRV:64bit: - [2013/09/09 22:47:26 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\windows\SysNative\Drivers\N360x64\1502000.026\symds64.sys -- (SymDS)
DRV:64bit: - [2013/09/09 21:49:49 | 000,036,952 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\windows\SysNative\Drivers\N360x64\1502000.026\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013/08/16 01:41:13 | 000,058,200 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/10 02:30:22 | 000,151,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/09 09:52:12 | 000,331,328 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\windows\SysNative\Drivers\hardlock.sys -- (hardlock)
DRV:64bit: - [2013/08/09 09:52:12 | 000,303,624 | ---- | M] (SafeNet Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\aksusb.sys -- (aksusb)
DRV:64bit: - [2013/08/09 09:52:12 | 000,140,736 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\windows\SysNative\Drivers\aksfridge.sys -- (aksfridge)
DRV:64bit: - [2013/08/09 09:52:12 | 000,091,784 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\windows\SysNative\Drivers\aksdf.sys -- (aksdf)
DRV:64bit: - [2013/08/09 09:52:12 | 000,063,944 | ---- | M] (SafeNet Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\akshhl.sys -- (akshhl)
DRV:64bit: - [2013/08/09 09:52:12 | 000,060,488 | ---- | M] (SafeNet Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\akshasp.sys -- (akshasp)
DRV:64bit: - [2013/07/09 04:04:07 | 000,120,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013/07/01 21:41:47 | 000,337,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/07/01 21:41:47 | 000,213,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/06/29 02:15:54 | 000,195,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/05/31 23:08:57 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/05/31 23:08:26 | 000,117,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\windows\SysNative\Drivers\BthA2DP.sys -- (BthA2DP)
DRV:64bit: - [2013/05/21 09:14:00 | 000,165,344 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2013/05/21 09:14:00 | 000,165,344 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\windows\SysNative\Drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\windows\SysNative\Drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/03/18 17:51:08 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2013/03/02 06:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/03/02 06:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/02/07 06:42:01 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/02/07 06:41:37 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/02/07 06:41:29 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/02/07 06:40:56 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2013/02/07 06:40:56 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2013/01/11 19:02:34 | 000,064,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\windows\SysNative\Drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2013/01/09 21:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012/11/26 23:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012/10/26 16:42:22 | 004,758,176 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012/10/26 16:42:22 | 000,351,520 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2012/10/16 06:39:10 | 005,343,584 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/10/09 22:48:50 | 000,035,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2012/10/09 22:48:50 | 000,025,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\windows\SysNative\Drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2012/10/09 22:48:48 | 000,188,896 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\windows\SysNative\Drivers\xHCIPort.sys -- (XHCIPort)
DRV:64bit: - [2012/10/09 22:48:48 | 000,047,072 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\windows\SysNative\Drivers\usb3Hub.sys -- (usb3Hub)
DRV:64bit: - [2012/09/20 20:39:12 | 000,454,968 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\windows\SysNative\Drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012/09/20 20:39:10 | 000,043,832 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\windows\SysNative\Drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2012/09/20 20:39:10 | 000,041,272 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\Smb_driver_AMDASF.sys -- (SmbDrv)
DRV:64bit: - [2012/09/20 03:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012/09/20 03:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012/09/10 16:09:46 | 010,679,808 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\windows\SysNative\Drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/09/10 12:26:48 | 000,459,264 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\windows\SysNative\Drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/08/29 12:36:54 | 000,857,472 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\windows\SysNative\Drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2012/08/27 12:48:12 | 000,121,728 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\windows\SysNative\Drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/08/06 15:07:08 | 000,068,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\windows\SysNative\Drivers\iBtFltCoex.sys -- (ibtfltcoex)
DRV:64bit: - [2012/08/05 02:22:10 | 000,010,752 | ---- | M] (OSR Open Systems Resources, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\DellRbtn.sys -- (DellRbtn)
DRV:64bit: - [2012/07/26 01:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/07/26 01:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012/07/26 01:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012/07/26 01:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012/07/26 01:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012/07/26 01:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012/07/26 01:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012/07/26 01:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012/07/26 01:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012/07/26 01:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012/07/26 01:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012/07/26 01:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012/07/26 01:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012/07/26 01:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012/07/26 01:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012/07/26 01:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/07/26 01:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/07/26 00:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012/07/26 00:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012/07/25 23:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/07/25 22:29:47 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2012/07/25 22:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012/07/25 22:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012/07/25 22:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012/07/25 22:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012/07/25 22:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012/07/25 22:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012/07/25 22:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012/07/25 22:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012/07/25 22:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012/07/25 22:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012/07/25 22:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012/07/25 22:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012/07/25 22:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012/07/25 22:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/07/25 22:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012/07/25 22:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012/07/25 22:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/25 22:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012/07/25 22:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2012/07/25 22:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012/07/25 22:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012/07/25 22:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012/07/10 08:43:12 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\windows\SysNative\Drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012/07/09 11:19:26 | 000,035,496 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\windows\SysNative\Drivers\amdkmpfd.sys -- (amdkmpfd)
DRV:64bit: - [2012/06/25 14:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\windows\SysNative\Drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2012/06/19 12:40:50 | 000,342,528 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\windows\SysNative\Drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012/06/15 04:50:46 | 000,315,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\windows\SysNative\Drivers\RtsUVStor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2012/06/13 01:41:22 | 000,683,664 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV - [2014/03/26 11:43:57 | 000,525,016 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton 360 Premier Edition\NortonData\21.1.0.18\Definitions\IPSDefs\20140425.001\IDSviA64.sys -- (IDSVia64)
DRV - [2014/03/18 21:24:11 | 001,525,976 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton 360 Premier Edition\NortonData\21.1.0.18\Definitions\BASHDefs\20140409.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2014/03/02 11:38:39 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton 360 Premier Edition\NortonData\21.1.0.18\Definitions\VirusDefs\20140425.009\ex64.sys -- (NAVEX15)
DRV - [2014/03/02 11:38:39 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton 360 Premier Edition\NortonData\21.1.0.18\Definitions\VirusDefs\20140425.009\eng64.sys -- (NAVENG)
DRV - [2014/01/10 02:00:00 | 000,484,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2014/01/10 02:00:00 | 000,137,648 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {260915BB-5D44-4FF8-8284-26612F3E46E8}
IE:64bit: - HKLM\..\SearchScopes\{260915BB-5D44-4FF8-8284-26612F3E46E8}: "URL" = http://www.bing.com/...E10TR&pc=MDDCJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{260915BB-5D44-4FF8-8284-26612F3E46E8}: "URL" = http://www.bing.com/...E10TR&pc=MDDCJS
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-666710307-366404103-328530980-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com
IE - HKU\S-1-5-21-666710307-366404103-328530980-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://google.com/ [binary data]
IE - HKU\S-1-5-21-666710307-366404103-328530980-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://hp-laptop.aol.com/
IE - HKU\S-1-5-21-666710307-366404103-328530980-1001\..\SearchScopes,DefaultScope = {260915BB-5D44-4FF8-8284-26612F3E46E8}
IE - HKU\S-1-5-21-666710307-366404103-328530980-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-666710307-366404103-328530980-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
 
 
IE - HKU\S-1-5-21-666710307-366404103-328530980-500\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com
IE - HKU\S-1-5-21-666710307-366404103-328530980-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://dell13.msn.com
IE - HKU\S-1-5-21-666710307-366404103-328530980-500\..\SearchScopes,DefaultScope = {260915BB-5D44-4FF8-8284-26612F3E46E8}
IE - HKU\S-1-5-21-666710307-366404103-328530980-500\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://nortonsafe.se...t=kwd&qsrc=2869
IE - HKU\S-1-5-21-666710307-366404103-328530980-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ [2014/04/26 15:58:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2014/01/16 13:39:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK
 
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Norton Identity Protection = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.7.0.43_0\
CHR - Extension: Google Wallet = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: MixiDJ V8 = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.2.23_0\
CHR - Extension: Gmail = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2012/07/26 01:26:49 | 000,000,824 | ---- | M]) - C:\windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\21.2.0.38\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\21.2.0.38\coieplg.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-666710307-366404103-328530980-1001\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\21.2.0.38\coieplg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-666710307-366404103-328530980-1001\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\coieplg.dll (Symantec Corporation)
O3:64bit: - HKU\S-1-5-21-666710307-366404103-328530980-500\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\21.2.0.38\coieplg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-666710307-366404103-328530980-500\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll (Motorola Solutions, Inc.)
O4:64bit: - HKLM..\Run: [DellWPF]  File not found
O4:64bit: - HKLM..\Run: [IgfxTray] C:\windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [CLMLServer_For_P2G8] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)
O4 - HKLM..\Run: [CLVirtualDrive] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Video Software Starter] C:\Program Files (x86)\Arecont Vision\Video Surveillance\Starter.exe (Arecont Vision)
O4 - HKU\.DEFAULT..\Run: [EPSON628194 (Artisan 730)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHQA.EXE /FU "C:\Windows\TEMP\E_S6535.tmp" /EF "HKCU" File not found
O4 - HKU\S-1-5-18..\Run: [EPSON628194 (Artisan 730)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHQA.EXE /FU "C:\Windows\TEMP\E_S6535.tmp" /EF "HKCU" File not found
O4 - HKU\S-1-5-21-666710307-366404103-328530980-1001..\Run: [DellSystemDetect] C:\Users\sales_000\AppData\Local\Apps\2.0\T4E3B6V4.L31\1L0BZ3ME.1TE\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe (Dell)
O4 - HKU\S-1-5-21-666710307-366404103-328530980-1001..\Run: [EPLTarget\P0000000000000000] C:\windows\system32\spool\DRIVERS\x64\3\E_IATIHQA.EXE /EPT "EPLTarget\P0000000000000000" /M "Artisan 730" /EF "HKCU" File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-666710307-366404103-328530980-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-666710307-366404103-328530980-1001\..Trusted Domains: dell.com ([]* in Trusted sites)
O16 - DPF: {DB7ACFA2-9634-4C98-BC9D-FB9416153022} http://192.168.0.100.../nvEPLMedia.cab (nvEPLMedia Control)
O16 - DPF: {E19E79EC-F62E-40A0-952D-E49AEC7BEC2F} http://192.168.0.100...l/nvA1Media.cab (nvA1Media Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 216.170.153.146
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A0811ED7-20A1-4676-91DF-D532CC8B66BE}: DhcpNameServer = 192.168.0.1 216.170.153.146
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs:64bit: wlidsvc - C:\windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\windows\SysNative\NcaSvc.dll (Microsoft Corporation)
NetSvcs:64bit: SystemEventsBroker - C:\windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
 
 CREATERESTOREPOINT
Unable to start System Restore Service. Error code 50
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/04/26 17:17:24 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe
[2014/04/26 14:23:01 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Google
[2014/04/26 14:11:34 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Apple Computer
[2014/04/26 14:10:41 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\softthinks
[2014/04/26 14:09:40 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Intel Corporation
[2014/04/26 14:08:41 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Epson
[2014/04/26 14:08:40 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Power2Go8
[2014/04/26 14:08:40 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\ATI
[2014/04/26 14:08:40 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\ATI
[2014/04/26 14:08:19 | 000,000,000 | R--D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/04/26 14:08:19 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Searches
[2014/04/26 14:08:19 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Contacts
[2014/04/26 14:08:19 | 000,000,000 | R--D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/04/26 14:07:35 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Adobe
[2014/04/26 14:07:34 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/04/26 14:06:10 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Intel
[2014/04/26 14:05:35 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Packages
[2014/04/26 14:05:30 | 000,000,000 | --SD | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft
[2014/04/26 14:05:30 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Videos
[2014/04/26 14:05:30 | 000,000,000 | R--D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2014/04/26 14:05:30 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Saved Games
[2014/04/26 14:05:30 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Pictures
[2014/04/26 14:05:30 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Music
[2014/04/26 14:05:30 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Links
[2014/04/26 14:05:30 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Favorites
[2014/04/26 14:05:30 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Downloads
[2014/04/26 14:05:30 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Documents
[2014/04/26 14:05:30 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Desktop
[2014/04/26 14:05:30 | 000,000,000 | R--D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/04/26 14:05:30 | 000,000,000 | R--D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2014/04/26 14:05:30 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\AppData\Local\Temporary Internet Files
[2014/04/26 14:05:30 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Templates
[2014/04/26 14:05:30 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Start Menu
[2014/04/26 14:05:30 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\SendTo
[2014/04/26 14:05:30 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Recent
[2014/04/26 14:05:30 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\PrintHood
[2014/04/26 14:05:30 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\NetHood
[2014/04/26 14:05:30 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Documents\My Videos
[2014/04/26 14:05:30 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Documents\My Pictures
[2014/04/26 14:05:30 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Documents\My Music
[2014/04/26 14:05:30 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\My Documents
[2014/04/26 14:05:30 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Local Settings
[2014/04/26 14:05:30 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\AppData\Local\History
[2014/04/26 14:05:30 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Cookies
[2014/04/26 14:05:30 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Application Data
[2014/04/26 14:05:30 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\AppData\Local\Application Data
[2014/04/26 14:05:30 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\AppData
[2014/04/26 14:05:30 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Temp
[2014/04/26 14:05:30 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Roaming
[2014/04/26 14:05:30 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Microsoft Help
[2014/04/26 14:05:30 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Microsoft
[2014/04/26 14:05:30 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/04/26 13:54:51 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERSetup
[2014/04/25 21:26:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2014/04/25 21:26:05 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbamchameleon.sys
[2014/04/25 11:05:16 | 000,000,000 | -H-D | C] -- C:\windows\SysNative\Settings
[2014/04/18 10:47:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 9.0
[2014/04/18 10:46:00 | 000,000,000 | ---D | C] -- C:\Program Files\PostgreSQL
[2014/04/18 10:40:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerTracker 4
[2014/04/18 10:39:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PokerTracker 4
[2014/04/15 20:47:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CarbonPoker Odds Calculator
[2014/04/15 20:47:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CarbonPoker Odds Calculator
[2014/04/14 17:06:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
[2014/04/14 17:06:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2014/04/14 17:05:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo!
[2014/04/14 11:49:02 | 005,979,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstscax.dll
[2014/04/14 11:48:50 | 000,523,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsGdiConverter.dll
[2014/04/14 11:48:48 | 005,092,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstscax.dll
[2014/04/14 11:48:48 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSShared.dll
[2014/04/14 11:48:48 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsGdiConverter.dll
[2014/04/14 11:48:47 | 000,564,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WSShared.dll
[2014/04/14 11:48:47 | 000,332,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\storport.sys
[2014/04/14 11:48:47 | 000,209,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\NotificationUI.exe
[2014/04/14 11:48:47 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/04/14 11:48:47 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.ApplicationModel.Store.dll
[2014/04/14 11:48:47 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/04/14 11:47:38 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2014/04/14 11:47:38 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2014/04/14 11:47:37 | 003,959,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2014/04/14 11:47:26 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\uxtheme.dll
[2014/04/14 11:47:26 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2014/04/14 11:47:25 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2014/04/14 11:47:25 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2014/04/14 11:47:24 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2014/04/14 11:47:22 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UXInit.dll
[2014/04/14 11:47:22 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UXInit.dll
[2014/04/09 11:13:54 | 001,257,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll
[2014/04/09 11:13:54 | 000,978,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll
 
========== Files - Modified Within 30 Days ==========
 
[2014/04/26 17:17:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe
[2014/04/26 17:15:45 | 000,001,290 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/04/26 15:56:54 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014/04/26 14:23:07 | 000,002,139 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/04/26 14:23:07 | 000,002,115 | ---- | M] () -- C:\Users\Administrator\Desktop\Google Chrome.lnk
[2014/04/26 14:15:28 | 000,000,000 | ---- | M] () -- C:\windows\EEventManager.INI
[2014/04/25 21:48:01 | 000,091,352 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbamchameleon.sys
[2014/04/25 12:23:51 | 000,941,798 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2014/04/25 12:23:51 | 000,785,768 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2014/04/25 12:23:51 | 000,157,606 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2014/04/25 10:53:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2014/04/25 10:52:21 | 000,000,924 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/04/23 12:48:01 | 000,000,920 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/04/19 18:57:56 | 000,000,157 | ---- | M] () -- C:\windows\SysWow64\SystemPreferences.xml
[2014/04/18 10:40:35 | 000,005,037 | ---- | M] () -- C:\ProgramData\flwjycbm.bab
[2014/04/17 04:23:42 | 000,032,126 | ---- | M] () -- C:\windows\SysNative\drivers\N360x64\1502000.026\VT20140417.018
[2014/04/14 11:47:09 | 002,708,101 | ---- | M] () -- C:\windows\SysNative\drivers\N360x64\1502000.026\Cat.DB
[2014/04/11 15:57:34 | 000,318,896 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2014/04/09 01:47:49 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2014/04/08 16:21:10 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2014/04/08 16:21:10 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2014/04/08 11:51:09 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2014/04/08 11:50:44 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2014/04/08 11:50:43 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2014/03/31 17:18:15 | 000,694,232 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2014/03/31 17:18:15 | 000,078,296 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
 
========== Files Created - No Company Name ==========
 
[2014/04/26 17:15:45 | 000,001,290 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/04/26 14:23:07 | 000,002,115 | ---- | C] () -- C:\Users\Administrator\Desktop\Google Chrome.lnk
[2014/04/26 14:15:28 | 000,000,000 | ---- | C] () -- C:\windows\EEventManager.INI
[2014/04/26 14:07:35 | 000,001,296 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/04/26 14:07:34 | 000,002,139 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/04/26 14:05:30 | 000,000,352 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/04/26 14:05:30 | 000,000,334 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2014/04/18 10:40:35 | 000,005,037 | ---- | C] () -- C:\ProgramData\flwjycbm.bab
[2014/04/16 01:12:40 | 000,000,830 | ---- | C] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2014/04/14 11:48:47 | 000,386,722 | ---- | C] () -- C:\windows\SysNative\ApnDatabase.xml
[2014/04/11 15:57:24 | 000,318,896 | ---- | C] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/12/13 13:43:45 | 000,765,952 | ---- | C] () -- C:\windows\SysWow64\xvidcore.dll
[2013/12/13 13:43:45 | 000,180,224 | ---- | C] () -- C:\windows\SysWow64\xvidvfw.dll
[2013/11/20 18:00:30 | 000,000,117 | ---- | C] () -- C:\windows\ODBC.INI
[2013/09/12 11:42:23 | 000,083,968 | ---- | C] () -- C:\windows\SysWow64\OEMLicense.dll
[2013/07/31 22:58:20 | 000,000,056 | ---- | C] () -- C:\windows\MKMSDealer.Ini
[2013/05/28 12:03:14 | 000,041,008 | ---- | C] () -- C:\windows\SysWow64\RGBAcodec.dll
[2013/04/19 22:00:07 | 000,001,536 | ---- | C] () -- C:\windows\SysWow64\RtkMsgs.dll
[2013/04/18 16:08:11 | 000,000,077 | ---- | C] () -- C:\windows\EART730.ini
[2013/02/07 07:25:10 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2013/02/07 07:25:09 | 000,003,917 | ---- | C] () -- C:\windows\SysWow64\atipblup.dat
[2013/02/07 07:24:46 | 000,957,196 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2013/02/07 06:20:15 | 000,204,952 | ---- | C] () -- C:\windows\SysWow64\ativvsvl.dat
[2013/02/07 06:20:15 | 000,157,144 | ---- | C] () -- C:\windows\SysWow64\ativvsva.dat
[2013/02/07 06:20:14 | 000,003,917 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
[2013/02/07 06:18:33 | 000,598,780 | ---- | C] () -- C:\windows\SysWow64\igvpkrng700.bin
[2013/02/07 06:18:26 | 000,064,512 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll
[2013/02/07 06:18:25 | 000,755,048 | ---- | C] () -- C:\windows\SysWow64\igcodeckrng700.bin
[2012/10/26 16:42:24 | 000,336,232 | ---- | C] () -- C:\windows\SysWow64\DevManagerCore.dll
[2012/10/26 16:42:22 | 010,919,784 | ---- | C] () -- C:\windows\SysWow64\LogiDPP.dll
[2012/10/26 16:42:22 | 000,103,272 | ---- | C] () -- C:\windows\SysWow64\LogiDPPApp.exe
[2012/10/05 12:09:04 | 000,014,395 | ---- | C] () -- C:\windows\download32.ini
[2012/07/26 04:13:10 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2012/07/26 04:13:09 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2012/07/26 03:21:26 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2012/07/25 21:17:42 | 000,043,520 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2012/07/25 16:37:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2012/07/25 16:28:31 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2012/06/02 10:31:19 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat
[2012/05/02 18:58:10 | 000,029,184 | ---- | C] () -- C:\windows\SysWow64\kdbsdk32.dll
 
========== ZeroAccess Check ==========
 
[2013/04/18 16:11:02 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\windows\SysNative\shell32.dll -- [2014/01/26 20:31:25 | 019,752,448 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/01/26 20:52:21 | 017,561,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\windows\SysNative\wbem\fastprox.dll -- [2012/07/25 23:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/25 23:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\windows\SysNative\wbem\wbemess.dll -- [2012/07/25 23:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/04/26 14:08:41 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Epson
[2013/04/18 16:42:39 | 000,000,000 | ---D | M] -- C:\Users\sales_000\AppData\Roaming\Acer
[2013/09/13 11:38:42 | 000,000,000 | ---D | M] -- C:\Users\sales_000\AppData\Roaming\Epson
[2013/04/18 16:25:33 | 000,000,000 | ---D | M] -- C:\Users\sales_000\AppData\Roaming\Leader Technologies
[2013/04/18 13:13:58 | 000,000,000 | ---D | M] -- C:\Users\sales_000\AppData\Roaming\Leadertech
[2013/04/19 14:58:35 | 000,000,000 | ---D | M] -- C:\Users\sales_000\AppData\Roaming\PCDr
[2013/12/13 20:02:07 | 000,000,000 | ---D | M] -- C:\Users\sales_000\AppData\Roaming\Video Application
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
========== Base Services ==========
SRV:64bit: - [2012/09/20 02:30:35 | 000,190,976 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2013/03/06 02:29:15 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2012/07/25 23:08:16 | 000,094,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2012/07/25 23:07:01 | 000,826,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2013/10/10 05:20:43 | 000,723,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2012/07/25 23:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\windows\SysNative\keyiso.dll -- (KeyIso)
SRV - [2012/07/25 23:18:47 | 000,043,520 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\windows\SysWOW64\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012/07/25 23:05:36 | 000,507,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysNative\es.dll -- (EventSystem)
SRV - [2012/07/25 23:18:26 | 000,394,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2012/07/25 23:05:12 | 000,134,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2013/07/13 02:16:06 | 000,068,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2012/07/25 23:07:06 | 000,817,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2013/02/07 06:40:58 | 000,331,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2013/02/07 06:41:05 | 000,270,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2012/09/20 02:31:07 | 000,210,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2012/07/25 23:05:34 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\eapsvc.dll -- (Eaphost)
SRV:64bit: - [2012/07/25 23:05:46 | 000,036,352 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2012/07/25 23:18:34 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:64bit: - [2012/07/25 23:05:51 | 000,438,784 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2012/07/25 23:05:51 | 000,474,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:64bit: - [2012/07/25 23:07:25 | 000,502,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2012/09/20 02:31:57 | 000,080,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2012/07/25 23:06:34 | 000,255,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2013/05/04 02:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2012/09/20 02:32:17 | 000,356,352 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2012/07/26 01:26:47 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2012/09/20 02:33:04 | 000,107,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2012/07/25 23:08:47 | 000,769,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysNative\spoolsv.exe -- (Spooler)
No service found with a name of ProtectedStorage
No service found with a name of EMDMgmt
SRV:64bit: - [2012/07/25 23:07:03 | 000,099,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2012/07/25 23:07:03 | 000,358,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2012/07/25 23:07:06 | 000,817,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2012/07/25 23:07:09 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2012/09/20 02:33:39 | 000,035,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2013/04/09 00:51:41 | 000,099,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2012/07/25 23:07:23 | 000,309,248 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2012/07/25 23:07:16 | 000,565,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2012/07/25 23:19:59 | 000,506,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:64bit: - [2013/04/09 00:50:39 | 001,285,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2012/07/25 23:07:28 | 000,305,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2012/07/25 23:20:06 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2012/07/25 23:07:30 | 000,047,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2012/07/25 23:07:00 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2013/05/04 02:59:51 | 001,483,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2013/06/01 05:19:42 | 000,785,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysNative\audiosrv.dll -- (Audiosrv)
SRV:64bit: - [2013/04/09 00:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2012/07/25 23:07:08 | 000,148,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:64bit: - [2013/10/25 03:34:55 | 000,016,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2012/07/25 23:07:47 | 001,731,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysNative\wevtsvc.dll -- (EventLog)
SRV:64bit: - [2013/10/31 01:56:24 | 000,915,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2012/07/25 23:07:47 | 000,570,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2012/07/25 23:08:34 | 000,124,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2012/07/25 23:20:50 | 000,062,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2012/07/25 23:08:06 | 000,219,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2013/10/08 18:27:56 | 003,279,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2012/07/25 23:05:31 | 000,252,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2013/02/07 06:42:01 | 001,386,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysNative\wlansvc.dll -- (WlanSvc)
SRV:64bit: - [2012/07/25 23:08:02 | 000,191,488 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\SysNative\wkssvc.dll -- (LanmanWorkstation)
 
<  %SYSTEMDRIVE%\*.exe >
 
<  dir %systemdrive%\* /S /A:L /C >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 471 bytes -> C:\ProgramData\Temp:9A870F8B

< End of report >

 

 

 

 

OTL Extras logfile created on: 4/26/2014 5:19:03 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Administrator\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16863)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
7.88 Gb Total Physical Memory | 5.37 Gb Available Physical Memory | 68.23% Memory free
7.88 Gb Paging File | 3.48 Gb Available in Paging File | 44.13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
 
Computer Name: NGSP-T556 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-666710307-366404103-328530980-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
[HKEY_USERS\S-1-5-21-666710307-366404103-328530980-500\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{032AF024-BC30-479D-9640-E12DA065E154}" = rport=139 | protocol=6 | dir=out | app=system |
"{114535E6-243F-40CE-8D48-E7E991FC0A90}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1290C39A-8BBA-4CEC-98A7-998C096D3335}" = lport=138 | protocol=17 | dir=in | app=system |
"{188BA779-E66A-4D70-9E68-8FC71393DB53}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1E83A74E-8A36-4149-B34C-512A217AAC2C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{596332DC-CB6D-4836-AFE0-8961B7F226DF}" = lport=137 | protocol=17 | dir=in | app=system |
"{59A090B8-891A-4C8C-8A78-F78E2FAB60FA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{67E228C8-D183-4217-ACCE-D67AF0D77129}" = lport=139 | protocol=6 | dir=in | app=system |
"{67E843A8-D9B6-412C-90FD-9CFAC475EF04}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{761B09AA-2068-406F-8428-143144316B6D}" = rport=138 | protocol=17 | dir=out | app=system |
"{83E28EAF-C173-42D3-A7DD-3126CCCAE7A2}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8B28F986-0282-4133-A32E-9C446B096F38}" = lport=1900 | protocol=17 | dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohdms.exe |
"{93BCCB84-17AC-42A3-B404-2A0CF9E35ED2}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{94CE1B75-B0F2-4B53-8BBC-015AFD567F4A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9F86EA84-2A99-4C57-AA72-9FBCD0CF3961}" = rport=445 | protocol=6 | dir=out | app=system |
"{A39A5103-216E-46E7-949C-DE6723A20460}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A5642FBF-677D-4D39-A6FC-F60C8358C1CD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AA6CD5D8-F922-42FD-B56A-7B629B4598F4}" = rport=10243 | protocol=6 | dir=out | app=system |
"{AC76D2F6-A300-4849-8CDC-F507AF573449}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{AE53B5A1-6B1F-410C-B1B2-570EF6ACFE38}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B3D4C42F-E560-4689-9E15-3DF5FBE36B86}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B6681313-4F04-4D67-8F21-AAF6DF4654CA}" = lport=445 | protocol=6 | dir=in | app=system |
"{BB0806D1-194F-481C-94C7-B8E1D2C1A559}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{DB861885-F7CE-49A9-877D-B8E50084B57C}" = lport=1900 | protocol=17 | dir=in | app=c:\program files (x86)\sony\playmemories home\pmbbrowser.exe |
"{E32E26DC-C20C-49D8-AEE5-8FC49EBFE085}" = rport=137 | protocol=17 | dir=out | app=system |
"{E46B1D11-0BA6-4F92-A532-E832E7DB46FA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E76AB197-040C-43B9-8CB2-F1C018B9CF80}" = lport=1900 | protocol=17 | dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohds.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0058DCA0-816D-462F-8F28-4A54FA4AE512}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft sql server\mssql10.compass20\mssql\binn\sqlservr.exe |
"{00CC7269-6C42-40E2-9F91-883B9294BA61}" = dir=in | name=dell shop |
"{00DC65EC-8A91-4915-9476-A9D2C9B618D2}" = dir=out | name=@{microsoft.reader_6.2.9200.20523_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{01111E2D-0B16-48FE-AEDD-8A9D51E7EF94}" = protocol=6 | dir=in | app=c:\program files (x86)\arecont vision\video surveillance\localmachine.exe |
"{011494DA-5047-4EA7-AA72-50A3E9A8B7AB}" = protocol=58 | dir=in | [email protected],-28545 |
"{03A8DA86-72E6-4637-A606-06BA5AADCA55}" = protocol=1 | dir=out | [email protected],-28544 |
"{0467CAC0-0B1C-4F6F-B9E3-A1E9AFD15282}" = protocol=6 | dir=in | app=c:\program files (x86)\arecont vision\video surveillance\avinstaller.exe |
"{04C901E9-6DC1-43BB-BD7B-FFF434CA805D}" = dir=out | name=@{microsoft.bingnews_2.0.0.273_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{077E8720-7589-41A7-B966-A655E1FA7007}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0F594531-7FCE-481B-853E-0138AE7AFE75}" = dir=out | name=@{microsoft.bing_1.5.1.259_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{0F8FABD6-D16E-4EBE-B785-1492CCA3138E}" = protocol=6 | dir=in | app=c:\program files (x86)\arecont vision\video surveillance\arecontiptool.exe |
"{0F9116EB-1169-4CAF-A774-A179FC1992B5}" = dir=out | name=@{microsoft.bingsports_2.0.0.273_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{10C7EBD3-37D3-4021-A9DF-06F6DC4F0488}" = dir=out | name=@{microsoft.skypeapp_1.6.0.115_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{1143C3C0-1698-45F5-B58A-7E54EA45FF45}" = dir=out | name=@{microsoft.bingfinance_2.0.0.275_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{124A9E29-F649-45DB-88D4-3AACC10FCE8F}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{13196343-47F2-462D-92E2-291E07C7C495}" = protocol=6 | dir=in | app=c:\program files (x86)\arecont vision\video surveillance\localmachine.exe |
"{133C0506-B5F5-4712-962B-34D8010E324F}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{1A77F507-1E39-460A-A011-851906182245}" = protocol=17 | dir=in | app=c:\program files (x86)\arecont vision\video surveillance\arecontiptool.exe |
"{1EAB8AEC-9AAB-4D1F-972B-132B612F2B79}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{2149A8B1-0667-4693-BEC4-3468D23D73C8}" = dir=out | name=kindle |
"{21E86D49-4753-4A26-AAB5-CC65B6B667A7}" = protocol=6 | dir=in | app=c:\program files (x86)\sony\playmemories home\pmbbrowser.exe |
"{23FADAE1-A92D-47CA-99D5-8E4C68E2DD45}" = dir=out | name=dell shop |
"{2431F960-4A3E-4FF7-88BA-BE7B90775364}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{27A4D817-D265-457D-A446-40C10B4CFB1C}" = dir=out | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{2B1F1F77-E1FF-486D-8E06-B38060D74BCD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2B6FD9EE-4B18-43CF-A26F-7E417E25E0FA}" = dir=out | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{2D0EB987-B58B-46CA-97F8-76684C6DC2CF}" = dir=out | name=@{microsoft.xboxlivegames_1.2.143.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{2E6C5ADE-67B3-4CD4-8C2F-3A0436BE0795}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{327CE74A-474C-4344-B419-160494ACF04E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3444632A-BC5A-46A7-8EFF-7A421E89A432}" = dir=out | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{37026833-0DE3-434A-80D9-7FCB459AFD41}" = dir=out | name=ebay |
"{384356E3-A8CD-45EA-B803-DB98B61368A0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{38B547E9-EED4-41F5-BBC7-E8C5E91428DA}" = protocol=17 | dir=in | app=c:\program files (x86)\arecont vision\video surveillance\localmachine.exe |
"{3A845AA5-D890-4482-8E87-DA24024392C0}" = dir=out | name=adobe photoshop express |
"{3B4B50F4-662D-4036-A13B-A3B34AFDE138}" = protocol=17 | dir=in | app=c:\program files (x86)\arecont vision\video surveillance\localmachine.exe |
"{3BBA64AD-43CF-4FE0-A9F2-808E3FCC40E5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3D7F2E2A-B0FE-498D-B22D-865C2A669C2E}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{3E0AFA41-8B1C-4DED-AF12-AFF199A46703}" = protocol=17 | dir=in | app=c:\program files (x86)\arecont vision\video surveillance\localmachine.exe |
"{3E9CD489-3E4A-4CF4-8349-757CEBA2FD6C}" = dir=out | name=@{microsoft.bingweather_1.5.1.245_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{3ED78A92-0AF9-447E-B284-8353FB2B3A63}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector10\pdr10.exe |
"{40C0BA5C-A0CF-4CF0-93B4-BEB9EBE36184}" = dir=in | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{4119C98A-EA3F-46F0-BCF1-62571BDA3DD9}" = dir=out | name=netflix |
"{47262A6B-FAA7-4C3B-8CEC-D5CD74217B7F}" = protocol=6 | dir=in | app=d:\common\epsonnet setup\eneasyapp.exe |
"{49BAAC74-EE39-45BA-9DDA-1D0374ACD4F2}" = protocol=17 | dir=in | app=c:\program files\lightworks\lightworks.exe |
"{49BF3CE1-EE1D-402E-9479-57145EBAD545}" = dir=out | name=@{microsoft.zunemusic_1.1.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{4D61A905-924D-458D-9081-E0C36B4A9016}" = protocol=17 | dir=in | app=c:\program files (x86)\arecont vision\video surveillance\arecontiptool.exe |
"{5004FA0D-862C-4AC5-8EDB-A57297FBB0D9}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{539B198D-06EB-466E-8C4F-98B8EEA2DBB0}" = dir=out | name=@{microsoft.bingnews_1.5.1.409_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{586777AF-042E-45CD-B468-ABA9567E2DE0}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{5925E316-F2A3-4213-BC5C-21170D08E1F2}" = dir=out | name=@{microsoft.bing_1.5.1.251_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{5C1696B0-B84B-4509-9D43-CC79490705C3}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohdms.exe |
"{5C4320D5-3C5B-43B7-AEF9-4C48E88B1FA1}" = dir=in | name=amazon for windows |
"{5D155532-9FFD-47EC-9898-15813F543416}" = dir=in | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{5EF0D03E-D726-471A-A89B-CD61E079B236}" = protocol=17 | dir=in | app=d:\common\epsonnet setup\eneasyapp.exe |
"{5F628B23-EA04-40D6-929B-EB4DF09C5179}" = protocol=6 | dir=in | app=c:\program files\lightworks\ntcardvt.exe |
"{5FD3A8B1-2655-4A3D-882E-C9D6DBD28EDC}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{600F13E9-133B-40D5-853D-5D15EE8923CA}" = dir=in | name=@{microsoft.skypeapp_1.6.0.115_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{618B961E-947A-4680-B351-AA9C147EEA3E}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{6275E4AF-98A4-4882-9DF1-E36F297584F1}" = dir=out | name=@{microsoft.bingweather_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{65B5E553-07E9-410F-B486-354CEEC54F92}" = protocol=6 | dir=in | app=c:\program files (x86)\arecont vision\video surveillance\avinstaller.exe |
"{665D6757-10D9-4D01-B980-040DA79B4E6E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6673306F-AECA-4F81-ABBA-2B72BE1E4467}" = dir=out | name=@{microsoft.zunevideo_1.2.150.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{6AD4ECE1-32A3-4A61-8891-8586DEF6A6E1}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{78B3F3C8-4297-4E86-A7B3-6D118E0ECA12}" = protocol=6 | dir=in | app=c:\program files\lightworks\lightworks.exe |
"{7E612A92-9633-4FAB-A18E-EB7D5530B470}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{838CE46C-F0D1-4287-92B1-FFAB9B86D6B3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{85930111-19C6-40EF-B1CB-CC189AB5446E}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{874F0077-5EE4-4732-9187-0180E2719D8E}" = dir=out | name=@{microsoft.bingmaps_1.5.1.240_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{8A3AF73B-DB17-45E7-BBF8-C6DFA71105DD}" = dir=in | name=ebay |
"{8CCFE585-2484-4DE9-A417-71C40176DA3A}" = protocol=6 | dir=in | app=c:\program files (x86)\arecont vision\video surveillance\snapshots.exe |
"{8DE604EF-C90A-4C39-84C8-DA8357C436B6}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{91B2EE14-B9E1-4E4F-8616-227553D969B8}" = protocol=17 | dir=in | app=c:\program files (x86)\arecont vision\video surveillance\snapshots.exe |
"{92613BD4-C191-4AE4-BC63-4483AB5F4BA1}" = protocol=6 | dir=in | app=c:\program files (x86)\arecont vision\video surveillance\avinstaller.exe |
"{92724C6F-6F80-4457-BFF1-66177F7854BC}" = dir=out | name=bible |
"{936DE409-1326-4E7C-9279-9F7BCF9BF8B7}" = dir=out | name=@{microsoft.zunevideo_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{96D4C806-1312-4176-8798-96167C107AF1}" = dir=in | name=ebay |
"{9720F069-65E7-402C-8C22-AAE3CA609162}" = dir=in | name=kindle |
"{99208A41-AC23-49B5-A834-A4EAF1EED701}" = dir=in | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{9A53B696-688F-49E5-9C78-3FB481F4D42D}" = dir=out | name=@{microsoft.bingfinance_1.5.1.406_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{9C205F5E-7CCA-4FE2-ABAE-33D401FA2AEE}" = dir=in | name=adobe photoshop express |
"{9EE50565-7A5F-41AF-BF8E-980DAA841B0E}" = protocol=6 | dir=in | app=c:\program files (x86)\arecont vision\video surveillance\arecontiptool.exe |
"{A1618C1B-5627-4E9F-B869-8D0F9F029E8B}" = protocol=6 | dir=out | app=system |
"{A205B074-1E73-4351-B46B-EC335C240DA5}" = protocol=17 | dir=in | app=c:\program files (x86)\arecont vision\video surveillance\snapshots.exe |
"{A40BFDB0-EA91-4610-82AB-142F8C5DD78E}" = dir=out | name=windows_ie_ac_001 |
"{A47CE767-1817-43C5-B832-DF629EDC80A0}" = protocol=17 | dir=in | app=c:\program files (x86)\arecont vision\video surveillance\avinstaller.exe |
"{A4EC982E-766C-43FB-A42B-99DB94043DEF}" = dir=in | name=skype |
"{A5E17C9F-9D51-495A-96E1-5C2528F1074F}" = dir=out | name=@{microsoft.zunemusic_1.4.18.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{AB9EAE27-6836-448F-BFA0-152462D3190F}" = dir=in | name=@{microsoft.xboxcompanion_1.2.160.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxcompanion/resources/33279} |
"{B16D7DAB-92FB-4B29-8254-1E70629580C4}" = dir=out | name=@{microsoft.xboxlivegames_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{B7C3640C-97C9-4FA1-AA8A-8455813A327A}" = dir=out | name=mcafee security advisor for dell |
"{B9688DBB-83B0-4A0E-9893-97A2200BF6F8}" = dir=out | name=@{microsoft.bingmaps_1.6.1528.2509_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{BC2AFD27-AF5D-422F-809E-903762DBA974}" = protocol=58 | dir=out | [email protected],-28546 |
"{BC87E251-5DB0-4355-9134-DA939314BEC9}" = protocol=17 | dir=in | app=c:\program files\lightworks\ntcardvt.exe |
"{BEF21FCC-6143-409B-9096-C2AE99DFA668}" = protocol=1 | dir=in | [email protected],-28543 |
"{C78C3525-1711-442E-AD26-AA44C5CC94A5}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{C9E656E1-55DA-4F6B-B721-5D09BB6C665B}" = dir=in | app=c:\program files\intel corporation\intel widi\widiapp.exe |
"{C9FB6D1B-70FE-4A5C-8AB6-93906F095CE2}" = dir=out | name=@{microsoft.bingsports_1.5.1.249_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{CC7F2BA2-B353-4219-8ACB-E7276AA8CA54}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D10357EF-D4CC-4A4C-9DAD-C8B421888274}" = dir=in | name=@{microsoft.reader_6.2.9200.20523_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{D4012261-2F33-4F04-B12F-8C78CDC04B5B}" = protocol=17 | dir=in | app=c:\program files (x86)\arecont vision\video surveillance\avinstaller.exe |
"{D50BA3CE-6A3D-4AFA-8F6A-84A4BA69EDC6}" = dir=out | name=@{microsoft.bingtravel_1.5.1.248_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{DE5A1646-A848-4761-A56D-532FFC725067}" = protocol=17 | dir=in | app=c:\program files (x86)\arecont vision\video surveillance\avinstaller.exe |
"{E25E2D10-74D0-488F-BE3F-063292CD8AE2}" = protocol=6 | dir=in | app=c:\program files (x86)\arecont vision\video surveillance\snapshots.exe |
"{E3D861E0-0B1E-4248-9F07-998545A8D2A3}" = dir=out | name=youtube player |
"{E45ADD36-92EF-4CE6-825C-051EF32E67FB}" = dir=out | name=skype |
"{E5CBE073-803B-4FD2-BE3A-C8A28CAB9F43}" = dir=out | name=amazon |
"{E5F012FA-E068-4893-8D3F-7B320FBF8B7B}" = dir=out | name=dell shop |
"{E6F4A413-7913-46C5-B162-6DA3DDE486F9}" = dir=out | name=@{microsoft.bingtravel_2.0.0.274_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{E70EAB1B-649D-4659-B9F0-2B814E362A5D}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{ED6230FF-BB2A-4656-BC47-687DD428945E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EDED09DC-314A-434C-A7CD-5012242D5E3A}" = dir=out | name=ebay |
"{EE90E90E-8D8D-4666-AEE6-CC335912EDB1}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{EEA7EF29-8A46-4406-8919-BF4957D32BB2}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft sql server\mssql10.compass20\mssql\binn\sqlservr.exe |
"{F02D2CB0-B312-4579-8BD0-F491A131A327}" = dir=out | name=musictube |
"{F16B9580-114B-461A-84EF-82599D851D28}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F3B54EB3-5B0F-4BB0-8BD8-B91DCD44CCDC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F4947406-90F8-4137-96E8-6A2525C07ADC}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{F4CD9ED3-7A6A-4740-A1F2-076CE6EC1014}" = dir=out | name=@{microsoft.xboxcompanion_1.2.160.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxcompanion/resources/33279} |
"{F5FBC40F-D099-4015-972D-6E3A1D322678}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F6C63CEC-2C52-4A7B-A011-BBBCED368030}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{FA20158E-13BF-46D4-AD45-A9F5160B8A10}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{FBD57781-89B2-49CD-A9A8-F744851E8601}" = dir=out | name=windows_ie_ac_001 |
"{FC25A4D7-57D5-469D-BCC5-CC9CD1E91EB7}" = dir=out | name=amazon for windows |
"{FEAD2B38-5CB3-486D-8BB7-3E15BC0D6C1F}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{FEEE609B-0EE8-4ED9-B7D3-81485F3E23A3}" = protocol=6 | dir=in | app=c:\program files (x86)\arecont vision\video surveillance\localmachine.exe |
"TCP Query User{1B73362A-E964-407C-912A-19C984AEB99C}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"TCP Query User{C837B263-9EFF-4A25-A222-A4CC4510D8FD}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"UDP Query User{21A7E923-99B3-42BC-92B8-88A489747AA9}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"UDP Query User{C2726647-E504-4D13-A158-051482577C1B}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0728A184-F899-4356-B93D-8228674F0DEB}" = Intel® PROSet/Wireless Software for Bluetooth® Technology
"{0826F9E4-787E-481D-83E0-BC6A57B056D5}" = Microsoft SQL Server VSS Writer
"{1334eac7-d6ef-4177-8780-05c963853cd3}" = Intel® PRO/Wireless Driver
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{20E0665F-E4EE-4E2A-8E86-EFC65129FE41}" = MergeModule_x64
"{2738C4AA-420E-4E13-ADEF-B5AB250E3EF1}" = Microsoft SQL Server 2008 Native Client
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{58627BBE-4831-C766-4365-285795E8905A}" = AMD Accelerated Video Transcoding
"{6097158B-0184-4140-BEC3-7885794D2571}" = Intel® WiDi
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{718ED338-AA0C-180E-8743-B7B09D6F921F}" = ccc-utility64
"{7288D4E1-8050-4B81-B9EC-F812D17AD693}" = Intel® PROSet/Wireless for Bluetooth® + High Speed
"{787136D2-F0F8-4625-AA3F-72D7795AC842}" = Apple Mobile Device Support
"{814FA673-A085-403C-9545-747FC1495069}" = Epson Customer Participation
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B8BA155B-1E75-405F-9CB4-8A99615D09DC}" = iTunes
"{B9C542F2-31A8-8EC1-B349-28C74D2A865C}" = AMD Catalyst Install Manager
"{CBA577D0-C972-4A26-B948-A315DF3ECE0E}" = SOHLib for PlayMemories Home
"{D61F48DA-627B-404E-9315-32A651B18B64}" = Intel® PROSet/Wireless WiFi Software
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"EPSON Artisan 730 Series" = EPSON Artisan 730 Series Printer Uninstall
"HitmanPro37" = HitmanPro 3.7
"PC-Doctor for Windows" = My Dell
"PostgreSQL 9.0" = PostgreSQL 9.0
"SynTPDeinstKey" = Dell Touchpad
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{041F325C-3A5F-6F4B-5E56-26E198956B45}" = CCC Help Spanish
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{065D62BC-EC90-67C1-C6DB-582DE16CEA6C}" = Catalyst Control Center Localization All
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell Backup and Recovery
"{10F63395-157F-4B93-AB4D-702A2FF11942}" = Epson Download Navigator
"{11671FFB-BCD5-C980-FDA7-623916E068C1}" = CCC Help Chinese Standard
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
"{188F2086-EA5F-0AED-28F8-383A5A6F74E9}" = CCC Help Chinese Traditional
"{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 4.7.4
"{1AD521AE-CE42-DE43-001D-377AFF02EEBD}" = CCC Help Dutch
"{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"{260169D8-269A-EDD5-6E49-FC598B0F7A35}" = CCC Help Swedish
"{26A24AE4-039D-4CA4-87B4-2F83217051FF}" = Java 7 Update 51
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{46389C5C-7776-ACBC-BF71-E0FD0B008B60}" = CCC Help Italian
"{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4C93E894-BE17-463B-A789-4CAB706987A0}" = PlayMemories Home
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{51FDC2DE-0917-46B7-EAEC-5377504701DE}" = PowerXpressHybrid
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services
"{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
"{63CE935C-03E3-4EB4-B194-792CB2F91C87}" = SmartControlCenter
"{64BA551C-9AF6-495C-93F3-D1270E0045FC}" = Epson Connect
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{65F80D23-3796-3903-45D0-17BBE2D7AB6A}" = Catalyst Control Center
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6D6F8687-FC21-159E-1A5B-665B5722C6BC}" = PX Profile Update
"{6E0913C7-E0D0-4CA6-7E06-C0AB53495EEB}" = CCC Help French
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7C05EEDD-E565-4E2B-ADE4-0C784C17311C}" = Crystal Reports for .NET Framework 2.0 (x86)
"{86605131-7942-5F17-2457-3776696BC75D}" = CCC Help Portuguese
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8BAE7ED4-470C-308B-BA6A-83D822481327}" = Catalyst Control Center Profiles Mobile
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}" = Epson Event Manager
"{8F72E2D4-1E48-4534-8DB8-1E8E012899C6}" = Microsoft SQL Server 2008 Setup Support Files
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_STANDARDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_STANDARDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_STANDARDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_STANDARDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_STANDARDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_STANDARDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_STANDARDR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_STANDARDR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_STANDARDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_STANDARDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_STANDARDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_STANDARDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FA87D05-92D7-2B2F-7753-E8689918CCA6}" = CCC Help Norwegian
"{A0AF26A5-BCE2-7A44-9020-98ED00C473CC}" = CCC Help Russian
"{A0EF0F74-977E-F66F-9951-D4401A7678A8}" = CCC Help German
"{A140ED1B-21FC-063B-9440-835B324CF081}" = CCC Help Korean
"{A308D927-320E-3D3D-60E7-B74A46E260E0}" = CCC Help English
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell Backup and Recovery - Support Software
"{A9B41BA8-2A3A-6A7F-4733-36AC33587FFC}" = CCC Help Japanese
"{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}" = Apple Application Support
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.06)
"{AF468423-21AC-71CC-F1E9-23B274D29346}" = CCC Help Danish
"{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"{B3773B5E-7911-4336-B6E6-2CF07FA01EAD}" = AV Video System
"{B38E9B55-7136-4E66-A084-320512FF3F6F}" = LTCM Client
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
"{C11003A2-D497-2A8C-D475-76C4458F163A}" = Catalyst Control Center InstallProxy
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint 2.5
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{c9967fbd-e3c3-4ed0-992a-5b33260f2944}" = Intel® PROSet/Wireless Software
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CD04C0A6-433F-427A-A101-1EE3844BC6DF}" = Compass 2.0
"{D16A31F9-276D-4968-A753-FFEAC56995D0}" = Epson Print CD
"{D6A07293-D6C2-7B8B-D7AE-B88F998CC9DE}" = CCC Help Finnish
"{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{DF38C72B-8A86-4727-99D2-FA7CC5E17A24}" = Microsoft SQL Server 2008 RsFx Driver
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}" = Lightworks
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F351B64A-0B7B-41B3-9621-C81AB8FD42EB}" = Catalyst Control Center - Branding
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"CarbonPoker Odds Calculator_is1" = CarbonPoker Odds Calculator 1.0.8
"EPSON Scanner" = EPSON Scan
"Google Chrome" = Google Chrome
"InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}" = CyberLink Media Suite Essentials
"InstallShield_{CD04C0A6-433F-427A-A101-1EE3844BC6DF}" = Compass 2.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"N360" = Norton 360
"PFPortChecker" = PFPortChecker 1.0.39
"PokerTracker4" = PokerTracker 4 (remove only)
"SKSS-2" = SKSS-2
"STANDARDR" = Microsoft Office Standard 2007
"Stardock Decor8" = Stardock Decor8
"Stardock ModernMix" = Stardock ModernMix
"Stardock Start8" = Stardock Start8
"WinLiveSuite" = Windows Live Essentials
"Xvid_is1" = Xvid 1.1.2 final uninstall
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-666710307-366404103-328530980-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"9204f5692a8faf3b" = Dell System Detect
"CarbonPoker" = CarbonPoker
"UnityWebPlayer" = Unity Web Player
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 4/26/2014 3:58:22 PM | Computer Name = NGSP-T556 | Source = Windows Search Service | ID = 1006
Description =
 
Error - 4/26/2014 3:59:21 PM | Computer Name = NGSP-T556 | Source = Windows Search Service | ID = 1006
Description =
 
Error - 4/26/2014 3:59:33 PM | Computer Name = NGSP-T556 | Source = Windows Search Service | ID = 1006
Description =
 
Error - 4/26/2014 5:14:56 PM | Computer Name = NGSP-T556 | Source = Windows Search Service | ID = 1006
Description =
 
Error - 4/26/2014 5:15:12 PM | Computer Name = NGSP-T556 | Source = Windows Search Service | ID = 1006
Description =
 
Error - 4/26/2014 5:15:41 PM | Computer Name = NGSP-T556 | Source = Application Error | ID = 1000
Description = Faulting application name: GoogleUpdate.exe, version: 1.3.21.103,
time stamp: 0x4f3c6d6c  Faulting module name: ntdll.dll, version: 6.2.9200.16578,
time stamp: 0x515fac6e  Exception code: 0xc0000374  Fault offset: 0x000daa3c  Faulting
 process id: 0x774  Faulting application start time: 0x01cf6194ab1c803a  Faulting application
 path: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  Faulting module path:
 C:\windows\SYSTEM32\ntdll.dll  Report Id: eb3863cc-cd87-11e3-beac-6036ddc55f9d  Faulting
 package full name:   Faulting package-relative application ID:
 
Error - 4/26/2014 5:15:48 PM | Computer Name = NGSP-T556 | Source = Windows Search Service | ID = 1006
Description =
 
Error - 4/26/2014 5:17:20 PM | Computer Name = NGSP-T556 | Source = Windows Search Service | ID = 1006
Description =
 
Error - 4/26/2014 5:27:45 PM | Computer Name = NGSP-T556 | Source = Windows Search Service | ID = 1006
Description =
 
Error - 4/26/2014 5:27:46 PM | Computer Name = NGSP-T556 | Source = Windows Search Service | ID = 1006
Description =
 
[ OSession Events ]
Error - 1/7/2014 3:00:25 PM | Computer Name = NGSP-T556 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 879199
 seconds with 21600 seconds of active time.  This session ended with a crash.
 
Error - 3/20/2014 10:27:21 PM | Computer Name = NGSP-T556 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1581153
 seconds with 7680 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 4/26/2014 12:49:40 PM | Computer Name = NGSP-T556 | Source = Service Control Manager | ID = 7023
Description = The Application Information service terminated with the following
error:   %%5
 
Error - 4/26/2014 12:49:50 PM | Computer Name = NGSP-T556 | Source = Service Control Manager | ID = 7023
Description = The Windows Search service terminated with the following error:   %%5
 
Error - 4/26/2014 12:49:50 PM | Computer Name = NGSP-T556 | Source = Service Control Manager | ID = 7034
Description = The Windows Search service terminated unexpectedly.  It has done this
 44 time(s).
 
Error - 4/26/2014 12:50:44 PM | Computer Name = NGSP-T556 | Source = Service Control Manager | ID = 7023
Description = The Windows Search service terminated with the following error:   %%5
 
Error - 4/26/2014 12:50:44 PM | Computer Name = NGSP-T556 | Source = Service Control Manager | ID = 7034
Description = The Windows Search service terminated unexpectedly.  It has done this
 45 time(s).
 
Error - 4/26/2014 12:51:03 PM | Computer Name = NGSP-T556 | Source = Service Control Manager | ID = 7023
Description = The Windows Search service terminated with the following error:   %%5
 
Error - 4/26/2014 12:51:03 PM | Computer Name = NGSP-T556 | Source = Service Control Manager | ID = 7034
Description = The Windows Search service terminated unexpectedly.  It has done this
 46 time(s).
 
Error - 4/26/2014 12:56:23 PM | Computer Name = NGSP-T556 | Source = Service Control Manager | ID = 7023
Description = The Windows Search service terminated with the following error:   %%5
 
Error - 4/26/2014 12:56:23 PM | Computer Name = NGSP-T556 | Source = Service Control Manager | ID = 7034
Description = The Windows Search service terminated unexpectedly.  It has done this
 47 time(s).
 
Error - 4/26/2014 12:56:39 PM | Computer Name = NGSP-T556 | Source = Service Control Manager | ID = 7023
Description = The Application Information service terminated with the following
error:   %%5
 
 
< End of report >

 

Edited by FireFighter254, 26 April 2014 - 03:45 PM.

[FireFighter254]

In addition to OTL logs above, I ran MBAM Pro and it found all of this:

 

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org

Database version: v2014.04.26.06

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16863
Administrator :: NGSP-T556 [administrator]

Protection: Enabled

4/26/2014 9:35:25 PM
mbam-log-2014-04-26 (21-35-25).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 294363
Time elapsed: 6 minute(s), 28 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 115
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0 (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\APISupport (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\js\lib (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\js\options (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\js\tabs (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\js\tabs\back (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\js\toolbarAPI (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\mam (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\mam\scripts (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\mam\scripts\contentScripts (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\nativeMessaging (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\plugins (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\API (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\aboutBox (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\aboutBox\images (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\aboutBox\js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ac (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ac\css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ac\img (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ac\res (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\api (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\msd (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\options (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\options\css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\options\images (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\options\js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\options\js\resources (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\sp (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\sp\js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\sp\spbd (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\sp\spbd\images (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\sp\spsd (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\sp\spsd\images (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\dlg (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\dlg\ftd (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\dlg\ftd\images (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\dlg\restart (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\dlg\restart\images (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\gadgetFrame (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\gf (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\gf\css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\gf\img (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\gf\js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\menu (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\menu\css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\menu\img (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\menu\js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\APPLICATION_BUTTON (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\APPLICATION_BUTTON\Js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\APPLICATION_BUTTON\resources (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\EMAIL_NOTIFIER (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\EMAIL_NOTIFIER\css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\EMAIL_NOTIFIER\js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\HIGHLIGHTER (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\HIGHLIGHTER\css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\HIGHLIGHTER\js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\MULTI_RSS (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\MULTI_RSS\css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\MULTI_RSS\img (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\MULTI_RSS\js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\MULTI_RSS\js\resources (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\images (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\images\dark (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\images\light (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\Optimizer (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\Optimizer\js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\PRICE_GONG (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\PRICE_GONG\agreement (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\PRICE_GONG\css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\PRICE_GONG\css\custom-theme (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\PRICE_GONG\images (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\RADIO_PLAYER (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\RADIO_PLAYER\css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\RADIO_PLAYER\css\custom-theme (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\RADIO_PLAYER\js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\RADIO_PLAYER\js\resources (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\SEARCH (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\SEARCH\buildSettings (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\SEARCH\Css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\SEARCH\js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\SEARCH\resources (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\SEARCH\view (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\SEARCH\view\script (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\SEARCH\view\style (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\SEARCH\view\style\rsx (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\TWITTER (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\TWITTER\img (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\TWITTER\js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\WEATHER (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\WEATHER\css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\WEATHER\js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\core (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\lib (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\lib\jquery.alerts (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\lib\jquery.alerts\images (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\lib\jquery.jscrollpane (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\sl (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\_locales (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\_locales\en (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.

Files Detected: 571
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\_locales\en\messages.json (PUP.Optional.MixiDJ.A) -> No action taken.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\634865961498162039.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\634865961499880811.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\AbstractionLayerBack.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\AbstractionLayerFront.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\blank.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\CT3287822.txt (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\CT3287822_public.txt (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\icon.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\initdata.json (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\manifest.json (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\shouldShowTB.txt (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\APISupport\APISupport.dll (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\js\bcview.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\js\chromeBackstage.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\js\chromeBackstage.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\js\chromeBackstageLoader.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\js\communicator.back.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\js\compatibility.end.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\js\compatibility.service.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\js\compatibility.start.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\js\contentScript.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\js\framework.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\js\iframeHost.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\js\iframeHost.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\js\JSONStringify.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\js\logger.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\js\match.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\js\nativeMsgCom.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\js\navigationHandler.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\js\pluginLoader.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\js\pricegongMigration.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\js\toolbarEnv.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\js\updatesManager.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\js\verlyEarly.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\js\lib\jquery-1.5.min.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\js\options\Options.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\js\tabs\back\postNavigation.htm (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\js\toolbarAPI\toolbarAPI.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\mam\background.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\mam\settings.json (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\mam\scripts\background.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\mam\scripts\iframeHost.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\mam\scripts\iframeHost.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\mam\scripts\popup.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\mam\scripts\contentScripts\contentScript.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\nativeMessaging\nmHostConfig.json (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\nativeMessaging\nmHostManifest.json (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\nativeMessaging\TBMessagingHost.exe (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\plugins\ChromeApiPlugin.dll (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\initData.json (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\html\SearchBackground.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\html\searchInNewTabAPI.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\API\Applications.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\API\Bookmarks.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\API\CntRedirect.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\API\DeveloperMode.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\API\EmbeddedConfig.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\API\enable_disable.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\API\EventHandler.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\API\Global.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\API\LocationService.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\API\LogMsg.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\API\MostVisited.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\API\NewTabAPI.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\API\RecentlyClosed.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\API\SearchBox.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\API\SearchBoxIframe.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\API\ServiceMap.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\API\Settings.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\API\startupSequence.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\API\Thumbnails.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\API\Toolbar.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\API\Translation.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\API\Usage.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\css\about_memory.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\css\alert_overlay.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\css\apps_page.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\css\bubble.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\css\chrome_shared.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\css\chrome_shared2.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\css\chrome_shared2_touch.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\css\dialogs.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\css\expandable_bubble.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\css\footer_menu.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\css\list.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\css\menu.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\css\most_visited_page.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\css\nav_dot.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\css\new_tab.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\css\new_tab_theme.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\css\overlay.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\css\spinner.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\css\suggestions_page.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\css\table.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\css\tabs.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\css\throbber.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\css\tile_page.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\css\trash.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\css\tree.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\css\ui_account_tweaks.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\css\widgets.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\html\alert_overlay.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\html\appLauncher.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\html\loadfile.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\html\NewTabBackground.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\html\new_tab.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\html\Options.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\html\redirect.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\html\trash.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\app_promo_button.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\check.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\checkbox_black.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\checkbox_white.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\closed_window.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\close_bar.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\close_bar_2x.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\close_bar_h.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\close_bar_h_2x.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\close_bar_mask.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\close_bar_mask_2x.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\close_bar_p.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\close_bar_p_2x.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\detected_sd.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\detected_usb.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\disabled_select.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\disclosure_triangle_mask.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\downloads_section.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\exclamationIcon.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\favicon.ico (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\favicon.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\folder_closed.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\folder_closed_rtl.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\folder_open.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\folder_open_rtl.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\gear.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\google-transparent.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\guest_icon_standalone.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\help.gif (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\history_section.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\icon128.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\icon16.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\icon48.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\icon_checkmark.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\icon_file.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\icon_folder.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\icon_warning.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\icon_warning2.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\IDR_PRODUCT_LOGO.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\ImagesRepository.json (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\insert.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\minus.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\nub.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\nub_mask.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\otr_icon_standalone.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\phishing_icon.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\plus.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\select.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\small_bubble.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\spinner.svg (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\star_small.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\success.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\throbber.svg (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\thumbnailPlaceHolder.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\trash.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\trashBinN.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\WebStore128.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\x-hover.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\x.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\img\__IDR_PRODUCT_LOGO.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\alert_overlay.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\appLauncher.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\apps_page.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\autocomplete_list.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\Base64.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\bubble.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\card_slider.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\color-thief.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\command.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\command_line.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\context_menu_button.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\context_menu_handler.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\cr.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\database.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\dialogs.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\dot_list.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\drag_wrapper.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\event_target.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\event_tracker.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\expandable_bubble.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\focus_outline_manager.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\i18n_process.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\i18n_template.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\i18n_template2.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\jquery.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\link_controller.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\loadFile.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\load_time_data.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\local_strings.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\logerror.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\logging.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\md5.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\media_common.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\menu.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\menu_button.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\menu_item.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\most_visited_page.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\nav_dot.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\NewTabBackground.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\newTabBeforeStart.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\newTabLoadTimeData.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\new_tab.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\options.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\other_sessions.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\overlay.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\page_list_view.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\page_switcher.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\parse_html_subset.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\position_util.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\promise.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\quantize.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\recently_closed.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\repeating_button.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\SearchBoxPage.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\search_history.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\splitter.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\suggestions_page.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\tile_page.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\touch_handler.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\trash.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\tree.css.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\tree.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\ui.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\ui_account_tweaks.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\util.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\Search\NewTabPages\js\ZipFile.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\backstage.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\version.txt (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\al.view.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\aboutBox\aboutBox.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\aboutBox\images\logo.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\aboutBox\images\OK-Button-Default.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\aboutBox\images\OK-Button-MouseOver.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\aboutBox\images\OK-Button-OnClick.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\aboutBox\images\truste.gif (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\aboutBox\images\x.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\aboutBox\js\aboutBox.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ac\appManager.controller.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ac\appManager.model.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ac\appManager.view.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ac\css\toolbar.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ac\img\ajax-loader.gif (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ac\img\buttonSprites.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ac\img\chevron_sprites.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ac\img\fallback24.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ac\img\ie8_mouseover_button.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ac\img\ie8_onclick_button.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ac\img\loader-icon.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ac\img\menu_arrow.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ac\img\minibrowser.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ac\img\minibrowser24.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ac\img\mp_sprites.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ac\img\new_chevron_sprites.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ac\img\rounded_corners_left_transparent.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ac\img\rounded_corners_left_white.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ac\img\rounded_corners_left_white_34.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ac\img\rounded_corners_right_transparent.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ac\img\rounded_corners_right_white.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ac\img\rounded_corners_right_white_34.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ac\img\separator.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ac\img\separator_hover.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ac\img\uus.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ac\res\yoxscroll.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\api\toolbarapi.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\api\webAppApi.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\api\webAppApiFront.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\msd\excanvas.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\msd\trusted.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\msd\trusted.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\msd\untrusted.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\msd\untrusted.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\msd\untrusted.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\options\options.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\options\css\jquery.jscrollpane.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\options\css\options.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\options\css\reset.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\options\images\bg-hide-click.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\options\images\bg-hide.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\options\images\checkbox-check-off.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\options\images\checkbox-check-on.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\options\images\ic_Closer.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\options\images\ic_Closer_hover.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\options\images\logo.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\options\images\minibrowser.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\options\images\scroller.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\options\images\sprite-ok-button.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\options\images\truste.gif (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\options\images\x.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\options\js\html5SupportIe.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\options\js\options.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\options\js\resources\html5shiv.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\options\js\resources\jquery.jscrollpane.min.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\options\js\resources\jquery.mousewheel.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\sp\js\searchProtectorManager.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\sp\spbd\bubble.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\sp\spbd\bubble.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\sp\spbd\main.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\sp\spbd\images\information.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\sp\spbd\images\x-default-LTR.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\sp\spbd\images\x-default-RTL.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\sp\spbd\images\x-mouseover-LTR.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\sp\spbd\images\x-mouseover-RTL.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\sp\spsd\main.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\sp\spsd\SearchProtector.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\sp\spsd\settings.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\sp\spsd\images\ok-button.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\sp\spsd\images\separation-line.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\sp\spsd\images\warning.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\menus.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\popups.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\dlg\DialogsAPI.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\dlg\excanvas.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\dlg\generalDialogStyle.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\dlg\PIE.htc (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\dlg\settings.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\dlg\ftd\main.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\dlg\ftd\ToolbarFirstTimeDialog.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\dlg\ftd\ToolbarFirstTimeDialog.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\dlg\ftd\images\app-store-icon.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\dlg\ftd\images\arrow.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\dlg\ftd\images\dialog_tip_left.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\dlg\ftd\images\dialog_tip_right.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\dlg\ftd\images\divider.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\dlg\ftd\images\emailNotifier.gif (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\dlg\ftd\images\facebook.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\dlg\ftd\images\radio.GIF (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\dlg\ftd\images\Thumbs.db (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\dlg\ftd\images\truste_welcome.GIF (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\dlg\ftd\images\weather.GIF (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\dlg\restart\main.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\dlg\restart\restartDialog.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\dlg\restart\restartDialog.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\dlg\restart\images\2.0--spec--kicker.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\dlg\restart\images\content-pattern.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\dlg\restart\images\content-sep.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\dlg\restart\images\OK-Button-Default.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\dlg\restart\images\OK-Button-MouseOver.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\dlg\restart\images\OK-Button-OnClick.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\dlg\restart\images\x.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\gadgetFrame\gf.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\gadgetFrame\lgf.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\gf\gf.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\gf\lgf.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\gf\css\gf.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\gf\css\gf_ie.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\gf\img\ie_back.gif (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\gf\img\loader.gif (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\gf\img\resize.gif (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\gf\img\sprites.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\gf\js\gf.view.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\gf\js\lgf.view.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\menu\popup.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\menu\css\menu.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\menu\img\arrow-down-strong.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\menu\img\arrow-down.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\menu\img\arrow-left-strong.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\menu\img\arrow-left.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\menu\img\arrow-right-strong.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\menu\img\arrow-right.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\menu\img\arrows.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\menu\js\jquery.ellipsis.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\menu\js\jquery.scrollTo-1.4.2-min.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\menu\js\menu.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\menu\js\renderHandler.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\menu\js\scrollers.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\ui\menu\js\showHandler.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\browserAppApi.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\APPLICATION_BUTTON\bgpage.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\APPLICATION_BUTTON\Js\bgpage.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\APPLICATION_BUTTON\resources\defaultEngineImage.gif (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\EMAIL_NOTIFIER\bgPage.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\EMAIL_NOTIFIER\popup.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\EMAIL_NOTIFIER\css\en.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\EMAIL_NOTIFIER\css\en_rtl.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\EMAIL_NOTIFIER\css\jquery.jscrollpane.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\EMAIL_NOTIFIER\js\AccountManager.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\EMAIL_NOTIFIER\js\bgPage.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\EMAIL_NOTIFIER\js\EN.model.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\EMAIL_NOTIFIER\js\IMAPExecuter.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\EMAIL_NOTIFIER\js\Inboxer.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\EMAIL_NOTIFIER\js\Invoker.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\EMAIL_NOTIFIER\js\MailDecoder.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\EMAIL_NOTIFIER\js\MailMerger.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\EMAIL_NOTIFIER\js\POP3Executer.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\EMAIL_NOTIFIER\js\Popup.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\EMAIL_NOTIFIER\js\providerHelper.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\EMAIL_NOTIFIER\js\Providers.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\EMAIL_NOTIFIER\js\SettingsManager.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\EMAIL_NOTIFIER\js\Timer.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\EMAIL_NOTIFIER\js\Translation.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\EMAIL_NOTIFIER\js\Utils.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\HIGHLIGHTER\bgpage.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\HIGHLIGHTER\embedded.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\HIGHLIGHTER\popup.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\HIGHLIGHTER\css\embedded.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\HIGHLIGHTER\css\popup.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\HIGHLIGHTER\css\reset.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\HIGHLIGHTER\js\bgpage.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\HIGHLIGHTER\js\embedded.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\HIGHLIGHTER\js\higlighter_script.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\HIGHLIGHTER\js\popup.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\MULTI_RSS\bgpage.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\MULTI_RSS\popup.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\MULTI_RSS\css\popup.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\MULTI_RSS\img\arrows.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\MULTI_RSS\img\badges.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\MULTI_RSS\img\icons.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\MULTI_RSS\js\bgpage.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\MULTI_RSS\js\popup.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\MULTI_RSS\js\resources\webAppUtils.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\bgpage.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\embedded.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\NotificationPopup.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\Settings.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\css\gadget.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\css\general.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\css\Main.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\css\newMain.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\css\settings.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\css\ui.stepper.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\images\closeIcon.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\images\downArrow.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\images\settingsIcon.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\images\upArrow.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\images\dark\close.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\images\dark\Next.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\images\dark\Next_hover.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\images\dark\powered-by.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\images\dark\Prev.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\images\dark\Prev_hover.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\images\dark\settings.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\images\light\close.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\images\light\Next.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\images\light\Next_hover.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\images\light\powered-by.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\images\light\Prev.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\images\light\Prev_hover.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\images\light\settings.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\js\AppName.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\js\bgpage.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\js\bgpageEarly.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\js\commons.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\js\jquery.ezmark.min.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\js\notification.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\js\NotificationSettings.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\js\notificationUIManger.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\js\Settings.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\js\stepper.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\NOTIFICATION\js\ToolbarAndAppsSettings.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\Optimizer\bgpage.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\Optimizer\js\bgpage.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\PRICE_GONG\bgpage.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\PRICE_GONG\bgpage.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\PRICE_GONG\pg_offers.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\PRICE_GONG\pg_offers.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\PRICE_GONG\agreement\agree.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\PRICE_GONG\agreement\agree.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\PRICE_GONG\agreement\Close.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\PRICE_GONG\agreement\Image.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\PRICE_GONG\agreement\Logo.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\PRICE_GONG\agreement\OK_Btn.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\PRICE_GONG\agreement\Topbg.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\PRICE_GONG\css\gadget.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\PRICE_GONG\css\ie7styles.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\PRICE_GONG\css\iestyle.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\PRICE_GONG\css\custom-theme\jquery-ui-1.8.10.custom.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\PRICE_GONG\images\icon.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\RADIO_PLAYER\bgpage.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\RADIO_PLAYER\embedded.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\RADIO_PLAYER\popup2.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\RADIO_PLAYER\css\gadget.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\RADIO_PLAYER\css\jquery.jscrollpane.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\RADIO_PLAYER\css\reset.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\RADIO_PLAYER\css\stations.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\RADIO_PLAYER\css\custom-theme\jquery-ui-1.8.10.custom.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\RADIO_PLAYER\js\bgpage.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\RADIO_PLAYER\js\bgpageEarly.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\RADIO_PLAYER\js\embedded.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\RADIO_PLAYER\js\embeddedEarly.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\RADIO_PLAYER\js\localization.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\RADIO_PLAYER\js\player.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\RADIO_PLAYER\js\popup.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\RADIO_PLAYER\js\resources\BrowserDetect.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\RADIO_PLAYER\js\resources\jquery-ui-1.8.10.custom.min.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\RADIO_PLAYER\js\resources\jquery.jscrollpane.min.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\RADIO_PLAYER\js\resources\jquery.scrollTo-1.4.2-min.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\RADIO_PLAYER\js\resources\radioCommon.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\RADIO_PLAYER\js\resources\system.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\RADIO_PLAYER\js\resources\utils.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\SEARCH\bgpage.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\SEARCH\embedded.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\SEARCH\information.popup.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\SEARCH\buildSettings\SearchApp_Ant.xml (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\SEARCH\Css\information.popup.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\SEARCH\js\bgpage.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\SEARCH\js\common.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\SEARCH\js\contentManager.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\SEARCH\js\historyProvider.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\SEARCH\js\information.popup.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\SEARCH\js\layoutManager.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\SEARCH\js\searchListener.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\SEARCH\js\selectionListener.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\SEARCH\js\suggestProvider.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\SEARCH\resources\history--x-default.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\SEARCH\resources\history--x-mouseover.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\SEARCH\resources\menu.icon.apps.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\SEARCH\view\script\view.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\SEARCH\view\style\default.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\SEARCH\view\style\rsx\dd-arrow.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\SEARCH\view\style\rsx\ie8.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\TWITTER\bgpage.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\TWITTER\popup.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\TWITTER\popup.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\TWITTER\img\icons.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\TWITTER\img\inbox.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\TWITTER\img\scroll_down.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\TWITTER\img\scroll_up.png (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\TWITTER\js\bgpage.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\TWITTER\js\localization.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\TWITTER\js\popup.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\WEATHER\bgpage.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\WEATHER\popup.html (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\WEATHER\css\gadget.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\WEATHER\css\ie7styles.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\WEATHER\css\iestyle.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\WEATHER\js\bgpage.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\WEATHER\js\common.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\WEATHER\js\date-functions.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\WEATHER\js\gadget.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\WEATHER\js\jquery.autocomplete.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\WEATHER\js\jquery.textshadow.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\WEATHER\js\logic.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\WEATHER\js\main.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\al\wa\WEATHER\js\xPath.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\core\corelibs.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\core\framework.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\core\utils.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\lib\al.view.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\lib\al.viewPerformanceLog.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\lib\background.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\lib\ie_fix.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\lib\jquery.min.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\lib\jquery.mousewheel.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\lib\jquery.text-overflow.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\lib\jquery.tmpl.min.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\lib\jquery.xml2json.custom.min.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\lib\jquery.xml2json.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\lib\json2.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\lib\json2.min.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\lib\script2injectEmbedded.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\lib\script2injectPopup.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\lib\sdk.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\lib\jquery.alerts\jquery.alerts.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\lib\jquery.alerts\jquery.alerts.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\lib\jquery.alerts\images\help.gif (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\lib\jquery.alerts\images\important.gif (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\lib\jquery.alerts\images\info.gif (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\lib\jquery.alerts\images\title.gif (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\lib\jquery.jscrollpane\jquery.jscrollpane.css (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\lib\jquery.jscrollpane\jquery.jscrollpane.min.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.29.0.520_0\tb\sl\serviceLayer.js (PUP.Optional.MixiDJ.A) -> Quarantined and deleted successfully.

(end)

[SleepyDude]

Hi,

 

Malwarebytes found some Adware let's see if there is more to remove and run a virus scan... Please execute all the following tasks from the Administrator account.

 

Step 1 - AdwCleaner Scan

Download AdwCleaner from here to the Desktop

• Close all open windows and browsers
• Right click on the icon and choose Run as Administrator to execute the program
  (When the Tool opens for the first time you have to accept the Terms of use - click J'accepte)
  
• Click the Scan button and wait for the scan to finish, only then the Clean button becomes active
• Click the Clean button and wait, once done it may ask to reboot, allow it.
• On reboot a log will be presented please copy/paste that in your next reply. The report is saved to C:\AdwCleaner\AdwCleaner[S0].txt

Step 2 - Scan with ESET On-line Scanner

Download Eset On-line Scanner, run the tool and follow the prompts to install the program.

• UNCHECK the box's Remove found threats and Scan Archives.
• Click on Advanced Settings, an check the options:
  • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology
• Disable your AntiVirus and AntiSpyware applications to speedup the scan
  (If you have difficulty properly disabling your security programs, refer to this link)
• Click Start and then wait for the scan to finish (it will take some time).
  The virus signature database will begin to download and the Scan will start automatically. Be patient this make take some time depending on the speed of your Internet Connection.
• Once the scan is completed, close the program
• Use Notepad to open the log file located at C:\Program Files (x86)\ESET\ESET Online Scanner\log.txt
• Copy and paste the log contents to your reply
• Enable your AntiVirus and AntiSpyware applications

Things I would like to see in your next reply:

• AdwCleaner log AdwCleaner[S0].txt
• The ESET log

[FireFighter254]

Ok, will do right now. I've Got to get this corrected today. 

NOTE: On my regular user account, Chrome keeps telling me a new extension is being installed called "MixiDJ V8". Not sure why MBAM did not rid it. I doubt that is why my admin rights are gone/blocked but please let's find out.

 

I will be right back with your logs...

[FireFighter254]

Under the "new" Admin account, running ADW, it will not allow me or the ADWsoftware to access the HD C:\, so I can not access a log report. All I can do is show this screenshot what it found. I clicked clean, it rebooted. I ran it again and the same thing shows and I click clean again and it rebotted again. It's not removing whatever that is. Going to do the ESET now. The same thing will happen with ESET if I or the software can't access the C drive from this new admin account. I can try running both under my noral account in safe mode if you want me to.

 

 

 

Edited by FireFighter254, 27 April 2014 - 01:27 PM.

[FireFighter254]

The ESET online scanner won't work. It downloads a file with no extension and asks me to choose a program to open it with

[SleepyDude]

Hi,

 

• Download the attached fixlist and save it to the Desktop
• Execute FRST64 again and click the Fix button
• on completion the tool will start Notepad with a log please post its contents.

 fixlist.TXT   20bytes   175 downloads

[FireFighter254]

Ok, here it is sir:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 27-04-2014
Ran by Administrator at 2014-04-27 16:26:03 Run:1
Running from C:\Users\Administrator\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Listpermissions: c:\
*****************

===================================
Permissions for "c:\":

Owner: 0

DACL(AI):

NGSP-T556\sales_000 ALLOW READ/EXECUTE (NI)

===================================

==== End of Fixlog ====